oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,092 Commits 2 Branches 2 Tags
5b2d65fa2bc4cee683531c4d23c25349f8cc7b19
Commit Graph

15686 Commits

Author SHA1 Message Date
Love Hornquist Astrand
0be50bf118 add krb5_data_ct_cmp 2010-11-06 20:36:08 +01:00
Love Hornquist Astrand
55c4979df2 Now pac from christian passes since we make hmac checksums always use the raw key 2010-11-06 20:23:49 +01:00
Love Hornquist Astrand
d6b93cec1e internal function _krb5_HMAC_MD5_checksum 2010-11-06 20:11:19 +01:00
Love Hornquist Astrand
55ccd5ff9c use _krb5_enomem and indent 2010-11-06 20:10:26 +01:00
Love Hornquist Astrand
a1f749f4af add _krb5_enomem 2010-11-06 20:09:07 +01:00
Love Hornquist Astrand
5ab43b8520 plug memory leak 2010-11-06 20:01:02 +01:00
Andrew Bartlett
a42b77fb22 heimdal Add handling for PAC signatures over all encryption types 
There are exceptions from the expected behaviour of 'checksum type
matches key type' that we must deal with here, or else we can't serve
DES-only servers.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-06 19:56:48 +01:00
Simon Wilkinson
1d9072f026 krb5: reorganise crypto.c 
lib/krb5/crypto.c was a large, monolithic block of code which made
it very difficult to selectively enable and disable particular
alogrithms.

Reorganise crypto.c into individual files for each encryption and
salt time, and place the structures which tie everything together
into their own file (crypto-algs.c)

Add a non-installed library (librfc3961) and test program
(test_rfc3961) which builds a minimal rfc3961 crypto library, and
checks that it is usable.
 2010-11-03 11:12:24 +00:00
Love Hornquist Astrand
6184422fef compare the value of the client realm now that it might not be the same pointer 
fixes the check-delegate test that the new direct hop patch broke
 2010-11-01 13:46:56 -07:00
Love Hornquist Astrand
a16f7ea0ab add missing 
prototype
 2010-10-31 01:09:24 -07:00
Asanka C. Herath
a73d30e619 get_cred_kdc_capath() always try direct cross-realm first 2010-10-31 01:04:27 -07:00
Joerg Pulz
ef90819a9a rename PTHREADS_LIBADD to PTHREAD_LIBADD 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-31 00:29:54 -07:00
Love Hornquist Astrand
aceab099f2 add ntlm_err.h 2010-10-30 22:18:34 -07:00
Love Hornquist Astrand
6f9a423c0a add libheimbase.la 2010-10-30 13:59:19 -07:00
Love Hornquist Astrand
bbe08b7750 use clear_multi, don't call init twice 2010-10-27 22:19:22 -07:00
Love Hornquist Astrand
6d47c862ec really free memory too 2010-10-27 22:13:04 -07:00
Love Hornquist Astrand
b7ac4c9333 really free memory too 2010-10-27 22:12:30 -07:00
Love Hornquist Astrand
acbdbb753e plug memory leaks 2010-10-27 22:03:36 -07:00
Love Hornquist Astrand
2eae1a1d30 spelling 2010-10-27 21:09:41 -07:00
Love Hornquist Astrand
e0a1e0a806 simplify 2010-10-27 20:48:55 -07:00
Love Hornquist Astrand
edc1c3e2a1 add heimbase.h 2010-10-27 20:43:15 -07:00
Love Hornquist Astrand
7259b7deff new way to run plugins that have less overhead (code and performance vice) 2010-10-27 20:42:35 -07:00
Love Hornquist Astrand
ba8fe4b799 load plugin once 2010-10-27 20:42:01 -07:00
Chas Williams (CONTRACTOR)
a3afa695ee hcrypto: struct x64 doesn't need bitfields 
hcrypto: struct x64 doesn't need bitfields

    The bitfield specifications on the struct x64 members do not actually do
    anything to guarantee/force packing or endian of the members.  Removing
    them allows the code to compile on certain compilers that do not support
    bitfields on 64-bit types.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-23 17:24:28 -07:00
Love Hornquist Astrand
2a9d00dd91 add digest and apop support 2010-10-19 18:16:49 -07:00
Love Hornquist Astrand
9f1168b703 add targetinfo and comerr error codes 2010-10-19 18:15:40 -07:00
Jan Rękorajski
99f690fd19 krb5_cc_last_change_time is missing 2010-10-18 16:07:59 -07:00
Joerg Pulz
4154bb82ce Add libintl for i18n support 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-18 08:27:33 -07:00
Love Hornquist Astrand
8e7cf16491 Switch to ULL 2010-10-11 20:15:37 -07:00
Love Hornquist Astrand
f5b16cbddb remove tfm 2010-10-11 20:10:24 -07:00
Simon Wilkinson
4dc6b5f259 hcrypto: Flag 64bit bit constants as long long 
When using 64bit constants for initialisation flag them as LL, so
the compiler doesn't try to cast them down to a long, and throw away
information, on 32 bit platforms.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-11 20:08:25 -07:00
Simon Wilkinson
3d7fc1001a Assign a value for HX509_CMS_EV_ID_NAME 
667ec8eb81 introduced the flag
HX509_CMS_EV_ID_NAME, without defining a value for that flag.
Assign a value using the next available bit.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-11 20:05:26 -07:00
Love Hornquist Astrand
20e4f3b9de more glue 2010-10-11 20:04:11 -07:00
Love Hornquist Astrand
8e24a897d7 make code match comment 2010-10-12 04:27:13 +02:00
Love Hornquist Astrand
667ec8eb81 Use version 0 for issuer name serial number and version 2 for ski 
Pointed by subject Michael Wood <esiotrot@gmail.com> on samba-technical
 2010-10-07 00:22:09 -07:00
Love Hornquist Astrand
3789b1111e stop if there is not enough data 2010-10-07 00:01:06 -07:00
Love Hornquist Astrand
a3746c9f07 handle unix credentials 2010-10-06 23:32:36 -07:00
Love Hornquist Astrand
f225af82c1 if db_create() returns non zero, fail 2010-10-06 21:37:50 -07:00
Love Hornquist Astrand
34e5278ae4 random bits 2010-10-04 00:03:12 -07:00
Love Hornquist Astrand
106689c7a0 add rsakey2048 and rsakey4096 2010-10-03 18:13:58 -07:00
Love Hornquist Astrand
b7b40b1ef9 add more speed (or maybe non speed numbers) 2010-10-03 18:13:16 -07:00
Love Hornquist Astrand
4c1b29346f test rsakey2048 2010-10-03 17:06:48 -07:00
Love Hornquist Astrand
b4181e4560 rsakey2048 2010-10-03 17:04:48 -07:00
Love Hornquist Astrand
48ad3e1e65 add import/export type for private keys 2010-10-03 16:32:01 -07:00
Love Hornquist Astrand
dfc54c6eea now that we use 2k rsa keys, don't make ca keys twise as large 2010-10-03 14:59:43 -07:00
Love Hornquist Astrand
97390e087d default to 2k rsa keys, for performance reasons you might want to generate 1k rsa keys though 2010-10-03 14:58:18 -07:00
Andrew Bartlett
5cc4d5d2bd heimdal Use a seperate krb5_auth_context for the delegated credentials 
This makes it much more clear that the timestamp written here is not
used in mutual authentication.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 20:47:12 -07:00
Andrew Bartlett
0225db7152 Don't redefine socket() if socket_wrapper is already in use 
In Samba, we may have already included socket_wrapper.h at this point

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 20:46:16 -07:00
Love Hornquist Astrand
c6fb9428dd Drop imath for ltm for speed reasons 2010-10-02 12:28:27 -07:00
Love Hornquist Astrand
0a608964a4 only set error code in case of failure, add comment 2010-10-02 12:13:19 -07:00