oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,092 Commits 2 Branches 2 Tags
5b2d65fa2bc4cee683531c4d23c25349f8cc7b19
Commit Graph

15686 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
877df213eb make sure we don't use stack content, don't count on that unsigned value can be negative 2011-10-31 22:05:42 -07:00
Love Hörnquist Åstrand
2e2b5daf7a send output to /dev/null 2011-10-31 21:27:51 -07:00
Nicolas Williams
c353962428 Oops, mismerge in principal.c 2011-10-31 00:29:36 -05:00
Nicolas Williams
104bb8ef53 Fix unitialized HDB_extension problem (specifically the mandatory field) 2011-10-31 00:20:05 -05:00
Nicolas Williams
7da9d7d75f Fix memory leak in name canon rule iterator 2011-10-31 00:15:07 -05:00
Love Hornquist Astrand
6436cd99b7 remove lex_classic_input(void) prototype 2011-10-29 19:13:04 -07:00
Love Hornquist Astrand
42e6fb794d avoid const warning 2011-10-29 19:10:20 -07:00
Nicolas Williams
1192120b86 Fix 64-bit warnings in name canon rules code 2011-10-29 16:48:56 -05:00
Love Hörnquist Åstrand
1fe4d77846 remove getprogname.c 2011-10-28 20:36:40 -07:00
Love Hörnquist Åstrand
a57988153e indent 2011-10-28 20:08:08 -07:00
Love Hörnquist Åstrand
f1e7d2ccba allow checksum type NULL since des3-cbc-null uses it (gss-api mech) 2011-10-28 19:54:02 -07:00
Love Hörnquist Åstrand
b4972bd4f0 no longer need getprogname() 2011-10-28 19:31:05 -07:00
Love Hörnquist Åstrand
3570802d59 use getprogname if we have, otherwise punt, remove roken dependency 2011-10-28 19:30:55 -07:00
Love Hörnquist Åstrand
1a1bd736c0 merge support for FAST in as-req codepath 2011-10-28 19:25:48 -07:00
Nicolas Williams
3a393427e9 krb5_principal_compare() can't return errors... 2011-10-27 22:57:02 -05:00
Nicolas Williams
c433fefb23 Fix contributewd by Roland Dowdeswell for 64-bit bug in name canon patches 2011-10-27 17:34:57 -05:00
Nicolas Williams
0b6639dcce Fix makefile bug for name canon testing 2011-10-22 14:55:48 -05:00
Nicolas Williams
ce04492b36 Fix silly bug in krb5_get_credentials_with_flags() 2011-10-22 14:54:27 -05:00
Nicolas Williams
8fde93e3fb Initial name canon rules tests (just kgetcred) 2011-10-22 14:54:26 -05:00
Nicolas Williams
5c54736678 Removed "weak" option and implemented use-referrals/no-referrals 2011-10-22 14:54:26 -05:00
Nicolas Williams
c764ad95e5 Document name canonicalization rules 2011-10-22 14:54:26 -05:00
Nicolas Williams
f4471b11d6 Call krb5_set_error_message() and don't clobber ret in debug code 2011-10-22 14:54:25 -05:00
Nicolas Williams
248e1eb772 Cleanups: s/\<assert\>/heim_assert/ 2011-10-22 14:54:25 -05:00
Nicolas Williams
9f5a43084c Cleanups: s/ENOMEM/krb5_enomem(context)/ 2011-10-22 14:54:25 -05:00
Nicolas Williams
2f03603d6b Cleanups: s/krb5int_/_krb5_/ and moved priv stuff from krb5.h 2011-10-22 14:54:25 -05:00
Nicolas Williams
001fc24102 Removed vestiges of no-reverse-lookup/reverse-lookup option that was never implemented 2011-10-22 14:54:24 -05:00
Nicolas Williams
a5e77c578e Deferred hostname canon using name canon rules 2011-10-22 14:54:13 -05:00
Love Hornquist Astrand
b1012edee3 add 
krb5_auth_con_getsendsubkey
 2011-10-19 21:11:12 +02:00
Love Hornquist Astrand
33f717edb2 Only set msg in case we have one, from Rangar Sundblad 2011-10-19 10:38:59 +02:00
Love Hornquist Astrand
1b88a3b6c7 Only does implicit matching for first component, reported by Harry Coin 2011-10-14 00:33:57 +02:00
Love Hornquist Astrand
8192b9ed35 remove refernces to kerberos 4 and kaserver 2011-10-12 12:40:59 +02:00
Luke Howard
f48061bda7 check localname attr authenticated 2011-10-08 12:23:25 +11:00
Luke Howard
07777511d1 implement gss_localname 2011-10-08 12:15:09 +11:00
Nicolas Williams
1b03abb250 This should be the final fix for enctype 0 issues (tested) 
But how to build an MIT KDB with enctype 0 keys for testing in
    Heimdal?  Hmmm...
 2011-10-06 00:55:54 -05:00
Nicolas Williams
e15cabe10a Fix for enctype 0 / length 0 keys in MIT HDB backend was incomplete 2011-10-05 17:50:26 -05:00
Nicolas Williams
3d6f86af27 Fix segfault in hdb-mitdb when princ have salt 2011-10-02 23:08:37 -05:00
Love Hornquist Astrand
ee7340860a remove classic input 2011-10-02 17:23:26 +02:00
Love Hornquist Astrand
391bce7ca2 lets try classic input() too 2011-10-02 13:46:28 +02:00
Love Hornquist Astrand
923f3a434f free krb5_storage when dne 2011-09-30 12:44:34 +02:00
Love Hornquist Astrand
a1738def66 solaris want's _XOPEN_SOURCE set to 600, From Ragnar Sundblad 2011-09-29 13:57:24 +02:00
Jeffrey Altman
cbf126bede Permit NULL context to krb5_get_error_message() 
Application developers have a tendency to use krb5_get_error_message()
as a drop in replacement for error_message() and under various
circumstances they pass in a NULL context.  This method works fine
for MIT's implementation which ignores the context but in Heimdal
passing in a NULL context would dump core.

This patch set modifies krb5_get_error_message() in order to
permit the passing of a NULL context.  First, if the context
is NULL, an attempt will be made to allocate one locally for
the purpose of evaluating the error code.  Second, if a local
context cannot be allocated, fall back on calling error_message().
If error_message() fails to return a string, then generate an
"unknown error" response.

Only if all of the above fails is NULL returned.

Change-Id: If4baf7d6c428cf0baf11c044b8dfd5c2b3cdf7e4
 2011-09-27 14:26:26 -04:00
Love Hornquist Astrand
308be3a9e2 Don't export tests from library, reported in bug from Tom Payeire 2011-09-26 17:53:13 +02:00
Love Hornquist Astrand
777b24fbb5 add krb5_is_enctype_weak 2011-09-26 08:47:37 +02:00
Jeffrey Altman
9a127beb26 Windows: set default ccache to registry 
Add _krb5_set_default_cc_name_to_registry() function and
call use it on Windows to set the user's default credential cache.

Change-Id: Ib59ff218a098a841bc61846abf873736380b5c6c
 2011-09-26 02:00:13 -04:00
Jeffrey Altman
132693df5a Add _krb5_store_string_to_reg_value() for Windows 
The new _krb5_store_string_to_reg_value() function permits
the caller to create REG_SZ, REG_EXPAND_SZ, REG_DWORD, and
REG_MULTI_SZ entries in the registry.

Change-Id: Ib5740ad07209618d8ea4c0bf3c75615f27e98b4e
 2011-09-26 01:58:29 -04:00
Jeffrey Altman
3854e64a4a include weak etypes in default etype list if allow_weak_crypto 
commit 0ed83cebd3 removed the
weak enctypes from the default enctype list.  This is a change
in behavior from 1.5.x which permitted the use of weak enctypes
if "allow_weak_crypto" is set to true.  This patchset creates
two default enctype lists.  One with weak enctypes and the other
without.  The weak version is used if "allow_weak_crypto" is set
to true.

Change-Id: Ide5cce0645836249031350bfaf619d970635e579
 2011-09-26 01:44:16 -04:00
Love Hornquist Astrand
d3f85af92c move deprecated function to deprecated.c 2011-09-25 19:03:11 +02:00
Love Hornquist Astrand
0793246e99 use heim_error_t 2011-09-25 19:00:01 +02:00
Love Hornquist Astrand
7e36705ee3 use heim_error_t 2011-09-25 18:59:42 +02:00
Love Hornquist Astrand
9f46874cfb add heimbase.la 2011-09-25 18:59:10 +02:00