oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,092 Commits 2 Branches 2 Tags
5b2d65fa2bc4cee683531c4d23c25349f8cc7b19
Commit Graph

15686 Commits

Author SHA1 Message Date
Love Hornquist Astrand
a01520cb50 validate KRB5_PADATA_REQ_ENC_PA_REP 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
adf772865c new use of _krb5_extract_ticket 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
aaf9594429 new use of _krb5_extract_ticket 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
f76cf44d82 add KRB5_ANON_REALM 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
102d4f5762 export KrbFastArmor 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
d9b36b3155 add fast.c 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
7b398263da Partial FAST 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
0ca5e44955 shared key for _krb5_fast_armor_key 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
204166e001 Name the choice enum type. 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
8e65528f84 disable none 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
2e8b550e7b punt if caller passed us a crypto object, we didn't find a keyed checksum type 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
7c55029060 Add fast armor bits 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
16d16588d2 move back init_as_req when building packet 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
7bc5fe72fb more keyusage 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
91fce795af add more key usage for fast 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
a4a42a4bd3 Only ticket checksum in FastFinished 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
c148c2b432 unused key 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
60c713221d match draft-preauth-framework-14 better 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
7d30fc38d7 use METHOD-DATA for type compat in kdc/kerberos5.c 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
22cb2c1a1a export one more 2011-07-24 20:24:34 -07:00
Love Hornquist Astrand
86c4089df1 export more 2011-07-24 20:24:34 -07:00
Love Hornquist Astrand
580ba6aa72 KU bits for fast 2011-07-24 20:24:34 -07:00
Love Hornquist Astrand
a41439d52b spelling 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
1879af9e43 Break out fast state, shuffle around state so that as-req is inited earlier 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
04128ac081 Use reply_key from fast layer. 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
fd7c870550 add reply reply_key 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
a5e342f8ba Add fast_state. 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
74ec640500 Only free ext on replace 2011-07-24 20:23:30 -07:00
Love Hörnquist Åstrand
f1c1e1bc6e remove used variables 2011-07-24 20:05:05 -07:00
Love Hörnquist Åstrand
2ae9bbb915 update (c) 2011-07-24 20:04:02 -07:00
Love Hörnquist Åstrand
1a6195153f start to use KRB5_ENCTYPE_ 2011-07-24 20:02:10 -07:00
Love Hörnquist Åstrand
f9afd37eed use add_HDB_Ext_KeySet and plug memory leak 2011-07-24 18:14:25 -07:00
Love Hörnquist Åstrand
c204f3c5ce drop dependency 2011-07-24 18:08:52 -07:00
Love Hörnquist Åstrand
c26da364e8 drop dependency since we need the autoconf to overwrite this 2011-07-24 18:06:33 -07:00
Love Hörnquist Åstrand
e32186d9de expore more 2011-07-24 16:15:06 -07:00
Love Hörnquist Åstrand
8060a561db switch to KRB5_ENCTYPE 2011-07-24 16:02:22 -07:00
Love Hörnquist Åstrand
8fccb51d49 Merge pull request #12 from nicowilliams/krb5_admin_patches_2nd 
Krb5 admin patches 2nd

This has all the patches needed for krb5_admind to build and pass most tests, that includes:
- more kadm5 API compatibility (including very basic profile functionality)
- multi-kvno support (useful for key rollovers) (a test for this is included in tests/db/check-kdc)

Unfinished:
- password history (currently uses key history, needs to be separated and use digests)
- policies (only default policy allowed)
- mit kdb changes not tested yet


Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 15:41:36 -07:00
Love Hörnquist Åstrand
1124c4872d KVNOs are krb5uint32 in RFC4120, make it so 2011-07-24 14:23:45 -07:00
Love Hörnquist Åstrand
671e231d75 fix warning 2011-07-24 14:09:23 -07:00
Linus Nordberg
2e35198908 Add version-script.map to _DEPENDENCIES. 
Added to 11 out of 14 directories with map files.  Not lib/ntlm,
lib/hcrypto and kdc which have the map file as an explicit dependency
to _OBBJECTS.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 14:07:59 -07:00
Love Hörnquist Åstrand
f60ec15834 partly unify enctype/keytype since there is only enctypes 2011-07-24 14:03:08 -07:00
Love Hörnquist Åstrand
8f2294e1f9 switch order of type and GSSAPI_LIB_VARIABLE 2011-07-24 13:00:36 -07:00
Love Hörnquist Åstrand
052c5767fd fixup type for GSS_C_ATTR_LOCAL_LOGIN_USER 2011-07-24 12:47:55 -07:00
Love Hörnquist Åstrand
d434bda588 make sure keylen is a multiple of 2 2011-07-24 12:34:51 -07:00
Andrew Bartlett
84bc108d8f lib/krb5: Allow any kvno to match when searching the keytab. 
Windows does not use a KVNO when it checks it's passwords, and MIT
doesn't check the KVNO when no acceptor identity is specified (looping
over all keys in the keytab).

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 10:37:40 -07:00
Nicolas Williams
a7717ae4f9 Use heim_assert() instead of assert() 2011-07-24 11:10:37 -05:00
Nicolas Williams
11c54cd6c8 Protect against negative n_ks_tuple values and against randkey returning negative n_keys 2011-07-24 11:08:58 -05:00
Nicolas Williams
95262936c7 s/assert/heim_assert/ and remove dead code 2011-07-24 11:07:27 -05:00
Love Hörnquist Åstrand
4bff0fbb31 check for NULL as argument to krb5_{prepend,set}_error_message functions 2011-07-23 12:06:01 -07:00
Love Hörnquist Åstrand
fb8c65a8c2 better logging 2011-07-23 11:44:42 -07:00