oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
20,776 Commits 4 Branches 2 Tags
5eebc0ef67e7652bcf5de2f6aaec89ec186255ef
Commit Graph

247 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand 8d40c2994b check return value of alloc functions, from Charles Longeau 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21745 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-31 16:11:25 +00:00
Love Hörnquist Åstrand 525a60ea59 Java 1.6 expects the name to be the same type, lets allow that 
uncomplicated name-types.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21529 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-13 12:37:14 +00:00
Love Hörnquist Åstrand 45637f2bcc Don't send newer enctypes in ETYPE-INFO. 
(get_pa_etype_info2): return the enctypes as sorted in the database


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21496 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-11 09:20:21 +00:00
Love Hörnquist Åstrand 59f03abf38 Improve the default salt detection to avoid returning v4 password 
salting to java that doesn't look at the returning padata for salting.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21411 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-04 20:13:29 +00:00
Love Hörnquist Åstrand 6b687aaa00 Constify. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21040 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-10 06:20:59 +00:00
Love Hörnquist Åstrand 1c488f05de If _kdc_pk_check_client failes, bail out directly and hand the error back to the client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20742 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 17:15:15 +00:00
Love Hörnquist Åstrand 4d85d882e1 Also add a KRB5_PADATA_PK_AS_REQ_WIN for windows pk-init (-9) to make MIT clients happy. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20734 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 16:00:37 +00:00
Love Hörnquist Åstrand 26c0e3189d catch failures from _krb5_principalname2krb5_principal 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20697 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-30 14:32:26 +00:00
Love Hörnquist Åstrand 9fe7e832c7 Return the same error codes as a windows KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20279 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 02:05:53 +00:00
Love Hörnquist Åstrand 81a108b1d0 Make handling of replying e_data more generic, from metze. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20277 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 02:01:12 +00:00
Love Hörnquist Åstrand 21ddb4aee9 Fix (string const and shadow) warnings, from metze. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20276 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 01:50:37 +00:00
Love Hörnquist Åstrand 937df31de8 Select a session enctype from the list of the crypto systems supported 
enctype, is supported by the client and is one of the enctype of the
enctype of the krbtgt.

The later is used as a hint what enctype all KDC are supporting to
make sure a newer version of KDC wont generate a session enctype that
and older version of a KDC in the same realm can't decrypt.

But if the KDC admin is paranoid and doesn't want to have "no the
best" enctypes on the krbtgt, lets save the best pick from the client
list and hope that that will work for any other KDCs.

Reported by metze.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20271 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 01:21:46 +00:00
Love Hörnquist Åstrand b0e9eb4583 switch some "return ret" to "goto out". 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20243 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-17 00:06:03 +00:00
Love Hörnquist Åstrand 6e6d429311 Pass down canonicalize request to hdb layer, sign client referrals. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20242 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-17 00:04:54 +00:00
Love Hörnquist Åstrand 99d0e79fb4 (_kdc_find_padata): if there is not padata, there is nothing find. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19906 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-14 22:39:41 +00:00
Love Hörnquist Åstrand d7bdb6f04c Use other keys to sign with. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19805 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 18:16:42 +00:00
Love Hörnquist Åstrand e8638c2c7a Check for KRB5_PADATA_PA_PAC_REQUEST to check if we should include the 
PAC in the krbtgt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19689 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 13:27:27 +00:00
Love Hörnquist Åstrand 80ada635f1 (_kdc_as_rep): check if krb5_generate_random_keyblock failes. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19686 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 12:54:09 +00:00
Love Hörnquist Åstrand 6d5bd7a704 (_kdc_as_rep): call windc client access hook. 
(_kdc_tkt_add_if_relevant_ad): constify in data argument.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19677 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:14:47 +00:00
Love Hörnquist Åstrand 9f55326054 Call callbacks for emulating a Windows Domain Controller. 
Move the some of the log related stuff to its own function.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19629 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-03 15:37:12 +00:00
Love Hörnquist Åstrand e1bac0567e (_kdc_as_rep): add AD-INITAL-VERIFIED-CAS to the encrypted ticket 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19262 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 21:24:10 +00:00
Love Hörnquist Åstrand eb2670591c (_kdc_tkt_add_if_relevant_ad): new function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19259 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 21:15:20 +00:00
Love Hörnquist Åstrand 21ef9de7e6 (_kdc_as_rep): drop client_princ from _kdc_pk_check_client since its 
not valid in canonicalize case


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18983 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-10 03:36:32 +00:00
Love Hörnquist Åstrand 6cf72f998b (_kdc_as_rep): More verbose time skew logging. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18908 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-04 17:05:28 +00:00
Love Hörnquist Åstrand cf5ac5cacc Prefix asn1 primitives with der_. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18488 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-17 02:16:29 +00:00
Love Hörnquist Åstrand 35cbc4ce07 Reply KRB5KRB_ERR_RESPONSE_TOO_BIG error if its a datagram reply and 
the datagram reply length limit is reached.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18385 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-09 15:38:59 +00:00
Love Hörnquist Åstrand ddf7f8db2a Adapt to signature change of _krb5_principalname2krb5_principal. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18273 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-07 07:03:13 +00:00
Love Hörnquist Åstrand ce1b1b08af Signing outgoing tickets. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18075 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-11 13:39:48 +00:00
Love Hörnquist Åstrand 687cb26c9e Remove _kdc_find_etype(), its no longer used. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17934 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 11:52:29 +00:00
Love Hörnquist Åstrand c97d034ed3 Handle session key etype separately from the tgt etype, now the krbtgt 
can be a aes-only key without the need to support not-as-good etypes
for the krbtgt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17905 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 08:33:09 +00:00
Love Hörnquist Åstrand 599d3cf216 Change _kdc_db_fetch() to return the database pointer too if needed by 
the consumer.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17904 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-23 11:45:16 +00:00
Love Hörnquist Åstrand 0f10ba4f2b (_kdc_as_rep): if kdc_time + config->kdc_warn_pwexpire is past pw_end, 
add expiration message. From Bernard Antoine.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17643 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-12 21:42:01 +00:00
Love Hörnquist Åstrand 12b46a7841 indent. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17641 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-12 21:31:23 +00:00
Love Hörnquist Åstrand 372b23bf06 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17634 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-07 06:03:34 +00:00
Love Hörnquist Åstrand 379d35fc8f split out krb5 tgs req to make it easier to reorganize the code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17598 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 11:15:20 +00:00
Love Hörnquist Åstrand 1d2a17eca0 (tgs_rep2): check for memory alloc failure 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17597 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 10:55:28 +00:00
Love Hörnquist Åstrand 76ee5cb311 (tgs_rep2): check that the client exists in the kerberos database if 
its local request.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 12:01:09 +00:00
Love Hörnquist Åstrand 5c9982831b pass down HDB_F_GET_ flags as appropriate 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:33:21 +00:00
Love Hörnquist Åstrand f591c22c1f Now that find_keys speaks for it self, remove extra logging. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 15:27:25 +00:00
Love Hörnquist Åstrand f9d85a2590 (find_keys): add client_name and server_name argument and use them, 
and adapt callers.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17264 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 15:22:57 +00:00
Love Hörnquist Åstrand 2edcff9efa Catch the case where the client sends no encryption types or no pa-types. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17232 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-25 12:23:04 +00:00
Love Hörnquist Åstrand b6fdc26556 (check_addresses): treat netbios as no addresses 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16949 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-02 01:54:38 +00:00
Love Hörnquist Åstrand b3f8381a4d (_kdc_check_flags): make it take hdb_entry_ex to avoid ?:'s at callers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16947 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-02 01:52:32 +00:00
Love Hörnquist Åstrand 905242765a (log_patype): Add case for KRB5_PADATA_PA_PK_OCSP_RESPONSE. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16844 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 22:54:50 +00:00
Love Hörnquist Åstrand 137d218e79 (log_patypes): log the patypes requested by the client 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16804 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-24 22:50:02 +00:00
Love Hörnquist Åstrand 5a7da8cf52 (tgs_make_reply): less const on hdb_entry_ex to make samba happy 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-15 20:26:31 +00:00
Love Hörnquist Åstrand 40386c602d (tgs_rep2): also print the principal for which the enctype was missing 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16407 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-14 12:17:58 +00:00
Love Hörnquist Åstrand 83c3fb4698 Finish up transition from hdb_entry with hdb_entry_ex. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16401 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-13 19:10:44 +00:00
Love Hörnquist Åstrand 294b954cdd (tgs_make_reply): there are no such things a keytypes any more, just 
use enctypes.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16374 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-12 12:25:33 +00:00
Love Hörnquist Åstrand 1e5120ac02 (_kdc_as_rep): add comment when we send ETYPE-INFO and ETYPE-INFO2, 
from Andrew Bartlett


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16298 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-28 20:33:57 +00:00