oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
15,586 Commits 2 Branches 2 Tags
63506f62b3bfeccd8832cd29390cd051306517f5
Commit Graph

55 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
e4f39fc8ae Use gss_krb5_import_cred 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16294 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-25 15:57:35 +00:00
Love Hörnquist Åstrand
2a0d1e1d88 (gsskrb5_accept_delegated_token): rewrite to use gss_krb5_import_ccache 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16280 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-02 08:55:19 +00:00
Love Hörnquist Åstrand
9ae8bc983a Prefix Der_class with ASN1_C_ to avoid problems with system 
headerfiles that pollute the name space.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15264 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-29 15:13:10 +00:00
Love Hörnquist Åstrand
d0443e2058 prefix all sequence symbols with _, they are not part of the GSS-API api. By comment from Wynn Wilkes <wynnw@vintela.com> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14989 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-27 17:51:27 +00:00
Love Hörnquist Åstrand
e743a6ca8a break out the processing of the delegated credential to a separate 
function to make error handling easier, move the credential handling
to after other setup is done


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14764 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-10 15:01:21 +00:00
Luke Howard
cdddef90f9 allow client to indicate that subkey should be used 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14445 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-05 02:32:05 +00:00
Love Hörnquist Åstrand
7055cb55cc (send_accept): use _gss_spnego_require_mechlist_mic to figure out if 
we need to send MechList


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13693 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-07 14:22:44 +00:00
Love Hörnquist Åstrand
503d84b4f9 (gsskrb5_register_acceptor_identity): allow reseting to default keytab 
by passing in NULL as identity.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13689 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 20:17:26 +00:00
Love Hörnquist Åstrand
384bd1719c (gsskrb5_is_cfx): krb5_keyblock->keytype is an enctype, not keytype 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13687 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 19:22:01 +00:00
Love Hörnquist Åstrand
2cd2a26a21 remove unused variable 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13686 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 14:53:53 +00:00
Love Hörnquist Åstrand
3e8096a511 use ASN1_MALLOC_ENCODE 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13685 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 13:57:33 +00:00
Love Hörnquist Åstrand
fb53d3762e handle acceptor asserted subkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13519 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-14 16:31:02 +00:00
Love Hörnquist Åstrand
912dfa6eee (spnego_accept_sec_context): make sure the length of the choice 
element doesn't overrun us


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13445 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-07 14:26:20 +00:00
Love Hörnquist Åstrand
b10b3f845a use krb5_auth_con_addflags 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13190 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-12-07 17:14:09 +00:00
Love Hörnquist Åstrand
3882d8ca5f Don't require timestamp to be set on delegated token, its already 
protected by the outer token (and windows doesn't alway send it)
Pointed out by Zi-Bin Yang <zbyang@decru.com> on heimdal-discuss


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13128 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-11-22 22:42:16 +00:00
Love Hörnquist Åstrand
63904d7af3 (gsskrb5_accept_sec_context): set sequence number when not requesting 
mutual auth
From: Luke Howard <lukeh@PADL.COM>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12839 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-17 04:20:33 +00:00
Love Hörnquist Åstrand
1448ad988f SPNEGO doesn't include gss wrapping on SubsequentContextToken like the 
Kerberos 5 mech does.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12802 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-09 10:54:09 +00:00
Love Hörnquist Åstrand
aa2eabd394 Add support for SPNEGO on the initator side. Implementation initially 
from Assar Westerlund, passes though quite a lot of hands before I
commited it.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12794 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-09 03:28:54 +00:00
Love Hörnquist Åstrand
c8cf8c9880 encap/decap now takes a oid 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12639 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-08-25 20:02:49 +00:00
Love Hörnquist Åstrand
090bb1f54b don't clear output_token twice 
remember to free data
use sequence number verifier


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12364 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-06-17 03:57:49 +00:00
Love Hörnquist Åstrand
63b7fe118d (gss_accept_sec_context): make sure time is returned in seconds from 
now, not in kerberos time


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12347 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-06-03 15:25:41 +00:00
Love Hörnquist Åstrand
42f3fc029a - do some basic locking (no reference counting so contexts can be 
removed while still used)
- don't export gss_ctx_id_t_desc_struct and gss_cred_id_t_desc_struct
- make sure all lifetime are returned in seconds left until expired,
  not in unix epoch


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-05-21 14:52:14 +00:00
Love Hörnquist Åstrand
ad83859f1a (gss_accept_sec_context): take care to set export value to something 
sane before we start so caller will have harmless values in them if we
failed, set lifetime from ticket expiration date


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11739 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-03-16 17:41:12 +00:00
Love Hörnquist Åstrand
f9ab95a942 (gss_accept_sec_context): check if we need compat for older get_mic/verify_mic 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11617 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-01-27 14:03:29 +00:00
Johan Danielsson
14d8cdb894 check return value from gssapi_krb5_init 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11534 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-10-31 16:06:35 +00:00
Assar Westerlund
28d9223040 (gssapi_krb5_verify_8003_checksum, gssapi_krb5_create_8003_checksum): make more consistent by always returning an gssapi error and setting minor status. update callers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10588 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-29 02:21:09 +00:00
Jacques A. Vidrine
c14ed9002f = Create a cache for delegated credentials when needed. 
= Return GSS_S_BAD_BINDINGS when appropriate, and otherwise
  tweak the return value handling in gss_accept_sec_context
  to be sure they are set to something reasonable.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10582 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-28 18:59:37 +00:00
Assar Westerlund
e129105771 handle minor_status more consistently 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10533 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-23 04:35:55 +00:00
Johan Danielsson
e8914c9b44 (gsskrb5_register_acceptor_identity): init context and check return 
value from kt_resolve


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10484 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-13 13:15:45 +00:00
Assar Westerlund
d4e769fa5c make gsskrb5_register_acceptor_identity set the keytab to be used for gss_acquire_cred too 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-07-06 15:33:28 +00:00
Assar Westerlund
1b6b543306 update krb5_auth_con function names 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10096 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-06-18 02:49:53 +00:00
Assar Westerlund
e55eee640b try to return the error string from krb5 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9902 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-11 09:16:47 +00:00
Assar Westerlund
e5d727b2c8 (gss_accept_sec_context): add missing variable 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9700 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-02-19 15:32:58 +00:00
Assar Westerlund
00308e6e74 (gss_accept_sec_context): either return gss_name NULL-ed or set 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9698 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-02-18 20:41:25 +00:00
Assar Westerlund
b8617bbee7 (gss_accept_sec_context): use krb5_rd_cred2 instead of krb5_rd_cred 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9466 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-09 18:47:11 +00:00
Johan Danielsson
835f8fc8e0 de-pointerise auth_context parameter to krb5_mk_rep 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-12-06 21:03:34 +00:00
Assar Westerlund
669029d224 (gss_accept_sec_context): gssapi_krb5_encapsulate does not 
free. adapt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8999 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-27 03:49:32 +00:00
Assar Westerlund
7d7194da08 code for token delegation. From Daniel Kouril <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8429 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-06-21 02:32:38 +00:00
Assar Westerlund
6d5973540d (gss_accept_sec_context): set target in context_handle 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7920 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-02-12 21:24:08 +00:00
Assar Westerlund
aada44e81c (gss_accept_sec_context): set trans flag 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-02-11 20:53:43 +00:00
Assar Westerlund
35140a374c (gss_accept_sec_context): always set `output_token' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7678 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-26 18:32:08 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Assar Westerlund
d8c6bb880a (gss_accept_sec_context): stove away `krb5_ticket' in context so that 
ugly programs such as gss_nt_server can get at it.  uck.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7001 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-09-21 05:09:02 +00:00
Johan Danielsson
bd5dc24fc6 set minor_status 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6992 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-09-20 14:08:22 +00:00
Johan Danielsson
e972b391e1 Use `gssapi_krb5_verify_8003_checksum'. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4653 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-03-23 22:45:05 +00:00
Johan Danielsson
27820be63e Use krb5_kt_close/krb5_kt_resolve. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4552 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-03-06 01:28:01 +00:00
Assar Westerlund
77026ca770 Added `gsskrb5_register_acceptor_identity' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3052 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-18 13:14:08 +00:00
Assar Westerlund
1ff1285235 (gss_accept_sec_context): don't always pass server == NULL to 
krb5_rd_req.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3045 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-17 16:38:07 +00:00
Johan Danielsson
5a32a5c8e7 Add copyright notice. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 21:40:05 +00:00
Assar Westerlund
ec3107fb75 updated krb5_ticket 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2296 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-14 12:29:49 +00:00