oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,040 Commits 2 Branches 2 Tags
64d5d138a925b6e852c5dd231ff49033555e5ea2
Commit Graph

64 Commits

Author SHA1 Message Date
Luke Howard
64d5d138a9 gss: mechanism optional interfaces 
Make mechanism interfaces that are optional in usage, optional in
implementation, i.e. do not require them to be present when dynamically loading
a mechanism. In order to aid minimal mechanism implementation, more of these
should likely be made optional (this will require an additional check in the
mechglue to return GSS_S_UNAVAILABLE if the function pointer is NULL). This is
left as a future exercise.
 2020-02-04 17:28:35 +11:00
Luke Howard
735039dbdc gssapi: implement gss_set_neg_mechs() (#495) 
Implementation of gss_set_neg_mechs() and gss_get_neg_mechs() as defined in RFC
4178. New gss_release_cred_by_mech() API for dropping a credential from a
mechanism glue credential.
 2019-01-04 15:50:11 +11:00
Luke Howard
befe1b8f90 always load plugins with RTLD_LOCAL/RTLD_GROUP if available 2019-01-03 20:06:27 -06:00
Luke Howard
e0bb9c10ca gssapi: credential store extensions (#451) 
Implement the GSS-API credential store API extensions defined by MIT here:

https://k5wiki.kerberos.org/wiki/Projects/Credential_Store_extensions

Note: we kill off gss_acquire_cred_ext() here. This was never a public API,
although mechanisms could have implemented it and I briefly used it in my
BrowserID prototype mechanism. gss_acquire_cred_ext_from() occupies the place
in the dispatch table where gss_acquire_cred_ext() used to, but this structure
was never visible outside Heimdal (i.e. it is only used by internal
mechanisms);

(Mechanisms that need to accept arbitrary key/value dictionaries from
applications should now implement gss_acquire_cred_from().)
 2019-01-03 14:38:39 -06:00
Luke Howard
728650f3dd gssapi: canonicalize mech OID in gss_accept_sec_context() 2019-01-03 17:54:32 +11:00
Luke Howard
29fe69f95f gssapi: fix dlsym() return value casting 
Fix warnings on Windows (and possibly other platforms) but appropriately
casting the return value of dlsym().
 2019-01-03 17:53:15 +11:00
Luke Howard
7e0ff63b38 gssapi: add OPTSYM for gss_duplicate_cred() (#487) 
Allow API-as-SPI mechanisms to provide gss_duplicate_cred(), introduced
in e6d1c108.
 2018-12-29 20:22:12 +11:00
Luke Howard
3c92747f2a gss: fix leak in add_builtin() if interning OID fails 
4a93c477 (#447) introduced a leak in add_builtin().  Reported by
jaltman@auristor.com.
 2018-12-23 15:34:27 +11:00
Luke Howard
4a93c4774a gss: intern OIDs (#447) 
Intern OIDs so that gss_release_oid() can be a NOOP.
 2018-12-18 23:28:38 -06:00
Gary Lockyer
1c8cae58cc heimdal: Use #ifdef HAVE_DLOPEN around functions and variables used by HAVE_DLOPEN 
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
 2018-09-10 14:40:51 -04:00
Luke Howard
788d39b3ce set m->gm_mech.gm_name 2014-01-04 16:31:01 +11:00
Luke Howard
4ff005a6a4 gm_mech_oid must be set 
mechanism credentials created by dynamically loaded mechanisms do not work
because the gm_mech_oid field is unset for such mechanisms (instead, only
gm_mech.gm_mech_oid is).
 2014-01-04 15:58:10 +11:00
Luke Howard
07777511d1 implement gss_localname 2011-10-08 12:15:09 +11:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Luke Howard
79ff133ae9 make gss_acquire_cred_ext private 2011-05-20 14:31:08 +02:00
Luke Howard
cbebf13216 acquire_cred_with_password is a SPI symbol 2011-05-14 17:09:20 +02:00
Luke Howard
48719d5651 shim acquire_cred_with_password SPI into acquire_cred_ext 2011-05-14 17:00:55 +02:00
Luke Howard
dfba868910 Merge branch 'master' into lukeh/acquire-cred-ex-moonshot-integ 
Conflicts:
	lib/gssapi/Makefile.am
	lib/gssapi/mech/gss_acquire_cred_with_password.c
	lib/gssapi/test_context.c
	lib/gssapi/version-script.map
 2011-05-14 16:48:49 +02:00
Luke Howard
3069d80734 Merge branch 'master' into lukeh/acquire-cred-ex 2011-05-14 14:56:16 +02:00
Luke Howard
d1b553aae2 add some loopback detection in GSS dynamic loading 2011-05-13 02:27:01 +02:00
Luke Howard
6971125a79 add some loopback detection in GSS dynamic loading 2011-05-13 02:26:41 +02:00
Luke Howard
5dc4aeee49 Merge branch 'master' into lukeh/moonshot 
Conflicts:
	lib/gssapi/mech/gss_mech_switch.c
 2011-05-13 00:19:01 +02:00
Luke Howard
b323601091 mechglue fixes 
- support gssspi_set_cred_option
- pick up OID sets of names for dynamic mechs
 2011-05-13 00:16:56 +02:00
Luke Howard
02cf28e20b implement gss_acquire_cred_ex with password support 
add missing SPIs to gss_mech_switch

s/acquire_cred_ex/acquire_cred_ext/g
 2011-04-16 11:06:24 +02:00
Luke Howard
6c6e483e00 gss_authorize_localname implementation 2011-04-08 10:58:57 +10:00
Luke Howard
d116a78297 add missing exports 2011-03-21 23:53:17 +11:00
Luke Howard
e78371829c implement gss_userok/gss_pname_to_uid 2011-03-20 20:34:59 +11:00
Luke Howard
9455577b65 Merge branch 'master' of github.com:heimdal/heimdal 
Conflicts:
	lib/gssapi/gssapi/gssapi.h
	lib/gssapi/gssapi_mech.h
	lib/gssapi/mech/gss_mech_switch.c
 2011-03-20 19:08:10 +11:00
Love Hornquist Astrand
4248882381 drop gss_name_any since it removed from the draft 2011-03-12 12:49:42 -08:00
Love Hornquist Astrand
fbf5cff0ac Patch from Luke Howard to allow dynamic gss_mo 2011-03-12 12:45:53 -08:00
Luke Howard
2b2ab30f53 Add naming extension SPIs 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-03-12 12:35:43 -08:00
Luke Howard
4304e719a6 Add SPI for dynamically loading mechanism object information 2011-01-09 22:16:18 +11:00
Luke Howard
45cd381f53 Cleanup API-as-SPI compatibility layer 2011-01-09 22:05:27 +11:00
Luke Howard
0b4f6bbfc2 Use RTLD_GROUP 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-03 13:21:47 +01:00
Luke Howard
5b47a8816d MIT SASL/attribute introspection SPI compat 2011-01-03 22:51:51 +11:00
Luke Howard
cace66a435 Add naming extension SPIs 2011-01-03 14:45:07 +11:00
Luke Howard
77121ec58c Use RTLD_GROUP 2011-01-03 14:05:47 +11:00
Luke Howard
098148ac20 MIT SPI compat 2011-01-02 20:30:57 +11:00
Love Hornquist Astrand
7c7dd8e1af prefix SLIST with HEIM 2010-12-12 11:45:35 -08:00
Love Hornquist Astrand
ab9267c04e constify 2010-11-25 19:20:26 -08:00
Love Hornquist Astrand
eadb8838cb use calloc(), indent more prettier 2009-12-14 21:40:16 -08:00
Love Hornquist Astrand
a740ee89bc Check for duplicates, already loaded mechs 2009-12-14 17:16:59 -08:00
Love Hornquist Astrand
d890db78a8 Drop RCSID 2009-09-10 09:06:18 -07:00
Love Hornquist Astrand
c81b66aa0c init gm_flags for dynamic modules 2009-08-29 08:53:16 -07:00
Love Hörnquist Åstrand
ea4bb739c5 include ntlm module 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24483 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 20:50:05 +00:00
Love Hörnquist Åstrand
7f6d448621 implement the new gss_*_iov interfaces 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24055 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 04:49:37 +00:00
Love Hörnquist Åstrand
dc5e4b8033 try handle gss_import_name() better, its not really perfect, its breaks spengo inquire_names_for_mech, but that less common.... 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-11-12 04:18:15 +00:00
Love Hörnquist Åstrand
a002d9be31 heimdal smaller includes no ntlm, again 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23972 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-26 18:23:34 +00:00
Love Hörnquist Åstrand
6571f41a67 heimdal smaller includes no ntlm 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23971 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-26 18:23:22 +00:00
Love Hörnquist Åstrand
8efac579af Specify lazy loading. From Milosz Kmieciak. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23516 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 10:01:32 +00:00