oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
25,119 Commits 2 Branches 2 Tags
687db64c567b4529aa723a8f5f87946f7cde4cd5
Commit Graph

158 Commits

Author SHA1 Message Date
Love Hornquist Astrand
687db64c56 Patch from Secure Endpoints/Asanka Herath for windows support 2009-12-21 08:45:28 +01:00
Love Hornquist Astrand
dab6e078b2 more logging, track kdc offset better 2009-11-22 12:24:58 -08:00
Love Hornquist Astrand
ae56d6eede unused variable 2009-11-17 15:51:41 -08:00
Love Hornquist Astrand
316fc6ff8f Simplify subkey usage for tgs-req, don't rewrite tgs-rep-sub-key keyuage for arcfour, its correct 2009-11-15 21:31:25 -08:00
Love Hornquist Astrand
977acdd84d Always send subkey and assume reply is encrypted using subkey 2009-10-11 09:12:01 -07:00
Love Hornquist Astrand
8e08aa0a15 Use krb5_free_keyblock() 2009-10-11 08:45:51 -07:00
Love Hornquist Astrand
57b40643b9 use server name for referral decision 2009-10-06 07:38:29 -07:00
Love Hornquist Astrand
6d1d17efed don't canonicalize names that are short then 2 name element 
Since KDC will probably guess wrong on them, and doing
afs@CLIENT-REALM have too large change of actually working.
 2009-10-05 22:07:47 -07:00
Love Hornquist Astrand
753e2cc925 Check that enctypes are valid/enabled before trying to request them 2009-10-05 19:17:11 -07:00
Love Hornquist Astrand
dc31556b7d use krb5_generate_subkey_extended 2009-10-04 11:12:43 -07:00
Love Hornquist Astrand
9211c47a30 Deprecate krb5_get_cred_from_kdc{,_opt} since they are replacement functions 2009-07-17 20:38:32 -07:00
Love Hornquist Astrand
80021f5e05 Make get_cred_kdc_any a private function. 2009-07-17 20:36:42 -07:00
Love Hornquist Astrand
de5110c05a (krb5_get_kdc_cred): make sure that out_creds points to NULL on failure 2009-07-16 23:54:54 -07:00
Love Hörnquist Åstrand
942a821fab remove RCSID 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-05-04 06:17:40 +00:00
Love Hörnquist Åstrand
6adab55480 rename S4U2SELF to FOR_USER 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25046 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:04:54 +00:00
Love Hörnquist Åstrand
f1a7da6a55 Patch from Riverbed (Derrick Pallas) under the license of the files they are in: 
memory leak in krb5_get_creds_opt->ticket

	The function krb5_get_creds_opt_set_ticket copies a Ticket
	into a krb5_get_cred_opt structure. However,
	krb5_get_creds_opt_free does not clean up this Ticket, even
	thought he manual pages indicate that it should.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24945 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-25 15:37:42 +00:00
Love Hörnquist Åstrand
7f51de4922 check that length > 0, not that data is a pointer, cid#143 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24107 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:00:49 +00:00
Love Hörnquist Åstrand
60d35f97bc use asn1 decoder function directly 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24060 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 04:50:58 +00:00
Love Hörnquist Åstrand
03babea1e3 switch to krb5_clear_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-14 02:55:39 +00:00
Love Hörnquist Åstrand
44c8e64262 split long lines 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23870 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-28 05:14:55 +00:00
Love Hörnquist Åstrand
11ffd80c63 Strip of ok-as-delegate for the tgt/service if the cross ticket didn't 
have one.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23846 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-20 11:16:33 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
e8a185dbf5 N_()ify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23759 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:17:02 +00:00
Love Hörnquist Åstrand
d542833a1f use krb5_set_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23280 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 03:26:18 +00:00
Love Hörnquist Åstrand
e46ef6c72a Try both kdc server referral and the old client chasing mode. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22770 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:09:29 +00:00
Love Hörnquist Åstrand
2523a24965 Don't do canonicalize by default, make add_cred() sane, make loop 
detection in credential fetching better.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22768 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:09:21 +00:00
Love Hörnquist Åstrand
526b428c75 Make work for constrained delegation and impersonation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22758 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:08:43 +00:00
Love Hörnquist Åstrand
e33ec47aaf Try moving referrals checking into _krb5_extract_ticket(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22743 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:46 +00:00
Love Hörnquist Åstrand
1da2a3782e Add code to check PA_ServerReferralData. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22737 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:22 +00:00
Love Hörnquist Åstrand
d6845ca8a4 kill trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22734 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:09 +00:00
Love Hörnquist Åstrand
a86c4ec9ab Insecure tgs referrals. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22723 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:26 +00:00
Love Hörnquist Åstrand
756ead1cd9 Find_cred to try krb5_cc_retrieve_cred first, remove comment. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22719 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:08 +00:00
Love Hörnquist Åstrand
92e7251a36 Refactor code to flatten the call-tree. 
Make the ticket request in the TGS-REQ inherit the address-ness of the
krbtgt if the address is not specified in the function call.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22717 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:00 +00:00
Love Hörnquist Åstrand
e5baf09800 Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ. This drop 
compatibility with pre 0.3d KDCs.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22714 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:05:49 +00:00
Love Hörnquist Åstrand
829360b3f6 Catch KRB5_GC_CANONICALIZE. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22708 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:05:26 +00:00
Love Hörnquist Åstrand
fd82ee85e7 Remove support for [libdefaults]capath (not [libdefaults] capaths though). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22530 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-27 11:48:16 +00:00
Love Hörnquist Åstrand
b3ce2858da Make krb5_get_renewed_creds work, from Gunther Deschner. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21668 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-22 11:28:05 +00:00
Love Hörnquist Åstrand
55473ae4f7 Add krb5_get_renewed_creds. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21327 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-26 10:54:15 +00:00
Love Hörnquist Åstrand
d5bb7a7c56 (krb5_get_creds): if KRB5_GC_CONSTRAINED_DELEGATION is set, set both 
request_anonymous and constrained_delegation.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21253 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-21 04:24:24 +00:00
Love Hörnquist Åstrand
18278b0bef use krb5_sendto_context to talk to the KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21063 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-12 17:59:36 +00:00
Love Hörnquist Åstrand
9df9f6a9da revert 21003 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21004 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-08 01:53:10 +00:00
Love Hörnquist Åstrand
12df8538af use "roken.h" consitantly 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21003 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-08 01:42:05 +00:00
Love Hörnquist Åstrand
6348a6849a Tell what principal we are not finding for all KRB5_CC_NOTFOUND. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20301 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-11 11:13:31 +00:00
Love Hörnquist Åstrand
dc0a5d69f2 Use EXTRACT_TICKET_* flags. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20226 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-16 03:31:50 +00:00
Love Hörnquist Åstrand
b9624a871d Use KRB5_KU_OTHER_CKSUM for the impersonate checksum. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19081 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-21 05:14:43 +00:00
Love Hörnquist Åstrand
390dc0d2ab Allow setting additional tickets in the tgs-req 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17628 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-06 21:22:54 +00:00
Love Hörnquist Åstrand
f030cab6b9 (krb5_get_creds): add KRB5_GC_NO_TRANSIT_CHECK 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17618 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-06 15:04:13 +00:00
Love Hörnquist Åstrand
eb409f99aa Add impersonate. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17615 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-06 14:57:16 +00:00
Love Hörnquist Åstrand
2b37c08fa7 (get_cred_from_kdc_flags): Use KRB5_ADDRESSLESS_DEFAULT when checking 
[appdefault]no-addresses.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16688 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-03 11:41:02 +00:00