Commit Graph

114 Commits

Author SHA1 Message Date
Luke Howard
6af3ea9099 gss: merge enhanced Apple mechglue logging
Add _gss_mg_log() and friends for logging from within the mechanism glue and
SPNEGO. These APIs wrap around the libkrb5 logging APIs.
2020-02-04 17:28:35 +11:00
Luke Howard
83d2951c0d gssapi: SPNEGO does not reset NTLM RC4 state (#509) 2019-01-06 20:50:24 -06:00
Luke Howard
735039dbdc gssapi: implement gss_set_neg_mechs() (#495)
Implementation of gss_set_neg_mechs() and gss_get_neg_mechs() as defined in RFC
4178. New gss_release_cred_by_mech() API for dropping a credential from a
mechanism glue credential.
2019-01-04 15:50:11 +11:00
Luke Howard
e0bb9c10ca gssapi: credential store extensions (#451)
Implement the GSS-API credential store API extensions defined by MIT here:

https://k5wiki.kerberos.org/wiki/Projects/Credential_Store_extensions

Note: we kill off gss_acquire_cred_ext() here. This was never a public API,
although mechanisms could have implemented it and I briefly used it in my
BrowserID prototype mechanism. gss_acquire_cred_ext_from() occupies the place
in the dispatch table where gss_acquire_cred_ext() used to, but this structure
was never visible outside Heimdal (i.e. it is only used by internal
mechanisms);

(Mechanisms that need to accept arbitrary key/value dictionaries from
applications should now implement gss_acquire_cred_from().)
2019-01-03 14:38:39 -06:00
Nicolas Williams
e6d1c10808 Rewrite gss_add_cred() (fix #413)
It turns out gss_add_cred() really needed a complete rewrite.  It's much
better to first have a gss_duplicate_cred() (which has been needed for
other reasons anyways), and use that when the input_cred_handle is not
GSS_C_NO_CREDENTIAL and output_cred_handle is not NULL, then mutate that
duplicate credential handle (or the input_cred_handle if
output_cred_handle is NULL).
2018-12-28 19:26:25 -06:00
Chris Lamb
946caad7d0 Correct "extention" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit afa9bb4ac55d616fe7816e3830bab5e3a51aed7a)
2018-09-10 14:42:18 -04:00
Luke Howard
33ce593b6d gss_wrap/gss_unwrap_aead implementation
Signed-off-by: Nicolas Williams <nico@twosigma.com>
2016-02-05 18:01:15 -06:00
Nicolas Williams
774f166e31 First attempt s/\<const gss_.*_t/gss_const_.*_t/g 2013-06-02 15:30:58 -05:00
Russ Allbery
39460d0045 Remove duplicate __gss_krb5_mechanism_oid_desc definition
__gss_krb5_mechanism_oid_desc is now defined in gssapi/gssapi_oid.h,
so remove the definition in gssapi/gssapi_krb5.h in favor of including
that header.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
2012-04-05 22:55:01 -07:00
Luke Howard
07777511d1 implement gss_localname 2011-10-08 12:15:09 +11:00
Love Hörnquist Åstrand
052c5767fd fixup type for GSS_C_ATTR_LOCAL_LOGIN_USER 2011-07-24 12:47:55 -07:00
Love Hornquist Astrand
ed91d4c9e3 Mac compat 2011-07-22 11:50:30 -07:00
Jeffrey Altman
27cc30d38e GSS_C_ATTR_LOCAL_LOGIN_USER
Be consistent with other GSSAPI global variables.  GSS_C_ATTR_LOCAL_LOGIN_USER
becomes a macro in gssapi.h that refers to an exported variable
__gss_c_attr_local_login_user

Change-Id: I2661d74cd0f760780f75b35f92d6b4f9112080dc
2011-07-21 11:46:15 -04:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Luke Howard
79ff133ae9 make gss_acquire_cred_ext private 2011-05-20 14:31:08 +02:00
Love Hornquist Astrand
305596d9ad Rename subsystem_DEPRECATED to subsystem_DEPRECATED_FUNCTION(X)
Start to explain what the replacement function is.
Generate the #define/#undef logic in generated header files.
Use gcc style where the deprecation warning is after the prototype.
2011-05-17 23:12:51 -07:00
Luke Howard
c73848354c remove extraneous gss_acquire_cred_with_password declaration 2011-05-14 23:11:01 +02:00
Luke Howard
33d1877c21 use gss_const_OID for gss_acquire_cred_ext 2011-05-14 17:16:49 +02:00
Luke Howard
dfba868910 Merge branch 'master' into lukeh/acquire-cred-ex-moonshot-integ
Conflicts:
	lib/gssapi/Makefile.am
	lib/gssapi/mech/gss_acquire_cred_with_password.c
	lib/gssapi/test_context.c
	lib/gssapi/version-script.map
2011-05-14 16:48:49 +02:00
Luke Howard
02cf28e20b implement gss_acquire_cred_ex with password support
add missing SPIs to gss_mech_switch

s/acquire_cred_ex/acquire_cred_ext/g
2011-04-16 11:06:24 +02:00
Luke Howard
0d7bc0c549 remove user_ok from gss_authorize_localname 2011-04-09 13:41:51 +10:00
Luke Howard
6c6e483e00 gss_authorize_localname implementation 2011-04-08 10:58:57 +10:00
Luke Howard
093403a2a7 Merge branch 'master' into lukeh/moonshot 2011-04-03 18:08:23 +10:00
Luke Howard
1a6d126023 Use RFC 5587 const types for draft-josefsson-gss-capsulate APIs 2011-04-03 18:07:07 +10:00
Luke Howard
0f13ae9fe5 fix macro compile error 2011-03-20 19:41:52 +11:00
Luke Howard
9455577b65 Merge branch 'master' of github.com:heimdal/heimdal
Conflicts:
	lib/gssapi/gssapi/gssapi.h
	lib/gssapi/gssapi_mech.h
	lib/gssapi/mech/gss_mech_switch.c
2011-03-20 19:08:10 +11:00
Love Hornquist Astrand
217021914d add more oids 2011-03-13 13:40:52 -07:00
Love Hornquist Astrand
7013c453eb x 2011-03-12 18:49:44 -08:00
Love Hornquist Astrand
4248882381 drop gss_name_any since it removed from the draft 2011-03-12 12:49:42 -08:00
Luke Howard
2b2ab30f53 Add naming extension SPIs
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2011-03-12 12:35:43 -08:00
Luke Howard
65ebfb5712 Merge branch 'master' of github.com:heimdal/heimdal
Conflicts:
	lib/gssapi/gssapi/gssapi.h
	lib/gssapi/mech/gss_mech_switch.c
2011-02-28 10:21:31 +11:00
Love Hornquist Astrand
4be5db6a32 define GSS_IOV_BUFFER_FLAG_ALLOCATE and friends 2011-01-18 16:49:03 +01:00
Luke Howard
5b47a8816d MIT SASL/attribute introspection SPI compat 2011-01-03 22:51:51 +11:00
Luke Howard
cace66a435 Add naming extension SPIs 2011-01-03 14:45:07 +11:00
Luke Howard
098148ac20 MIT SPI compat 2011-01-02 20:30:57 +11:00
Love Hornquist Astrand
edb2464ab9 NETLOGON mechanism, for use in DCE-RPC 2010-11-28 19:35:40 -08:00
Love Hornquist Astrand
c45a17e4e8 these are generated files 2010-11-27 19:24:35 -08:00
Love Hornquist Astrand
97c22d9add sprinkle GSSAPI_LIB_VARIABLE 2010-11-27 19:16:44 -08:00
Love Hornquist Astrand
5dcf0753f4 fill in all mo that make sense for now 2010-11-25 23:52:43 -08:00
Love Hornquist Astrand
6ca842c5b7 gss_indicate_mechs_by_attrs 2010-11-25 21:40:25 -08:00
Love Hornquist Astrand
c1069f8a36 add _gss_oid_name_table 2010-11-25 20:20:03 -08:00
Love Hornquist Astrand
ab9267c04e constify 2010-11-25 19:20:26 -08:00
Love Hornquist Astrand
10554e3754 additional comments 2010-11-25 18:38:37 -08:00
Love Hornquist Astrand
bdc9112651 add missing symbols 2010-11-25 18:36:55 -08:00
Love Hornquist Astrand
dbeeb18a53 generate oids using table 2010-11-25 18:32:33 -08:00
Love Hornquist Astrand
ca1b7bfcc3 initial drop of gss-mo 2010-11-25 11:48:02 -08:00
Asanka Herath
d98fd799c3 GSSAPI_DEPRECATED needs to be before the return type 2010-08-20 13:14:11 -04:00
Asanka Herath
5dcc605f6b Fix calling conventions for Windows 2010-08-20 13:14:10 -04:00
Love Hornquist Astrand
1021099f3d rename external so that they can be included in array and struct initializer 2010-07-22 20:47:04 -07:00
Love Hornquist Astrand
aaf310f99e constify 2010-03-23 20:20:51 -07:00