oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,338 Commits 2 Branches 2 Tags
774f166e3133367c126c1f6b536587570c3fb095
Commit Graph

58 Commits

Author SHA1 Message Date
Nicolas Williams
774f166e31 First attempt s/\<const gss_.*_t/gss_const_.*_t/g 2013-06-02 15:30:58 -05:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
4c063f2955 quite const warning 2011-05-18 22:00:20 -07:00
Jeffrey Altman
217ada7a06 use const consistently for acquire_cred 
Change-Id: I000d954267efa16439e19b0604c660f3c5be791c
 2011-05-17 13:51:12 -04:00
Luke Howard
33d1877c21 use gss_const_OID for gss_acquire_cred_ext 2011-05-14 17:16:49 +02:00
Luke Howard
02cf28e20b implement gss_acquire_cred_ex with password support 
add missing SPIs to gss_mech_switch

s/acquire_cred_ex/acquire_cred_ext/g
 2011-04-16 11:06:24 +02:00
Love Hornquist Astrand
3d36172090 allow keytab specifiction to gsskrb5_register_acceptor_identity 2011-04-07 07:15:28 -07:00
Love Hornquist Astrand
2038d6f56e don't whine when principal is not found in cache, also, use krb5_cc function to make it not hit the network 2010-11-29 09:31:07 -08:00
Asanka Herath
5dcc605f6b Fix calling conventions for Windows 2010-08-20 13:14:10 -04:00
Love Hornquist Astrand
9f5772050b Match old code and use krb5_sname_to_principal on the imported name for acquire cred. 
Reported by Jan Rekorajski
 2009-12-13 22:55:36 -08:00
Love Hornquist Astrand
8b71d0b93f Prefer the realm of the user when doing referrals style ISC krb5-get-creds 
The the realm of the user's principal and prefer that when doing a lookup.
This code still need to be smarter can cache the "initial value" -> positive result
to avoid roundtrips to the KDC.
 2009-07-17 15:43:19 -07:00
Love Hörnquist Åstrand
c99b2003e2 Implement gss_wrap_iov, gss_unwrap_iov for CFX type encryption types. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-22 17:56:41 +00:00
Love Hörnquist Åstrand
6243aee99a use krb5_cc_new_unique, use constants for cache types 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25052 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:06:10 +00:00
Love Hörnquist Åstrand
269a7a057b flatten include headers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:35:00 +00:00
Love Hörnquist Åstrand
fe1a976ae2 new krb5_cc_cache_match 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23905 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-13 03:03:21 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
227aca963e Avoid dns canonlisation for hosts, until we know what client credential we are going to use, and when we know that, lets check if the user really want to use canonlision, XXX should be able to configure per target realm too 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23678 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-25 02:34:24 +00:00
Love Hörnquist Åstrand
f2a2070e19 make acquire_initiator_cred work again 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23534 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-16 22:58:12 +00:00
Love Hörnquist Åstrand
9407642396 catch error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23513 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 10:01:07 +00:00
Love Hörnquist Åstrand
78b0cb1d12 remove unread assignment 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23510 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 10:00:52 +00:00
Love Hörnquist Åstrand
088ad9f97d (acquire_initiator_cred): handle the credential cache better, use 
destroy/close when appriate and for all cases. Thanks to Michael Allen
for point out the memory-leak that I also fixed.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22596 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-18 18:05:55 +00:00
Love Hörnquist Åstrand
bf772f42e4 (acquire_acceptor_cred): Check if there is at least one entry in the 
keytab before declaring it as an useful keytab.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22124 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-04 00:03:52 +00:00
Love Hörnquist Åstrand
717464b9fa (acquire_acceptor_cred): don't claim everything is well on failure. 
From Phil Fisher.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21221 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 08:42:10 +00:00
Love Hörnquist Åstrand
ee246ab9ac Use gss oid_set functions from mechglue 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20688 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-17 18:44:31 +00:00
Love Hörnquist Åstrand
ece5f9603e Make krb5_get_init_creds_opt_free take a context argument. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19078 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-20 18:12:41 +00:00
Love Hörnquist Åstrand
00bcd44370 Switch from using a specific error message context in the TLS to have 
a whole krb5_context in TLS. This have some interestion side-effekts
for the configruration setting options since they operate on
per-thread basis now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19031 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-13 18:02:57 +00:00
Love Hörnquist Åstrand
dfa6f7b248 reference all include files using krb5/ 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18334 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-07 22:16:04 +00:00
Love Hörnquist Åstrand
03567db502 make gss_name_t an opaque type 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17736 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-29 07:27:26 +00:00
Love Hörnquist Åstrand
ee09f98c15 Rename local include file, remove global files. 
Stop exposing global gssapi symbols.
Rename gss_context_id_t and gss_cred_id_t to local names.
Remove SPNEGO code, its now in its own gssapi module.
Add mechglue inquire functions.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17697 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-28 08:54:04 +00:00
Love Hörnquist Åstrand
63506f62b3 update (c) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16341 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-01 21:00:03 +00:00
Love Hörnquist Åstrand
c9962c948d (acquire_acceptor_cred): only check if principal exists if we got 
called with principal as an argument.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16338 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-01 16:26:02 +00:00
Love Hörnquist Åstrand
1cff67e8ce (acquire_acceptor_cred): check that the acceptor exists in the keytab 
before returning ok.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16336 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-01 15:50:42 +00:00
Love Hörnquist Åstrand
f0dc59770a (acquire_initiator_cred): GSS_CF_DESTROY_CRED_ON_RELEASE on created credentials. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16281 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-02 08:56:25 +00:00
Love Hörnquist Åstrand
a5755046b4 (_gssapi_krb5_ccache_lifetime): break out code used to extract 
lifetime from a credential cache


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16239 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-26 11:25:16 +00:00
Love Hörnquist Åstrand
bc4a1da9c6 (acquire_initiator_cred): use krb5_cc_cache_match to find a matching 
creditial cache, if that failes, fallback to the default cache.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16205 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-21 12:44:08 +00:00
Luke Howard
33c4663ba5 plug leak 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14447 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-05 02:32:26 +00:00
Johan Danielsson
26457b7135 replace krb5_free_creds_contents by krb5_free_cred_contents 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13790 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-25 19:25:35 +00:00
Love Hörnquist Åstrand
b5cdf72e01 (gss_acquire_cred): check usage before even bothering to process it, 
add both keytab and initial tgt if requested


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13524 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-14 16:42:39 +00:00
Love Hörnquist Åstrand
7c51fd6e95 (acquire_initiator_cred): use kret instead of ret where appropriate 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12976 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-10-07 00:37:04 +00:00
Love Hörnquist Åstrand
5d190295aa add context argument to krb5_get_init_creds_opt_alloc 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12783 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-08 15:28:20 +00:00
Love Hörnquist Åstrand
61e14619de use krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12737 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-03 00:31:42 +00:00
Love Hörnquist Åstrand
8f776af389 (gss_acquire_cred): 4th argument to gss_test_oid_set_member is a int 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12577 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-08-17 18:55:49 +00:00
Love Hörnquist Åstrand
a704e2f3f4 (gss_aquire_cred): make sure time is returned in seconds from now, not 
in kerberos time


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12346 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-06-03 15:24:29 +00:00
Love Hörnquist Åstrand
42f3fc029a - do some basic locking (no reference counting so contexts can be 
removed while still used)
- don't export gss_ctx_id_t_desc_struct and gss_cred_id_t_desc_struct
- make sure all lifetime are returned in seconds left until expired,
  not in unix epoch


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-05-21 14:52:14 +00:00
Love Hörnquist Åstrand
1cd476c394 (acquire_initiator_cred): if the requested name isn't in the ccache, 
also check keytab.  Extact the krbtgt for the default realm to check
how long the credentials will last.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11971 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-04-06 00:31:55 +00:00
Love Hörnquist Åstrand
408615bf37 (gss_acquire_cred): more testing of input argument, make sure output 
arguments are ok, since we don't know the time_rec (for now), set it
to time_req


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11771 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-03-16 18:05:35 +00:00
Johan Danielsson
14d8cdb894 check return value from gssapi_krb5_init 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11534 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-10-31 16:06:35 +00:00
Jacques A. Vidrine
fed304b01c RFC 2743 says (regarding gss_acquire_cred), 
``A caller may provide the value NULL (GSS_C_NO_NAME) for
  desired_name, which will be interpreted as a request for a
  credential handle that will invoke default behavior when passed
  to GSS_Init_sec_context(), if cred_usage is GSS_C_INITIATE
  or GSS_C_BOTH, or GSS_Accept_sec_context(), if cred_usage is
  GSS_C_ACCEPT or GSS_C_BOTH.''


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11155 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-08-20 12:02:45 +00:00
Jacques A. Vidrine
9efd74fabe Attempt to handle GSS_C_INITIATE/GSS_C_ACCEPT/GSS_C_BOTH. 
If GSS_C_INITIATE is specified, then get credentials from the
default cache.  If we don't have any, then try using the keytab.
If GSS_C_ACCEPT is specified, just note our principal name and
open the keytab.
If GSS_C_BOTH is specified, do both of the above.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10978 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-05-09 15:22:34 +00:00