oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
19,551 Commits 2 Branches 2 Tags
7ba2b2006ca22a0ba79e85b5886bba120f2a5b6d
Commit Graph

1083 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
7ba2b2006c rename des to hcrypto 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20466 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-20 08:29:05 +00:00
Love Hörnquist Åstrand
6f469b4af4 remove code that depend on kerberos 4 library 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20456 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 20:29:42 +00:00
Love Hörnquist Åstrand
7a339bab7d revert 20447, it doesnt pass the regression tests, exports too much 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20454 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 20:21:51 +00:00
Love Hörnquist Åstrand
0c2182a3ba Call out to Heimdal's krb5.conf processing to configure many aspects 
of KDC behaviour.  This should allow PKINIT to be turned on and
managed with reasonable sanity.

From Andrew Bartlet



git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20447 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 18:22:41 +00:00
Love Hörnquist Åstrand
87e6051ddc (main): free the message when done with it. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20434 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 14:00:32 +00:00
Love Hörnquist Åstrand
97e369f300 don't check size since that currently leaks memory 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20430 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 10:33:30 +00:00
Love Hörnquist Åstrand
760ffa0e99 Spelling, from raga <raga@comcast.net> via Bjorn Sandell. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-11 11:53:20 +00:00
Love Hörnquist Åstrand
9fe7e832c7 Return the same error codes as a windows KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20279 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 02:05:53 +00:00
Love Hörnquist Åstrand
81a108b1d0 Make handling of replying e_data more generic, from metze. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20277 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 02:01:12 +00:00
Love Hörnquist Åstrand
21ddb4aee9 Fix (string const and shadow) warnings, from metze. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20276 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 01:50:37 +00:00
Love Hörnquist Åstrand
937df31de8 Select a session enctype from the list of the crypto systems supported 
enctype, is supported by the client and is one of the enctype of the
enctype of the krbtgt.

The later is used as a hint what enctype all KDC are supporting to
make sure a newer version of KDC wont generate a session enctype that
and older version of a KDC in the same realm can't decrypt.

But if the KDC admin is paranoid and doesn't want to have "no the
best" enctypes on the krbtgt, lets save the best pick from the client
list and hope that that will work for any other KDCs.

Reported by metze.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20271 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-22 01:21:46 +00:00
Love Hörnquist Åstrand
7a01a70ac2 (propagate_database): on any failure, drop the connection to the peer 
and try next one.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20268 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-21 20:48:40 +00:00
Love Hörnquist Åstrand
45ebb9c7f2 Only check service key for cross realm PACs. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-18 08:34:36 +00:00
Love Hörnquist Åstrand
126ea0e595 Don't check PACs on cross realm requests. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20254 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-17 07:52:01 +00:00
Love Hörnquist Åstrand
b0e9eb4583 switch some "return ret" to "goto out". 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20243 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-17 00:06:03 +00:00
Love Hörnquist Åstrand
6e6d429311 Pass down canonicalize request to hdb layer, sign client referrals. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20242 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-17 00:04:54 +00:00
Love Hörnquist Åstrand
f37c85ba61 pass extra flags for detached signatures. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-03 22:47:25 +00:00
Love Hörnquist Åstrand
4ac442a884 Remove debug output. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20149 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-03 07:06:24 +00:00
Love Hörnquist Åstrand
3bb7b20169 Fix ms-chap-v2 get_masterkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20144 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 22:26:38 +00:00
Love Hörnquist Åstrand
e4d855f06d Fix ms-chap-v2 mutual response auth code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20143 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 22:15:52 +00:00
Love Hörnquist Åstrand
1290d1bb74 Add get_master from RFC 3079 3.4 for MS-CHAP-V2 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 21:27:21 +00:00
Love Hörnquist Åstrand
3ce495d26e Use right size, from Klas Lindfors. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20133 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 20:51:37 +00:00
Love Hörnquist Åstrand
01ad941e9b First version from kllin. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20131 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 20:48:23 +00:00
Love Hörnquist Åstrand
abcd0e9de6 Better logging and return status = FALSE when checksum doesn't match. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20120 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 20:28:49 +00:00
Love Hörnquist Åstrand
0fdc34167b Check the digest response in the KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20118 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 20:19:53 +00:00
Love Hörnquist Åstrand
e786c4d432 Add support for MS-CHAP v2. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20114 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 18:15:56 +00:00
Love Hörnquist Åstrand
b097b3a816 don't verify identifier in CHAP, its the client that chooses it. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20087 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-31 12:21:21 +00:00
Love Hörnquist Åstrand
09eb1bfcb2 Don't use C99 syntax. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19992 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-20 09:06:18 +00:00
Love Hörnquist Åstrand
70056908b1 Issue certificates. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19909 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-14 23:16:14 +00:00
Love Hörnquist Åstrand
2df6875132 Parse kx509/kca configuration. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19908 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-14 23:12:51 +00:00
Love Hörnquist Åstrand
95d9226959 add kx509 config 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19907 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-14 23:10:24 +00:00
Love Hörnquist Åstrand
99d0e79fb4 (_kdc_find_padata): if there is not padata, there is nothing find. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19906 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-14 22:39:41 +00:00
Love Hörnquist Åstrand
82f3dca5ec Rename keys to be more obvious what they do. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19809 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 19:43:35 +00:00
Love Hörnquist Åstrand
d7bdb6f04c Use other keys to sign with. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19805 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 18:16:42 +00:00
Love Hörnquist Åstrand
a295015e44 Spelling. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19799 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 15:25:09 +00:00
Love Hörnquist Åstrand
5a65ccd573 indent. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19798 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 15:24:51 +00:00
Love Hörnquist Åstrand
7e21610a7c Pass down server entry to verify_pac function. 
from Andrew Bartlett <abartlet@samba.org>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19797 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 15:22:11 +00:00
Love Hörnquist Åstrand
634d0ca86d pass down server entry to verify_pac function, from Andrew Bartlett <abartlet@samba.org> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19796 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 14:22:04 +00:00
Love Hörnquist Åstrand
e8638c2c7a Check for KRB5_PADATA_PA_PAC_REQUEST to check if we should include the 
PAC in the krbtgt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19689 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 13:27:27 +00:00
Love Hörnquist Åstrand
80ada635f1 (_kdc_as_rep): check if krb5_generate_random_keyblock failes. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19686 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 12:54:09 +00:00
Love Hörnquist Åstrand
bee6d08ff3 (tgs_build_reply): check if krb5_generate_random_keyblock failes. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19685 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 12:49:45 +00:00
Love Hörnquist Åstrand
8588cd9ebd Scope etype. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19684 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 12:42:51 +00:00
Love Hörnquist Åstrand
6d5bd7a704 (_kdc_as_rep): call windc client access hook. 
(_kdc_tkt_add_if_relevant_ad): constify in data argument.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19677 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:14:47 +00:00
Love Hörnquist Åstrand
1571207bc4 More comments add a client_access hook. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19676 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:13:51 +00:00
Love Hörnquist Åstrand
f2b0c0407f Add _kdc_windc_client_access. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19674 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:10:06 +00:00
Love Hörnquist Åstrand
f2807ae2c8 rename functions after export some more pac functions. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19672 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:02:33 +00:00
Love Hörnquist Åstrand
9b7ae5c640 Resign the PAC in tgsreq if we have a PAC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19669 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 10:56:23 +00:00
Love Hörnquist Åstrand
794a8dc6db Maybe include <sys/wait.h>. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19658 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 00:15:34 +00:00
Love Hörnquist Åstrand
9140e58024 Get right key for PAC krbtgt verification. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19643 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-03 19:34:27 +00:00
Love Hörnquist Åstrand
809368fb9e spelling 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19641 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-03 18:52:45 +00:00