oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,065 Commits 2 Branches 2 Tags
7bf4d76e75e904dd65a0fbb90c9cad981245f714
Commit Graph

21 Commits

Author SHA1 Message Date
Luke Howard
c510e6d474 gss: don't provide domain to nsi_probe() in NTLM 
_gss_ntlm_accept_sec_context() does not provide the acceptor domain to
nsi_probe(); for consistency, _gss_ntlm_acquire_cred_from() should do that
same. Providing the acceptor domain was breaking tests.

Note that the Heimdal NTLM implementation is old and has few consumers (Apple
and Samba use their own implementations). Arguably we should merge the Apple
implementation or remove it.
 2020-02-04 17:28:35 +11:00
Luke Howard
bf14eb29df gss: NTLM nsi_probe returns a krb5, not gss error 
The nsi_probe() error code was treated as a GSS error code, rather than a krb5
error. Return a GSS error code, setting the krb5 error in minor_status.
 2020-02-04 17:28:35 +11:00
Luke Howard
e0bb9c10ca gssapi: credential store extensions (#451) 
Implement the GSS-API credential store API extensions defined by MIT here:

https://k5wiki.kerberos.org/wiki/Projects/Credential_Store_extensions

Note: we kill off gss_acquire_cred_ext() here. This was never a public API,
although mechanisms could have implemented it and I briefly used it in my
BrowserID prototype mechanism. gss_acquire_cred_ext_from() occupies the place
in the dispatch table where gss_acquire_cred_ext() used to, but this structure
was never visible outside Heimdal (i.e. it is only used by internal
mechanisms);

(Mechanisms that need to accept arbitrary key/value dictionaries from
applications should now implement gss_acquire_cred_from().)
 2019-01-03 14:38:39 -06:00
Nicolas Williams
08724496ff Use default NTLM domain cc config 
The NTLM GSS mechanism now supports default credential handles (and
acquiring handles for default credentials with desired_name ==
GSS_C_NO_NAME).
 2015-04-17 10:55:17 -05:00
Nicolas Williams
774f166e31 First attempt s/\<const gss_.*_t/gss_const_.*_t/g 2013-06-02 15:30:58 -05:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Asanka Herath
5dcc605f6b Fix calling conventions for Windows 2010-08-20 13:14:10 -04:00
Love Hornquist Astrand
9ccc79c5b6 Don't leak context if nsi_probe failes 
Deduced from valgrind log produced by Markus Moeller
 2009-08-22 10:52:22 -07:00
Love Hörnquist Åstrand
26cc8f6525 flatten namespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24482 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 20:49:54 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
6562b287fb Always set output_cred_handle to GSS_C_NO_CREDENTIAL in the begining. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23688 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-26 12:35:12 +00:00
Love Hörnquist Åstrand
86554555a3 clean up name handling 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22380 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-29 18:42:56 +00:00
Love Hörnquist Åstrand
66f8605e07 handle username part of the ntlm name 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22373 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-28 18:36:06 +00:00
Love Hörnquist Åstrand
0a9f8b895b Check if there is initial creds with _gss_ntlm_get_user_cred(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22165 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-04 21:44:26 +00:00
Love Hörnquist Åstrand
8ca9a4469c add credential handling, add probe function, add better acquired cred function 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22163 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-04 21:25:06 +00:00
Love Hörnquist Åstrand
06244210e0 drop unused variable. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20583 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-08 00:31:58 +00:00
Love Hörnquist Åstrand
eb2d35a531 Reimplement. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20582 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-08 00:26:07 +00:00
Love Hörnquist Åstrand
877b0883e8 split out backend ntlm server processing 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20579 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-08 00:17:59 +00:00
Love Hörnquist Åstrand
fd0d5b4e0f Check that the KDC seem to there and answering us, we can't do better 
then that wen checking if we will accept the credential.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19400 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 13:03:45 +00:00
Love Hörnquist Åstrand
2e061ed271 ntlm gssapi module, only support context building 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19334 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-14 12:17:34 +00:00