oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,383 Commits 2 Branches 2 Tags
88e3968a9e70666bee09d88b2c974c35aab69bef
Commit Graph

26383 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Bartlett
b78419f126 heimdal use returned server entry from HDB to compare realms 
Some hdb modules (samba4) may change the case of the realm in
a returned result.  Use that to determine if it matches the krbtgt
realm also returned from the DB (the DB will return it in the 'right' case)

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 20:46:49 -07:00
Andrew Bartlett
0225db7152 Don't redefine socket() if socket_wrapper is already in use 
In Samba, we may have already included socket_wrapper.h at this point

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 20:46:16 -07:00
Love Hornquist Astrand
c6fb9428dd Drop imath for ltm for speed reasons 2010-10-02 12:28:27 -07:00
Love Hornquist Astrand
0a608964a4 only set error code in case of failure, add comment 2010-10-02 12:13:19 -07:00
Love Hornquist Astrand
6cdf8104f7 do is deprecated, so lets stop using it 2010-10-02 12:05:41 -07:00
Love Hornquist Astrand
0789271ebb indent, return error code 2010-10-02 11:59:53 -07:00
Andrew Bartlett
7ea9ccf737 heimdal: added verbose logging of hemimdal crypto errors 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:56:26 -07:00
Andrew Bartlett
c434086ba0 Add error code to use when a secret is not in this database 
This will happen on an RODC, which has the entry, but not the full
secret.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:52:28 -07:00
Andrew Bartlett
1d09e39d45 Don't segfault when in --one-file mode 
The problem is that on Linux, fclose() of a NULL pointer segfaults

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:51:42 -07:00
Buck Huppmann
799956e9b7 Check if we should enable weak crypto before parsing enctypes list 
This since the enctypes lists doesn't include weak crypto alg in the
resulting list.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:28:20 -07:00
Love Hornquist Astrand
0d64a7830b 1.5 items 2010-10-02 10:54:03 -07:00
Love Hornquist Astrand
6beb058640 Handle picky windows RODC servers 2010-10-01 17:49:05 -07:00
Patrik Lundin
d5e4619738 Fix order of arguments given to memchr(). 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-30 21:30:33 -07:00
Love Hornquist Astrand
3128a7a416 SHA384 2010-09-30 18:36:58 -07:00
Love Hornquist Astrand
b206aeb016 SHA384 2010-09-30 18:22:00 -07:00
Love Hornquist Astrand
1b48afda47 add sha512 2010-09-30 01:04:19 -07:00
Love Hornquist Astrand
9dbcb98f84 clue in sha512 in rsa signature 2010-09-30 01:00:42 -07:00
Love Hornquist Astrand
1072afd6bf Andrew Bartlet pointed out that the patch was incomplete, update and write doxygen. 2010-09-30 00:44:35 -07:00
Love Hornquist Astrand
6699b5e59a get padding size right 2010-09-30 00:20:52 -07:00
Love Hornquist Astrand
42727fc891 glue in sha512 2010-09-30 00:18:03 -07:00
Love Hornquist Astrand
150f1401d1 Add SHA512 2010-09-30 00:08:48 -07:00
Love Hornquist Astrand
b32651c830 SHA512 support 2010-09-29 23:41:15 -07:00
Love Hornquist Astrand
5fc132d888 add _der_gmtime, use and test it 2010-09-29 13:32:39 -07:00
Love Hornquist Astrand
f454f45fbf If the hostname contains a dot, assumes it's a FQAN and don't use 
search domains since that might be painfully slow when machine is
disconnected from that network.

Found by Tridge
 2010-09-28 22:37:01 -07:00
Love Hornquist Astrand
5410614330 free more bn that was allocated 2010-09-28 22:12:20 -07:00
Love Hornquist Astrand
97d939d9af don't allocate n twice, indent 2010-09-28 22:08:00 -07:00
Andrew Bartlett
76266ab5ac s4:heimdal Create a new PAC when impersonating a user with S4U2Self 
If we don't do this, the PAC is given for the machine accout, not the
account being impersonated.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:15:18 -07:00
Karolin Seeger
035106be97 s4-krb5: Fix typos in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:12:09 -07:00
Andrew Bartlett
0e128912af s4:heimdal Add hooks to check with the DB before we allow s4u2self 
This allows us to resolve multiple forms of a name, allowing for
example machine$@REALM to get an S4U2Self ticket for
host/machine@REALM.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:11:05 -07:00
Karolin Seeger
77a6204452 s4-heimdal: Fix typo in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:08:28 -07:00
Karolin Seeger
260e19ac09 s4-heimdal: Fix typo in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:06:58 -07:00
Love Hornquist Astrand
07e7cdd4f0 Support PADDING_NONE for encryption too 2010-09-23 11:11:00 -07:00
Love Hornquist Astrand
74e46d59c1 add back hx509_crypto_allow_weak 2010-09-22 15:00:13 -07:00
Love Hornquist Astrand
6f328a9194 add padding support via hx509_crypto_set_padding 2010-09-22 14:41:17 -07:00
Love Hornquist Astrand
2f9f212980 remove unused header file 2010-09-19 01:47:32 -07:00
Love Hornquist Astrand
686f2abe61 x 2010-09-19 01:14:07 -07:00
Love Hornquist Astrand
b5bc5c1d84 add PTHREAD_LIBADD 2010-09-19 00:55:36 -07:00
Love Hornquist Astrand
84f6409923 Move to a plugin cache, contributed from Secure Endpoints 2010-09-18 23:37:06 -07:00
Asanka C. Herath
cad554ad3d Generalize MSLSA ccache type to a plug-in based ccache type 2010-09-18 23:50:38 -04:00
Asanka C. Herath
a4be8fcd7e Windows: Add missing export for libhcrypto-exports.def 2010-09-18 23:41:53 -04:00
Love Hornquist Astrand
fea391eb96 remove prefix zeros 2010-09-18 14:45:33 -07:00
Love Hornquist Astrand
8668bfaefc less brokenness 2010-09-18 11:55:59 -07:00
Love Hornquist Astrand
8de6bccd50 add validate.obj 2010-09-18 11:33:09 -07:00
Simon Wilkinson
75df9577e7 Uses unsigned ints for lengths 
EVP_BytesToKey uses min() on a mixture of signed and unsigned
paramters. To avoid compiler warnings, use unsigned int for all
of the iv and key lengths in this function.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-18 11:30:06 -07:00
Love Hornquist Astrand
9907781fa3 make address a full adress 2010-09-18 11:26:09 -07:00
Anton Lundin
057f139f6a Fix to build on aix. 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-17 12:21:58 -07:00
Anton Lundin
61bfc2997b Fix testing when compiled with --disable-afs-support 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-17 12:21:39 -07:00
Love Hornquist Astrand
4328f3980f make addresses not use compression in the middle since diffrent 
inet_ntop have diffrent way to format them
 2010-09-17 12:20:29 -07:00
Anton Lundin
eac56da073 Rename struct to not clash with aix header sys/proc.h 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-16 22:47:27 -07:00
Anton Lundin
46a4a64dfe ifdef away code to be able to build with --disable-krb4 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-16 22:47:14 -07:00