Nicolas Williams 
							
						 
					 
					
						
						
							
						
						95262936c7 
					 
					
						
						
							
							s/assert/heim_assert/ and remove dead code  
						
						
						
						
					 
					
						2011-07-24 11:07:27 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						12403a31ce 
					 
					
						
						
							
							sprinkle more windows files  
						
						
						
						
					 
					
						2011-07-23 11:18:21 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						1eb56edd86 
					 
					
						
						
							
							Introduce Keys ::= SEQUENCE OF Key in hdb.asn1 so we can get convenience utils.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						689d4f4dd9 
					 
					
						
						
							
							Another HDB_F_DECRYPT-isn't-critical fix.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						5335559845 
					 
					
						
						
							
							Oops, HDB_F_DECRYPT isn't critical; making it so breaks tests.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a246c394d2 
					 
					
						
						
							
							Fix warnings.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						f2897efd09 
					 
					
						
						
							
							Make the KDC path work.  
						
						
						
						
					 
					
						2011-07-22 16:07:08 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						31974aa24c 
					 
					
						
						
							
							More s/int/size_t/ for iterators.  Also fixed a stupid bug.  
						
						
						
						
					 
					
						2011-07-22 16:07:06 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						cf1c898e95 
					 
					
						
						
							
							Undo a s/size_t/int/.  Iterators must be unsigned.  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						0674e4b13a 
					 
					
						
						
							
							Ooops!  Mind those tags when re-ordering ASN.1 SEQUENCEs! (hdb_keyset)  
						
						
						
						
					 
					
						2011-07-22 16:07:05 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						53ea8ac59b 
					 
					
						
						
							
							Make changes to hdb_keyset type be backward-compatible.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a280ed4d4c 
					 
					
						
						
							
							Forgot a file for the hdb_keyset backwards-compat extention.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						3794d8b37b 
					 
					
						
						
							
							Changed lib/hdb/Makefile.am to use --sequence=HDB-Ext-KeySet  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						355ae357eb 
					 
					
						
						
							
							Moved set_time field of hdb_keyset to end and add extensibility marker.  
						
						
						
						
					 
					
						2011-07-22 16:06:01 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						c2ec368c36 
					 
					
						
						
							
							Add HDB extension for storing policy regarding what historic keys may be used for  
						
						
						
						
					 
					
						2011-07-22 16:06:00 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						308e53a4a8 
					 
					
						
						
							
							Initial support for filtering out "dead" historical keys.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						7e0a801e28 
					 
					
						
						
							
							Changed decrypt key history logic and added HDB_F_ALL_KVNOS.  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a04721b737 
					 
					
						
						
							
							Added basic policy support, w/ policy names listed in krb5.conf  
						
						
						
						
					 
					
						2011-07-22 16:05:21 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						abd94953e2 
					 
					
						
						
							
							Fixes to lock nesting code.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						58d72035f1 
					 
					
						
						
							
							Added kadm5_lock() and unlock.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						109607a355 
					 
					
						
						
							
							Fix uninitialized variable.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						6e04b05e9d 
					 
					
						
						
							
							Initial support for kadm5_randkey_principal_3(), needed by krb5_admin.  
						
						... 
						
						
						
						NOT TESTED YET. 
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						51e9da4a66 
					 
					
						
						
							
							Fixed (preemptively) a double free and added password history based on key history.  
						
						
						
						
					 
					
						2011-07-22 16:04:52 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34189a23fe 
					 
					
						
						
							
							Added a flag to ensure that we don't mod/store hdb entries fetched with specified kvno.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						e7f385ad0d 
					 
					
						
						
							
							Initial patch to make the MIT KDB backend for HDB handle multiple kvnos.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						34bb7ae363 
					 
					
						
						
							
							Fix double free.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a095933ee0 
					 
					
						
						
							
							We want the time that a keyset was set, not the time it was replaced.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						08650b573b 
					 
					
						
						
							
							Also encrypt the history when storing the entry.  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						fca53990e4 
					 
					
						
						
							
							Initial commit for second approach for multiple kvno.  NOT TESTED!  
						
						
						
						
					 
					
						2011-07-22 16:04:51 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						7aaba443bc 
					 
					
						
						
							
							add NTMakefile and windows directories  
						
						
						
						
					 
					
						2011-07-17 12:16:59 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0879b9831a 
					 
					
						
						
							
							remove trailing whitespace  
						
						
						
						
					 
					
						2011-05-21 11:57:31 -07:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						6850d6a65f 
					 
					
						
						
							
							avoid uninit variable and unreachable code warnings  
						
						... 
						
						
						
						most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.
Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8 
						
						
					 
					
						2011-05-17 12:02:16 -04:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						f5f9014c90 
					 
					
						
						
							
							Warning fixes from Christos Zoulas  
						
						... 
						
						
						
						- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code 
						
						
					 
					
						2011-04-29 20:25:05 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						7a4d4c5f4e 
					 
					
						
						
							
							Add HAVE_SQLITE3 that allows control if you want sqlite or not  
						
						
						
						
					 
					
						2011-04-16 10:26:43 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						4244f13866 
					 
					
						
						
							
							This makes hdb-sqlite work: moving the unseal of keys past the value2entry decoding.  
						
						... 
						
						
						
						Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-04-16 10:19:40 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						b5137810fb 
					 
					
						
						
							
							Various bug fixes in hdb-mitdb.c.  
						
						... 
						
						
						
						Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-04-04 22:44:58 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						941eba430b 
					 
					
						
						
							
							Fixed a bug by s/u16/SEEK_CURR/; the bug prevented this mitdb backend from parsing MIT KDB entries with multiple kvnos in non-increasing order.  
						
						... 
						
						
						
						Fixed a double-free bug that was triggered by MIT KDB entries with
multiple kvnos in non-increasing order.
Added lots of comments regarding the MIT KDB entry format.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-04-04 22:44:57 -07:00 
						 
				 
			
				
					
						
							
							
								Luke Howard 
							
						 
					 
					
						
						
							
						
						987658325e 
					 
					
						
						
							
							correctly decode MIT KDB flags  
						
						... 
						
						
						
						Patch from Nico Williams <nico@cryptonector.com > 
						
						
					 
					
						2011-03-23 11:26:50 +11:00 
						 
				 
			
				
					
						
							
							
								Jelmer Vernooij 
							
						 
					 
					
						
						
							
						
						1ad64fe599 
					 
					
						
						
							
							hdb.h: Include krb5.h first, so hdb.h can be included standalone.  
						
						... 
						
						
						
						This makes it a bit easier to find libhdb in e.g. configure tests and
is consistent with the main header files for the other Heimdal
libraries, none of which has any prerequisite other headers.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2011-01-03 11:51:09 +01:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0a10f35897 
					 
					
						
						
							
							drop unused functions  
						
						
						
						
					 
					
						2010-11-28 11:50:42 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6c6726d76c 
					 
					
						
						
							
							drop hdb_fetch  
						
						
						
						
					 
					
						2010-11-28 11:46:46 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						917920e8cd 
					 
					
						
						
							
							implement fetch_kvno  
						
						
						
						
					 
					
						2010-11-28 11:34:33 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						38d0a72326 
					 
					
						
						
							
							implement fetch_kvno  
						
						
						
						
					 
					
						2010-11-28 11:33:24 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						daa3d4753d 
					 
					
						
						
							
							implement fetch_kvno  
						
						
						
						
					 
					
						2010-11-28 11:31:15 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ee8c2e45b4 
					 
					
						
						
							
							use _hdb_fetch_kvno  
						
						
						
						
					 
					
						2010-11-28 11:20:31 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						c44315b6d9 
					 
					
						
						
							
							add _hdb_fetch_kvno  
						
						
						
						
					 
					
						2010-11-28 11:19:43 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						617c51a150 
					 
					
						
						
							
							kvno is krb5_kvno not unsigned  
						
						
						
						
					 
					
						2010-11-28 11:19:22 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						8ece8672ae 
					 
					
						
						
							
							kvno is krb5_kvno not unsigned  
						
						
						
						
					 
					
						2010-11-28 11:19:15 -08:00 
						 
				 
			
				
					
						
							
							
								Andrew Bartlett 
							
						 
					 
					
						
						
							
						
						f469fc6d49 
					 
					
						
						
							
							heimdal Add support for extracting a particular KVNO from the database  
						
						... 
						
						
						
						This should allow master key rollover.
(but the real reason is to allow multiple krbtgt accounts, as used by
Active Directory to implement RODC support)
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2010-11-28 09:52:54 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						1be05e6568 
					 
					
						
						
							
							support KRB5_KDB_SALTTYPE_CERTHASH  
						
						
						
						
					 
					
						2010-11-27 13:27:35 -08:00