Commit Graph

2733 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
a1e379cb15 tests all keytab format
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15198 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-20 09:01:29 +00:00
Love Hörnquist Åstrand
cc1891f16f add missing options, prompted by James F. Hranicky mail to heimdal-discuss
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15192 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 20:50:53 +00:00
Love Hörnquist Åstrand
2d1b36a743 (_krb5_pk_rd_pa_reply): non non asn1 decoding errors, fail. Make sure
we free memory on error.
(pk_verify_chain_standard): make sure we provide good errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15190 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 18:49:05 +00:00
Love Hörnquist Åstrand
d90f956e94 (pk_verify_chain_standard): store better error message in the context
for certificate errors.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15188 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 18:27:15 +00:00
Love Hörnquist Åstrand
577e88be43 add pkinit and password quailty check options
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15187 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 18:15:20 +00:00
Love Hörnquist Åstrand
c0817d7f3b (krb5_kt_free_entry): zero out content of all krb5_free_x_content like
functions to make sure data doesnt get reused, idea from Wynn Wilkes
<wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15185 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 14:04:45 +00:00
Love Hörnquist Åstrand
0ec6d0d363 (process_pa_data_to_md): add comment that the caller always free
out_md; remove comment about memory, it doesn't happen.
(init_cred_loop): free ctx->as_req.padata when its reset (From Wynn
Wilkes <wwilkes@vintela.com>), move a comment close the the code


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15178 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 07:42:06 +00:00
Love Hörnquist Åstrand
db975c9c97 (fkt_remove_entry): need to call krb5_kt_free_entry after each
krb5_kt_next_entry.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15177 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 04:13:18 +00:00
Love Hörnquist Åstrand
1ed2143174 (fkt_remove_entry): need to call krb5_kt_free_entry after each
fkt_next_entry_int. From: Wynn Wilkes <wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15176 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-19 04:11:34 +00:00
Love Hörnquist Åstrand
4a5b9202fb s/sizeo/sizeof/
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15175 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 10:06:16 +00:00
Love Hörnquist Åstrand
71fc6141d5 TESTS += test_keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15172 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 05:08:29 +00:00
Love Hörnquist Åstrand
db19fc890c (krb4_kt_remove_entry): plug memory leak, avoid crashing on empty keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15171 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 05:03:30 +00:00
Love Hörnquist Åstrand
46c23b1852 document behavior of krb5_kt_remove_entry
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15170 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:49:15 +00:00
Love Hörnquist Åstrand
ed2c4b3694 (mkt_remove_entry): check if there isn't any entries in the keytab
before removing any since that leads to bad pointer arithmetic and
crashing. From: Wynn Wilkes <wwilkes@vintela.com>.
Make the function return KRB5_KT_NOTFOUND if the entry wasn't in the
keytab (just like the filebased keytab).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15169 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:44:40 +00:00
Love Hörnquist Åstrand
f97a50a117 test memory corruption in MEMORY keytab
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15168 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:38:30 +00:00
Love Hörnquist Åstrand
e84fad2e0e zero out content of all krb5_free_x_content like functions to make sure data doesnt get reused, idea from Wynn Wilkes <wwilkes@vintela.com>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15167 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:21:57 +00:00
Love Hörnquist Åstrand
b926505f3f document KRB5_GC_EXPIRED_OK
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15166 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:07:38 +00:00
Love Hörnquist Åstrand
485b61db15 add krb5_cc_new_unique
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15165 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-18 04:05:17 +00:00
Love Hörnquist Åstrand
fd9149ac7d (fcc_get_first): check return value from malloc, memset the structure,
make sure cursor doesn't point to freed memory on failure.
From: Wynn Wilkes <wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15164 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 17:46:46 +00:00
Love Hörnquist Åstrand
d84fcc39fe update (c), .Dd
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15162 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 14:19:11 +00:00
Love Hörnquist Åstrand
e238fb8fde document KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15161 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 14:18:47 +00:00
Love Hörnquist Åstrand
6c3ab75789 Remove expired credentials, based on patches and comments from Anders
Magnusson <ragge@ltu.se> and Wynn Wilkes <wwilkes@vintela.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15160 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 11:48:06 +00:00
Love Hörnquist Åstrand
2dd7796261 (krb5_get_forwarded_creds): honor
KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED and create unencrypted
(ENCTYPE_NULL) credentials. for use with old mit server and java based
ones as they can't handle encrypted KRB-CRED. Note that the option
needs to turned on because if the consumer sends the KRB-CRED in clear
bad things will happen.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15150 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:12:29 +00:00
Love Hörnquist Åstrand
682ff3fef0 (krb5_init_context): register krb5_javakt_ops
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15149 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:08:28 +00:00
Love Hörnquist Åstrand
d5cfe0c7fd KRB5_GC_EXPIRED_OK: expired credentials is ok to return from
krb5_get_credentials.
KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED: make forward credentials be
unencrypted, for compatibility with mit kerberos and java kerberos.
krb5_javakt_ops: export


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15148 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-17 08:06:30 +00:00
Love Hörnquist Åstrand
f9ca795602 Add new keytab file format JAVA14 that doesn't the use extended kvnos,
as hinted, this is needed for Java's Kerberos implementation.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15147 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-16 21:13:42 +00:00
Love Hörnquist Åstrand
a3c6124483 handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15116 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 19:40:39 +00:00
Love Hörnquist Åstrand
4aaf4dd6bd document krb5_storage_is_flags
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15112 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 10:46:46 +00:00
Love Hörnquist Åstrand
9aa1875790 make more pretty, from Björn Sandell
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15110 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-10 09:21:06 +00:00
Love Hörnquist Åstrand
23f6210e8f (krb5_kuserok): use POSIX_GETPWNAM_R instead of HAVE_GETPWNAM_R
From: Dave Love <d.love@dl.ac.uk>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15103 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-09 15:41:45 +00:00
Love Hörnquist Åstrand
db171a26fd (krb5_print_address): catch when the custom print v6-adresss don't fit
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15098 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-07 07:50:24 +00:00
Love Hörnquist Åstrand
32ad0c150f spelling
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15089 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-05 14:07:48 +00:00
Love Hörnquist Åstrand
1ef7caec57 expand on what "trailing component" means
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15087 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:44:34 +00:00
Johan Danielsson
82fa25b5c4 put address comparison in separate function
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15085 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:25:04 +00:00
Johan Danielsson
67b2fd15f7 check the user's ~/.k5login.d directory for access files, all of which
is handled like the regular ~/.k5login


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15083 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-04 12:11:22 +00:00
Love Hörnquist Åstrand
1b4b266006 (krb5_ui_method_read_string): use the fill in length
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15059 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 21:01:33 +00:00
Love Hörnquist Åstrand
9f219c721d Now that we fixed the signed-ness of nonce for windows, remove the
code that removed the signed bit. Instead add comment that they still
need to be the same (Kerberos protocol nonce and pk-init nonce) for Windows.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15055 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:52:57 +00:00
Love Hörnquist Åstrand
9b38bf74d1 Don't declare des_salt &c as static with incomplete type (invalid in
c89, at least).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15053 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:11:59 +00:00
Love Hörnquist Åstrand
6985bebfc1 include <crypt.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15052 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-05-02 14:08:35 +00:00
Love Hörnquist Åstrand
a8f9738a23 if we are using PKINIT, strip of the highest bit to make windows
PK-INIT happy. Also make the nonces the same, again for windows, they
are using pk-init-9.

XXX check if it isn't the that nonce is an unsigned variable so its
just a asn1 mismatch.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15043 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 16:24:00 +00:00
Love Hörnquist Åstrand
a4f747ea8e Pass prompter data to the prompter function, implement a UI prompter
function wrapping the kerberos prompter function so that the the
OpenSSL ENGINE can ask for a password when loading the private key.

From: Douglas E. Engert


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15040 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 16:12:18 +00:00
Love Hörnquist Åstrand
ab541001cc #include <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15036 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:19:58 +00:00
Love Hörnquist Åstrand
ce927eeff5 include <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15035 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:18:27 +00:00
Love Hörnquist Åstrand
74e7222461 add <err.h>
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15033 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 15:15:38 +00:00
Love Hörnquist Åstrand
51a75cda5e use LIB_com_err for libkrb5.la
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15018 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-30 13:50:41 +00:00
Love Hörnquist Åstrand
5081487496 (krb5_set_config_files): ignore permission denied on configuration
files, user might no be allowed to read /var/heimdal/kdc.conf


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14997 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-28 09:04:10 +00:00
Love Hörnquist Åstrand
1f6a02ddd4 define _POSIX_PTHREAD_SEMANTICS so we get posix getpwnam_r
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14971 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-27 08:24:02 +00:00
Love Hörnquist Åstrand
1da385e5b6 (acc_gen_new): remove debug printf
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14946 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 21:54:01 +00:00
Love Hörnquist Åstrand
ed8f5734cb use the unexport the oid_to_enctype
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14922 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 14:14:49 +00:00
Love Hörnquist Åstrand
f8c1fbfbe4 unexport the oid_to_enctype function, not for external consumers
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14921 ec53bebd-3082-4978-b11e-865c3cabbd6b
2005-04-24 14:14:17 +00:00