oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
24,687 Commits 2 Branches 2 Tags
a7d5b2a15e74fcf31910f19f4bcfec2964603e57
Commit Graph

82 Commits

Author SHA1 Message Date
Love Hornquist Astrand
0d60a7d0ae implement gss-wrap-iov and friends 2009-08-29 09:04:53 -07:00
Love Hornquist Astrand
9a4e91b1de don't reset handle twice 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
1999c85670 Make mech glue layer aware of composite mechs that uses mech glue layer credentials 
This make it possible to use krb5/ntlm credentials with SPNEGO.
Needs some more work to avoid double fetching credentials.
 2009-08-27 12:12:44 -07:00
Love Hornquist Astrand
022e7d4319 Return unwrapped delegated credentials if the actual mech is not the called mech 
Assumes that pseudo mechs are are of how mechglue credentails look like and
return credentials like that.

Pointed out on krbdev by Nicolas Williams
 2009-08-26 22:32:50 -07:00
Love Hornquist Astrand
fa502c6648 Add support for gss_{import,export}_cred() as requested by metze 
Works for krb5 and SPNEGO mechanisms. Kerberos credentials are passed as
credential cache names, or if there are memory based credentials, inband in the protocol. This means that the credentials buffers must be keep secret.

As documented by IBM (they have the wrong prototype though)
and GGF (GSS-API Extensions) back in 2001
 2009-07-29 13:36:02 +02:00
Love Hörnquist Åstrand
8eb14db155 remove unused variable 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25323 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-07-15 22:16:21 +00:00
Love Hörnquist Åstrand
90ac3afd08 hostname is not_defined_in_RFC4178@please_ignore 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25291 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-28 21:12:38 +00:00
Love Hörnquist Åstrand
65adbffd77 handle error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24877 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-27 03:34:54 +00:00
Love Hörnquist Åstrand
44db677898 add missing file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24758 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 19:14:30 +00:00
Love Hörnquist Åstrand
a5d7a1ad04 Drop sign/seal functions (version 1 of the interface). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24744 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 19:11:51 +00:00
Love Hörnquist Åstrand
269a7a057b flatten include headers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:35:00 +00:00
Love Hörnquist Åstrand
e9d32a0ac5 Use asn1 decoder now that it can handle CHOICE 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24187 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-15 04:30:02 +00:00
Love Hörnquist Åstrand
f106a2aff9 release mechs when done, cid#75 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24137 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:06:03 +00:00
Love Hörnquist Åstrand
b35c56fff6 check for value of get_mic, not that is a pointer. cid#141 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24109 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:01:10 +00:00
Love Hörnquist Åstrand
0e01d8fa11 check for value of get_mic, not that is a pointer. cid#141 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24108 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:01:00 +00:00
Love Hörnquist Åstrand
dc5e4b8033 try handle gss_import_name() better, its not really perfect, its breaks spengo inquire_names_for_mech, but that less common.... 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-11-12 04:18:15 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
f462f342a0 don't bother setting verify_mic if its not used after this. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23499 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 09:59:49 +00:00
Love Hörnquist Åstrand
ef70ee1c5a Add back "mech/utils.h", its needed for oid/buffer functions. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23161 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-05-05 09:56:20 +00:00
Love Hörnquist Åstrand
fc518d9fca Changes from doug barton to make spnego indepedant of the heimdal version of the plugin system. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23158 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-05-02 09:45:28 +00:00
Love Hörnquist Åstrand
784ffbfa6a Make delegated credentials delegated directly, Oleg Sharoiko pointed out that it always didnt work with the old code. Also add som missing cred and context pass-thou functions in the SPNEGO layer 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22688 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-16 11:33:58 +00:00
Love Hörnquist Åstrand
2b90d952c6 (_gss_spnego_inquire_context): make work, based on patch from Ryan Sleevi. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22604 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-21 21:12:48 +00:00
Love Hörnquist Åstrand
3673482a9b make the SPNEGO mech store the error itself instead, works for everything except other stackable mechs 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22600 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-21 12:46:24 +00:00
Love Hörnquist Åstrand
c2bc1d4b03 (spnego_reply): if the reply token was of length 0, make it the same 
as no token. Pointed out by Zeqing Xia.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22598 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-18 18:19:51 +00:00
Love Hörnquist Åstrand
b53c90da08 Make error reporting somewhat more correct for SPNEGO. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22569 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-03 18:20:24 +00:00
Love Hörnquist Åstrand
f282936479 drop file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22400 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-11 14:28:13 +00:00
Love Hörnquist Åstrand
39ad4a364f (_gss_spnego_internal_delete_sec_context): release ctx->target_name too 
From Rafal Malinowski.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21866 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-08-08 11:31:29 +00:00
Love Hörnquist Åstrand
05e5153afc Make compile again. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21461 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-10 14:01:13 +00:00
Love Hörnquist Åstrand
f3842471ec remove checks that are done by the previous function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21459 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-10 13:23:14 +00:00
Love Hörnquist Åstrand
3f6884c4c5 Indent and make NegTokenInit and NegTokenResp extendable. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21403 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-04 08:13:12 +00:00
Love Hörnquist Åstrand
64b2fd7e72 Wrap name in a spnego_name instead of just a copy of the underlaying object. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21243 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 15:16:22 +00:00
Love Hörnquist Åstrand
c68e3696e2 Handle underlaying mech not returning mn. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21239 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 11:23:13 +00:00
Love Hörnquist Åstrand
a5f538fae9 Make sure src_name is always set to GSS_C_NO_NAME when returning. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21235 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 11:10:33 +00:00
Love Hörnquist Åstrand
79f9985a9c Only wrap the delegated cred if we are going to return it to the consumer. 
From Rafal Malinowski.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21186 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 03:29:02 +00:00
Love Hörnquist Åstrand
b3d275ac40 Fixed memory leak pointed out by Rafal Malinowski, also while here 
moved to use NegotiationToken for decoding.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21185 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 03:23:49 +00:00
Love Hörnquist Åstrand
ab8094ae4c Init get_mic to 0. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21127 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 20:23:14 +00:00
Love Hörnquist Åstrand
a906ca54bf (_gss_spnego_display_name): if input_name is null, fail. 
From Rafal Malinowski.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21035 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-09 15:32:47 +00:00
Love Hörnquist Åstrand
cc4333b758 remove cvs ignore files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-09 03:09:59 +00:00
Love Hörnquist Åstrand
f3b2b8b19c Make sure the gethostname() returned string is NUL terminated. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20929 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-05 21:19:22 +00:00
Love Hörnquist Åstrand
5e36b724c0 Use the return value before is overwritten by later calls. 
From Rafal Malinowski


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20755 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 23:01:27 +00:00
Love Hörnquist Åstrand
20618d2976 (gss_inquire_cred*): wrap the name with a spnego_name. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20619 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-08 13:43:45 +00:00
Love Hörnquist Åstrand
3583a32e50 Need to import spnego name before we can use it as a gss_name_t. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20364 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-17 13:30:21 +00:00
Love Hörnquist Åstrand
3c9d3266f4 try using gss_accept_sec_context() on the opportunistic token instead 
of guessing the acceptor name and do gss_acquire_cred, this make
SPNEGO work like before.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19435 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-19 12:10:35 +00:00
Love Hörnquist Åstrand
20e973fda2 Resurect negHints for the acceptor sends first packet. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19421 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 18:50:15 +00:00
Love Hörnquist Åstrand
a11517a4d9 Add "windows" versions of the NegTokenInitWin and friends. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19420 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 18:28:49 +00:00
Love Hörnquist Åstrand
6a8647e1c6 move _gss_spnego_indicate_mechtypelist() to compat.c, use the sequence 
types of MechTypeList, make add_mech_type() static.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19415 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 17:52:26 +00:00
Love Hörnquist Åstrand
acccf21ce2 move _gss_spnego_indicate_mechtypelist() to compat.c 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19414 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 17:51:13 +00:00
Love Hörnquist Åstrand
363515e856 check that the generated acceptor mechlist is acceptable too 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19411 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 15:42:03 +00:00
Love Hörnquist Åstrand
826acbd391 Abstract out the initiator filter function, it will be needed for the 
acceptor too.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-18 15:00:19 +00:00