oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
24,859 Commits 2 Branches 2 Tags
aa292cd80b3c196041b06754df71eaea9b51c5c7
Commit Graph

14193 Commits

Author SHA1 Message Date
Andrew Bartlett
a4287ff403 Include roken.h to fix build of example_evp_cipher test on Linux 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-04 20:19:44 +02:00
Andrew Bartlett
f8c121b282 Add support for user principal names in certificates [HEIMDAL-602] 
This extends the PKINIT code in Heimdal to ask the HDB layer if the
User Principal Name name in the certificate is an alias (perhaps just
by case change) of the name given in the AS-REQ.  (This was a TODO in
the Heimdal KDC)

The testsuite is extended to test this behaviour, and the other PKINIT
certficate (using the standard method to specify a principal name in a
certificate) is updated to use a Administrator (not administrator).
(This fixes the kinit test).
 2009-08-04 09:34:58 +02:00
Love Hornquist Astrand
147184381e Check for NUL in the middle of the string 2009-08-04 00:57:35 +02:00
Love Hornquist Astrand
3cebc3767f add more test to test_acquire_cred that removes the need of test_init_creds.c 2009-08-03 13:05:36 +02:00
Love Hornquist Astrand
e6c2a70678 Indent some more 2009-08-03 12:10:07 +02:00
Love Hornquist Astrand
b2129c0751 Indent the patch from Andrew and make it compile again 2009-08-03 10:54:44 +02:00
Love Hornquist Astrand
ada7c73176 Indent the patch from Andrew and make it compile again 2009-08-03 10:50:50 +02:00
Love Hornquist Astrand
788480d28a heimdal Extend the 'hdb as a keytab' code [HEIMDAL-600] 
This extends the hdb_keytab code to allow enumeration of all the keys.

The plan is to allow ktutil's copy command to copy from Samba4's
hdb_samba4 into a file-based keytab used in wireshark.

From Andrew Bartlett
 2009-08-03 10:43:22 +02:00
Love Hornquist Astrand
ff89a727d4 Fix bounced condition 2009-07-30 19:19:35 +02:00
Love Hornquist Astrand
4d200dd2d5 Clean the list in a simpler way 2009-07-30 18:56:23 +02:00
Love Hornquist Astrand
ae58266705 More doxygen. 2009-07-30 15:36:25 +02:00
Love Hornquist Astrand
11024751a5 make compile 2009-07-30 14:25:12 +02:00
Love Hornquist Astrand
3608b815b4 Don't bother checking usage of minor_status [CID-23] 2009-07-30 14:01:57 +02:00
Love Hornquist Astrand
901bac07e8 Don't need to look check *input_name twice [CID-27]. 2009-07-30 14:00:48 +02:00
Love Hornquist Astrand
08256017e4 Don't dereference input_name [CID-27]. 2009-07-30 13:59:42 +02:00
Love Hornquist Astrand
0f5f5947aa make sure client is set before trying to use it [CID-50] 2009-07-30 13:20:00 +02:00
Love Hornquist Astrand
7d8d09f3c0 make compile 2009-07-30 12:56:54 +02:00
Love Hornquist Astrand
e184e053dd Catch memory allocation failures [CID-61] 2009-07-30 12:56:21 +02:00
Love Hornquist Astrand
a5b015ab7e Make sure av is freed if its allocated [CID-73] 2009-07-30 12:40:13 +02:00
Love Hornquist Astrand
25b0f731ab Better handling of memory allocation failure [CID-77] 2009-07-30 12:27:19 +02:00
Love Hornquist Astrand
dc95a7983d Release ticket on failure [CID-96] 2009-07-30 11:59:15 +02:00
Love Hornquist Astrand
c961189f95 Remove dead code [CID-10] 2009-07-30 10:55:06 +02:00
Love Hornquist Astrand
0d49d0f1c4 Free ticket earlier [CID-108] 2009-07-30 10:39:52 +02:00
Love Hornquist Astrand
c8b05eef61 (base64_encode): bound input length to /4 of max int and positive 2009-07-30 10:36:39 +02:00
Love Hornquist Astrand
5373d3a869 Allow parsing of cert fail unless HX509_CERTS_UNPROTECT_ALL is set. 2009-07-30 10:20:04 +02:00
Love Hornquist Astrand
1bdf51f26f (strpoolcollect): allow p == NULL, return the empty string (allocated) 2009-07-30 10:08:48 +02:00
Love Hornquist Astrand
0da57a49d7 Make cgetstr() not return allocated memory on failure [CID-170] 2009-07-30 10:04:44 +02:00
Love Hornquist Astrand
90ed2b6790 Check result of calloc [CID-181] 2009-07-30 09:44:44 +02:00
Love Hornquist Astrand
3f802d359f Use right variable [CID-181] 2009-07-30 09:41:42 +02:00
Love Hornquist Astrand
e1ecb6f7a6 Catch uninited variable [CID-182] 2009-07-30 09:40:05 +02:00
Love Hornquist Astrand
ca6e428093 check that we don't pass negative numbers of memset [CID-169] 2009-07-30 07:53:58 +02:00
Love Hornquist Astrand
896391a56b Double free of sp on empty list of creds [CID-183] 2009-07-30 07:46:37 +02:00
Love Hornquist Astrand
a1964f4747 use after free [CID-184] [CID-185] 2009-07-30 07:38:24 +02:00
Love Hornquist Astrand
9581e59bde FORWARD_NULL fixes [CID-163] and friends 2009-07-30 07:36:03 +02:00
Love Hornquist Astrand
b9644d7060 Test on wrong variable 2009-07-30 07:30:27 +02:00
Love Hornquist Astrand
b1dc4dc97e (_hx509_Name_to_string): free memory on failure (that should not happen) [CID 176] 2009-07-30 07:25:36 +02:00
Love Hornquist Astrand
4e516cec33 Pruned to aggressivly 2009-07-29 23:14:44 +02:00
Love Hornquist Astrand
2e1ebf8598 add export/import cred 2009-07-29 23:12:16 +02:00
Love Hornquist Astrand
9b710bed81 store is never read again 2009-07-29 22:37:58 +02:00
Love Hornquist Astrand
fa502c6648 Add support for gss_{import,export}_cred() as requested by metze 
Works for krb5 and SPNEGO mechanisms. Kerberos credentials are passed as
credential cache names, or if there are memory based credentials, inband in the protocol. This means that the credentials buffers must be keep secret.

As documented by IBM (they have the wrong prototype though)
and GGF (GSS-API Extensions) back in 2001
 2009-07-29 13:36:02 +02:00
Love Hornquist Astrand
e5c42ba42f rename krb5_storage_from_emem in documentation 2009-07-28 17:51:53 +02:00
Love Hornquist Astrand
565236c603 Add store-cred to the dispatch table 2009-07-28 09:50:05 +02:00
Love Hornquist Astrand
c140f0255c Implement core of _gsskrb5_store_cred() 2009-07-27 09:42:46 +02:00
Love Hornquist Astrand
de0ae78c4e Remove dlfcn implementation for AIX since nowadays AIX have dlopen() 
Also drop license and copyright statement
 2009-07-24 04:25:39 +02:00
Love Hornquist Astrand
1dd94e44ba Switch to macros for c++ extern "C" to please editors that want to autoindent 2009-07-23 19:27:34 +02:00
Love Hornquist Astrand
6d9354edf7 x 2009-07-21 10:29:53 -07:00
Love Hornquist Astrand
ebb3dd62c0 See README.dlfcn for license 2009-07-21 10:29:44 -07:00
Love Hornquist Astrand
7e4854250e Actually register new plugins and plug a related memory leak 2009-07-19 21:23:56 -07:00
Love Hornquist Astrand
311ce98d85 (hdb_sqlite_rename): make rename work when there is a prefix 2009-07-19 18:42:02 -07:00
Love Hornquist Astrand
bd073cfd72 Limit maxinum retries of BUSY/BLOCK/LOCKED operations to MAX_RETRIES (default 10) 2009-07-19 18:01:51 -07:00