oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,148 Commits 2 Branches 2 Tags
abad8d5700684dd95dc69b51f73cd418871e2259
Commit Graph

16371 Commits

Author SHA1 Message Date
Love Hornquist Astrand
ac22078116 add missing files 2013-06-05 20:01:11 -07:00
Love Hornquist Astrand
5201dadb62 argh, add missing \t 2013-06-04 01:03:32 -07:00
Love Hornquist Astrand
c696439942 fix up some more 2013-06-04 00:59:41 -07:00
Love Hornquist Astrand
a3f21747aa move to new plugin system 2013-06-04 00:16:55 -07:00
Love Hornquist Astrand
4e44171a28 cast away enum warnings 2013-06-03 22:05:09 -07:00
Love Hornquist Astrand
80fe143874 remove deprected warnings until we can move to non deprecated api 2013-06-03 22:03:20 -07:00
Love Hornquist Astrand
ebe9b82b8d Fix warning (from Victor) 2013-06-03 21:56:34 -07:00
Love Hornquist Astrand
4227e45a58 Merge branch 'nico/gss_constify' 2013-06-03 21:51:10 -07:00
Love Hornquist Astrand
060474df16 quel 64bit warnings, fixup implicit encoding for template, fix spelling 2013-06-03 21:46:20 -07:00
Love Hornquist Astrand
b301e47fb8 rename heim_serialize to heim_copy_serialize to follow create/copy/get semantics 2013-06-03 21:46:20 -07:00
Nicolas Williams
a53f3a49e2 Fix unused variable warnings 2013-06-02 15:52:41 -05:00
Nicolas Williams
774f166e31 First attempt s/\<const gss_.*_t/gss_const_.*_t/g 2013-06-02 15:30:58 -05:00
Viktor Dukhovni
2433496ea6 Simplify user_realm support by removing krb5_parse_name_flags_realm() 
and setting the realm as necessary in the caller.
 2013-05-16 23:15:00 -04:00
Viktor Dukhovni
203e2beedd The DIR ccache code and tests don't quite work yet. 2013-05-16 00:34:36 -04:00
Viktor Dukhovni
4ce879c938 Fix: double free 2013-05-16 00:34:24 -04:00
Viktor Dukhovni
4fcad71a3a Two new flags for krb5_parse_name_flags_realm(): 
- KRB5_PRINCIPAL_PARSE_IGNORE_REALM: MIT compatible

    - KRB5_PRINCIPAL_PARSE_NO_DEF_REALM: Don't default the realm

The first ignores the realm if present.

The second does not impute the default realm if no realm is given and
leaves the realm NULL.  This will be used in kinit to determine whether
the user provided a realm or not, and if not we may use the user_realm,
or find the realm via the keytab.
 2013-05-16 00:32:08 -04:00
Viktor Dukhovni
a2127d091d New krb5_parse_name_flags_realm supports explicit default realm. 
Set the realm argument to NULL to get the usual default realm.

The krb5_parse_name_flags() function is now a wrapper around
krb5_parse_name_flags_realm().
 2013-05-16 00:32:08 -04:00
Viktor Dukhovni
01fff2ca9c Allow krb5_principal_set_realm to set the realm to NULL. 2013-05-16 00:32:06 -04:00
Ben Kaduk
402e7ba08d Update URL for Kerberos FAQ 
Submitted by Trix Farrar <trix@basement.net> as FreeBSD PR 178417.
 2013-05-08 12:10:24 -04:00
Love Hornquist Astrand
b2ff260e15 klist --json support 2013-05-07 16:47:45 -07:00
Love Hornquist Astrand
ed6c3921e6 make krb5_cc_get_lifetime sane 2013-05-07 13:10:22 -07:00
Love Hornquist Astrand
55e5bfdfe0 add krb5_principal_is_root_krbtgt 2013-05-07 13:10:02 -07:00
Love Hornquist Astrand
71c2303eb8 make compile 2013-05-07 13:09:33 -07:00
Viktor Dukhovni
bf40b8cc63 Comment wordsmithing 2013-05-02 01:31:01 -04:00
Love Hornquist Astrand
bb089a75a9 undef rk_getpwnam_r to make sure we get the real prototype and not the rewrite #define 2013-05-01 14:00:31 -07:00
Love Hornquist Astrand
dfaedb7847 plug a memory leak, don't use strcpy/strcat 2013-05-01 13:55:21 -07:00
Patrik Lundin
0ff637618e add version print 2013-05-01 13:46:35 -07:00
Love Hornquist Astrand
c8cc2378f6 first go at dcc_get_cache_first 2013-04-30 11:01:12 -07:00
Love Hornquist Astrand
de61953108 handle creation of DIR caches 2013-04-29 22:54:11 -07:00
Love Hornquist Astrand
4256823e58 memset right size 2013-04-29 21:59:11 -07:00
Love Hornquist Astrand
a7e86affd8 add basic DIR support for file caches 2013-04-29 12:30:21 -07:00
Love Hornquist Astrand
e91bd34275 add rsa_keygen initializer 2013-04-29 12:03:42 -07:00
Love Hornquist Astrand
e8317b955f allow optional q in DH DomainParameters 2013-04-29 11:37:39 -07:00
Love Hornquist Astrand
617f4b7bd5 use the exteral delete sec context that will locked the mutex 2013-04-29 11:08:46 -07:00
Love Hornquist Astrand
5f29169afc check for strlcpy strlcat 2013-04-29 10:57:03 -07:00
Love Hornquist Astrand
bcbd477a20 support parsing PEM CRL files and printing revoke contexts 2013-04-27 12:42:12 -07:00
Harald Barth
3f52037382 Better error messages when UTF8 conversion fails 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-26 00:05:53 -07:00
Love Hornquist Astrand
124ab6957c plug memory leak 2013-04-24 20:17:01 -07:00
Love Hornquist Astrand
6f03e4ba76 plug memory leaks 2013-04-24 17:55:55 -07:00
Love Hornquist Astrand
6850c9ac5d type casting to avoid printf warning 2013-04-24 16:45:24 -07:00
Love Hornquist Astrand
6e5bfce2de use socket_set_nonblocking 2013-04-24 16:31:32 -07:00
Viktor Dukhovni
72f0690694 Temporary fix for high-priority iprop issues 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:29:34 -07:00
Viktor Dukhovni
435c02fa26 Compare pac timestamp to unix timestamp right when neither are set 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:28:26 -07:00
Viktor Dukhovni
eface6d31f Fix free before use in ipropd_master slaves-stats open function 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:27:34 -07:00
Viktor Dukhovni
9ca0a2b62f More consistent error checks in build_principal() 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:26:23 -07:00
Viktor Dukhovni
a825143e73 The k5login_directory parameter and SYSTEM-K5LOGIN[:directory] are supposed to be directories, not path templates with %{luser} substitution 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:25:59 -07:00
Viktor Dukhovni
5903031630 Don't SEGV on as-is rules without realm= 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:23:36 -07:00
Landon Fuller
6fb9bc86b7 Add a configuration option to enable LDAP Start TLS. 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:21:15 -07:00
Landon Fuller
96e9025675 Add support for specifying bind DN and password. 
This uses a seperate hdb-ldap-secret-file configuration value, which
specifies an external file that may be used to supply the LDAP bind dn
and password. This allows that specific file to be configured with more
restrictive permissions than the global krb5.conf.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:21:15 -07:00
Landon Fuller
8cb8a8932e Remove unnecessary strdup() (and resulting leak) 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:21:15 -07:00