oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
25,094 Commits 2 Branches 2 Tags
b0feb58f325ce8c5fb8ccc61cecc579e14f1fd1c
Commit Graph

25094 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Love Hornquist Astrand
678f9f9f07 [HEIMDAL-533] KDC sends TGS-REP encrypted in session key not authenticator 
From RFC 4120, page 35

   In preparing the authentication header, the client can select a sub-
   session key under which the response from the Kerberos server will be
   encrypted.  If the client selects a sub-session key, care must be
   taken to ensure the randomness of the selected sub-session key.

The client library alread handle this case.

Thanks to Sam Hartman to report this though Debian
 2009-10-11 08:46:53 -07:00
Love Hornquist Astrand
8e08aa0a15 Use krb5_free_keyblock() 2009-10-11 08:45:51 -07:00
Love Hornquist Astrand
2a369fc7fe Capture failures from krb5_cc_get_principal() 
Reported by Guillaume Rousse
 2009-10-08 08:19:05 -07:00
Love Hornquist Astrand
943123da3b enable DES when getting the afs credential 2009-10-07 09:39:19 -07:00
Love Hornquist Astrand
d3d9e5ecb5 free sp on error/full send 2009-10-06 11:19:27 -07:00
Love Hornquist Astrand
75210a985a spelling 2009-10-06 10:02:34 -07:00
Love Hornquist Astrand
4bab1141d8 syntax error, from Harald Barth 2009-10-06 09:36:18 -07:00
Love Hornquist Astrand
6d49d9feeb more text about TheseCells and ThisCell, from Harald Barth 2009-10-06 09:30:27 -07:00
Love Hornquist Astrand
77ecef0327 tell where kafs will search for files, from Harald Barth 2009-10-06 09:27:46 -07:00
Love Hornquist Astrand
62c061c79a Wordsmithing, from Harald Barth 2009-10-06 09:22:20 -07:00
Love Hornquist Astrand
fbbb1bd04c pre11 2009-10-06 07:46:34 -07:00
Love Hornquist Astrand
57b40643b9 use server name for referral decision 2009-10-06 07:38:29 -07:00
Love Hornquist Astrand
ceac2815bb Just use RAND_bytes() for generating random bytes 2009-10-06 06:00:24 -07:00
Love Hornquist Astrand
d934c249f9 count the manpages 2009-10-05 22:50:18 -07:00
Love Hornquist Astrand
ded5608c0b pick up configuration from the right spot 2009-10-05 22:48:03 -07:00
Love Hornquist Astrand
75a61b8842 krb5_build_authenticator is private 2009-10-05 22:09:23 -07:00
Love Hornquist Astrand
6d1d17efed don't canonicalize names that are short then 2 name element 
Since KDC will probably guess wrong on them, and doing
afs@CLIENT-REALM have too large change of actually working.
 2009-10-05 22:07:47 -07:00
Love Hornquist Astrand
4c5a79f21b add setup-env.in 2009-10-05 21:32:43 -07:00
Love Hornquist Astrand
8d381c8c34 add dependency for doxyout 2009-10-05 21:06:06 -07:00
Love Hornquist Astrand
cbb6bb5427 include doxyout in DIST_EXTRA 2009-10-05 20:57:34 -07:00
Love Hornquist Astrand
d7e7640d46 fix argumentin doxygen 2009-10-05 20:29:37 -07:00
Love Hornquist Astrand
bfa9f0b639 pre10 2009-10-05 20:12:34 -07:00
Love Hornquist Astrand
da91c5ed85 Fix tests 2009-10-05 20:11:49 -07:00
Love Hornquist Astrand
a132ffe757 Simplify krb5_build_authenticator and unexport 2009-10-05 19:52:28 -07:00
Love Hornquist Astrand
cc65dc4e8e Just make a copy of the cksum instead of trying to work around the 
fact that its not really copied.
 2009-10-05 19:25:46 -07:00
Love Hornquist Astrand
753e2cc925 Check that enctypes are valid/enabled before trying to request them 2009-10-05 19:17:11 -07:00
Love Hornquist Astrand
0d10dfb529 doxygen 2009-10-04 11:33:45 -07:00
Love Hornquist Astrand
b0f73165a7 use krb5_make_principal 2009-10-04 11:29:54 -07:00
Love Hornquist Astrand
9e13b309d9 use krb5_make_principal 2009-10-04 11:29:43 -07:00
Love Hornquist Astrand
ba8b14ebbc use krb5_make_principal 2009-10-04 11:29:29 -07:00
Love Hornquist Astrand
c7f51c8c5b use krb5_make_principal 2009-10-04 11:29:20 -07:00
Love Hornquist Astrand
393ea16776 use krb5_make_principal 2009-10-04 11:29:05 -07:00
Love Hornquist Astrand
0153270494 use krb5_make_principal 2009-10-04 11:28:54 -07:00
Love Hornquist Astrand
dc31556b7d use krb5_generate_subkey_extended 2009-10-04 11:12:43 -07:00
Love Hornquist Astrand
4f6759157b move krb5_generate_subkey to deprecated and provide doxygen 2009-10-04 11:02:44 -07:00
Love Hornquist Astrand
615820b0af move krb5_generate_subkey here and deprecate 2009-10-04 11:02:43 -07:00
Love Hornquist Astrand
2257ba3ea5 Anton Lundin 2009-10-03 13:34:16 -07:00
Love Hornquist Astrand
18d3895aad add Johan Gadsjö 2009-10-03 13:33:38 -07:00
Love Hornquist Astrand
ff87429593 Make LDAP code fetch less attributes from LDAP server when KDC is asking 
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
 2009-10-03 13:20:41 -07:00
Love Hornquist Astrand
6f857bc86d @subsection kafs and afslog 2009-10-03 12:26:17 -07:00
Love Hornquist Astrand
4b79b6fa57 remove unused variable 
Based on a report from Matthias Dieter Wallnöfer.
 2009-10-03 11:38:55 -07:00
Love Hornquist Astrand
175111efd7 Make renewstr const char * to avoid const warning 
Based on a report from Matthias Dieter Wallnöfer.
 2009-10-03 11:37:38 -07:00
Love Hornquist Astrand
7b999148f8 Rename str to oid in the function namespace to avoid -Wshadow warning 
Based on a report from Matthias Dieter Wallnöfer.
 2009-10-03 11:35:45 -07:00
Love Hornquist Astrand
ce0293b994 Rename f to ksf in the global function namespace to avoid -Wshadow warning 
Based on a report from Matthias Dieter Wallnöfer.
 2009-10-03 11:33:41 -07:00
Love Hornquist Astrand
64835d0836 Rename header to print_pem_stamp in the global namespace to avoid -Wshadow warning 
Based on a report from Matthias Dieter Wallnöfer.
 2009-10-03 11:24:03 -07:00
Matthias Dieter Wallnöfer
8457216616 heimdal kerberos - fix memory leak (free the plugin list always - not only in error cases) 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-10-03 11:13:09 -07:00
Love Hornquist Astrand
100c440153 Handle windows windows LH with interesting content info packets (broken) 2009-10-01 10:38:30 -07:00
Love Hornquist Astrand
7eac18abc3 verify that n0ll cert is broken 2009-09-30 01:20:38 -07:00
Love Hornquist Astrand
24f9a30864 reference to where cert comes from 2009-09-30 01:20:25 -07:00
Love Hornquist Astrand
824ac40a10 add data/n0ll.pem 2009-09-30 01:18:34 -07:00