b32651c830
SHA512 support
2010-09-29 23:41:15 -07:00
5fc132d888
add _der_gmtime, use and test it
2010-09-29 13:32:39 -07:00
f454f45fbf
If the hostname contains a dot, assumes it's a FQAN and don't use
...
search domains since that might be painfully slow when machine is
disconnected from that network.
Found by Tridge
2010-09-28 22:37:01 -07:00
5410614330
free more bn that was allocated
2010-09-28 22:12:20 -07:00
97d939d9af
don't allocate n twice, indent
2010-09-28 22:08:00 -07:00
76266ab5ac
s4:heimdal Create a new PAC when impersonating a user with S4U2Self
...
If we don't do this, the PAC is given for the machine accout, not the
account being impersonated.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-26 15:15:18 -07:00
035106be97
s4-krb5: Fix typos in comment.
...
Karolin
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-26 15:12:09 -07:00
0e128912af
s4:heimdal Add hooks to check with the DB before we allow s4u2self
...
This allows us to resolve multiple forms of a name, allowing for
example machine$@REALM to get an S4U2Self ticket for
host/machine@REALM.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-26 15:11:05 -07:00
77a6204452
s4-heimdal: Fix typo in comment.
...
Karolin
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-26 15:08:28 -07:00
260e19ac09
s4-heimdal: Fix typo in comment.
...
Karolin
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-26 15:06:58 -07:00
07e7cdd4f0
Support PADDING_NONE for encryption too
2010-09-23 11:11:00 -07:00
74e46d59c1
add back hx509_crypto_allow_weak
2010-09-22 15:00:13 -07:00
6f328a9194
add padding support via hx509_crypto_set_padding
2010-09-22 14:41:17 -07:00
2f9f212980
remove unused header file
2010-09-19 01:47:32 -07:00
686f2abe61
x
2010-09-19 01:14:07 -07:00
b5bc5c1d84
add PTHREAD_LIBADD
2010-09-19 00:55:36 -07:00
84f6409923
Move to a plugin cache, contributed from Secure Endpoints
2010-09-18 23:37:06 -07:00
cad554ad3d
Generalize MSLSA ccache type to a plug-in based ccache type
2010-09-18 23:50:38 -04:00
a4be8fcd7e
Windows: Add missing export for libhcrypto-exports.def
2010-09-18 23:41:53 -04:00
fea391eb96
remove prefix zeros
2010-09-18 14:45:33 -07:00
8668bfaefc
less brokenness
2010-09-18 11:55:59 -07:00
8de6bccd50
add validate.obj
2010-09-18 11:33:09 -07:00
75df9577e7
Uses unsigned ints for lengths
...
EVP_BytesToKey uses min() on a mixture of signed and unsigned
paramters. To avoid compiler warnings, use unsigned int for all
of the iv and key lengths in this function.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-18 11:30:06 -07:00
9907781fa3
make address a full adress
2010-09-18 11:26:09 -07:00
057f139f6a
Fix to build on aix.
...
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-17 12:21:58 -07:00
61bfc2997b
Fix testing when compiled with --disable-afs-support
...
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-17 12:21:39 -07:00
4328f3980f
make addresses not use compression in the middle since diffrent
...
inet_ntop have diffrent way to format them
2010-09-17 12:20:29 -07:00
eac56da073
Rename struct to not clash with aix header sys/proc.h
...
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-16 22:47:27 -07:00
46a4a64dfe
ifdef away code to be able to build with --disable-krb4
...
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-16 22:47:14 -07:00
0bfd697f62
use krb5_unparse_name instead of krb5_unparse_name_short since that doesnt fail. From Zdenek Hatas
2010-09-16 20:59:35 -07:00
cf925c82b8
typecase to avoid warning
2010-09-15 22:47:52 -07:00
6a57e6a784
make test pass
2010-09-15 21:57:48 -07:00
bf208183dc
add version-script.map to distributed files
...
Signed-off-by: Guillaume Rousse <Guillaume.Rousse@inria.fr >
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-15 20:06:24 -07:00
d82410ea88
add header files for libtommath
2010-09-15 12:06:16 -07:00
736a08059a
spelling
2010-09-14 10:44:33 -07:00
d28ec4ba61
Don't typedef u8, u16, u32 in rijndael-alg-fast.c
...
Some kernels define u8, u16 and u32 in their standard headers.
Redefining these symbols in hcrypto's own code prevents that code
from compiling on those kernels.
Instead, just replace all occurrences of u8, u16 and u32 with the
symbols that uint8_t, uint16_t and uint32_t that they were being
typedef'd as, anyway.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2010-09-14 10:26:14 -07:00
8a5d3ca959
Rename current to SHA1current
...
Some kernels define 'current' as a #define. This causes chaos when
we try to build sha.c. So, rename current as 'SHA1current', and avoid
the insanity.
2010-09-14 10:24:43 -07:00
64a2e57029
add arguments to rk_rename to move it into the macro/function namespace
2010-09-14 10:18:08 -07:00
d05098b950
New drop with windows code from Secure Endpoints/Asanka
2010-09-14 10:08:03 -07:00
a37554cc27
clean better
2010-09-14 09:29:40 -07:00
ad0c3839b5
clean better
2010-09-14 09:29:35 -07:00
50ea273b5f
clean better
2010-09-14 09:29:29 -07:00
079cbf7a1a
Windows: Build the SDK
2010-09-14 08:04:20 -04:00
8232a8dc4c
Windows: packages/windows/sdk
...
The Makefile in this directory pulls in the SDK into a separate directory tree.
2010-09-14 08:04:19 -04:00
b3797f428b
Add krb5_c_random_make_octets() to mit_glue.c
2010-09-14 08:04:19 -04:00
80599fcd94
Define KRB5_TC_OPENCLOSE and KRB5_TC_NOTICKET in krb5.h
2010-09-14 08:04:18 -04:00
e447009d1b
Add krb5_free_default_realm() to MIT glue
2010-09-14 08:04:18 -04:00
d4a80084f1
Don't return a freed pointer in allocate_ccache()
2010-09-14 08:04:17 -04:00
fa4021698e
Handle Windows pathnames properly in krb5_cc_resolve()
...
On Windows, a pathname can contain a drive letter and a colon.
krb5_cc_resolve() used to check whether there were any colons in the
ccache name string and assume it is a FILE: cache if there weren't.
In addition, on Windows, check for a drive specification.
2010-09-14 08:04:17 -04:00
91bfec3059
Windows: Enable weak crypto by default
2010-09-14 08:04:16 -04:00
Love Hornquist Astrand