oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,021 Commits 2 Branches 2 Tags
c3eb3341c2bc853ace83b56925fe667c72c47c19
Commit Graph

152 Commits

Author SHA1 Message Date
Jeffrey Altman
e8e9cd9710 krb5: Introduce KRB5_TKT_LIFETIME_DEFAULT 
Instead of hard coding 10 hours as the default ticket lifetime within
lib/krb5/init_cred_pw.c init_cred(), add a preprocessor macro,
KRB5_TKT_LIFETIME_DEFAULT, that can be overridden at build time.

The value of KRB5_TKT_LIFETIME_DEFAULT is 10 hours if not previously
defined.

Change-Id: I63e729fedee8e8c6f542e4a4665de5f40db34c03
 2015-04-16 20:40:21 -04:00
Nicolas Williams
487b6820f6 Revamp name canonicalization code 2015-03-24 11:49:58 -05:00
Jeffrey Altman
31a00d6647 ISPATHSEP and ISTILDE macros; Windows portability 
Windows treats '\\' and '/' equivalently but we cannot control
the form that will be used by end users.  Introduce ISPATHSEP()
macro which tests only for '/' on UNIX and both on Windows.
Introduce ISTILDE() macro to test for '~'.   When testing for
'/' with strchr() or strrchr() add conditional checks for '\\' on
Windows.

Change-Id: Ia85e698fc88f15a6a71db649db5417f02ef7e5fe
 2013-09-10 22:31:38 -04:00
Love Hornquist Astrand
f396f66523 add [libdefaults]fcache_strict_checking to gate the strict checking, defaults to on 2013-07-11 21:17:49 +02:00
Love Hornquist Astrand
a7e86affd8 add basic DIR support for file caches 2013-04-29 12:30:21 -07:00
Love Hornquist Astrand
58ff480763 rewrite send to kdc to be more agressive, try kdcs in paralell and easier to configure behavior 2013-02-10 19:02:52 -08:00
Roland C. Dowdeswell
3a30f3b0d1 Windows doesn't support poll(2) or fcntl(2) so #ifdef it out in send_to_kdc.c. 2012-08-14 22:50:33 +01:00
Roland C. Dowdeswell
842ca62336 Ensure that timeouts apply to TCP socket connexions. 
Currently the Heimdal code calls connect(2) on TCP connexions to
the KDC without setting O_NONBLOCK.  This code implements a
timed_connect() function which will in the case of SOCK_STREAM
sockets put the socket into non-blocking mode prior to calling
connect and use select(2) to apply the configured timeout to connect
completion.  This does not entirely solve the problem of potential
timeouts in the code as it is still possible to block while writing
to the socket.  A proper implementation would also likely start
new connexions after a short interval before timing out existing
connexions and return the results from the first KDC which successfully
responds but we did not do that yet.

This patch is from heimdal-1-5-branch patches:

	5b55e4429caed27b32aac4bc5930f2672a43f273
	6b66321b271ee4672e70ad349ec796dd755cf897
	2e12c7f3e8dca7e1696ebd92199617ce413565e7

Squashed together along with a quick shadowed variable warning fix
to allow it to compile with --enable-developer.
 2012-07-12 01:00:23 +01:00
Love Hornquist Astrand
0b02f05a19 error_buf is gone 2011-09-25 17:49:06 +02:00
Nicolas Williams
a7a8a7e95c Initial patch to add as-use-strongest-session-key and same for tgs krb5.conf parameters for the KDC. These control the session key enctype selection algorithm for the AS and TGS respectively: if TRUE then they prefer the strongest enctype supported by the client, the KDC and the target principal, else they prefer the first enctype fromt he client's list that is also supported by the KDC and the target principal. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Love Hornquist Astrand
e4580fe4cc add glue for krb5_einval 2011-05-18 22:00:37 -07:00
Asanka C. Herath
5b91a397f8 Increase KBR5_BUFSIZ to 2048 and use it in config_file.c 2010-11-24 15:33:19 -05:00
Asanka C. Herath
d3582b56c6 Define and use a path separator string 
A colon can't be used to separate paths on Windows since they are used
in drive sepecification.  Define a macro that can be used as a path
separator string.  On Windows, this is defined as ";".  It is a ":"
everywhere else.
 2010-11-24 15:32:56 -05:00
Simon Wilkinson
1d9072f026 krb5: reorganise crypto.c 
lib/krb5/crypto.c was a large, monolithic block of code which made
it very difficult to selectively enable and disable particular
alogrithms.

Reorganise crypto.c into individual files for each encryption and
salt time, and place the structures which tie everything together
into their own file (crypto-algs.c)

Add a non-installed library (librfc3961) and test program
(test_rfc3961) which builds a minimal rfc3961 crypto library, and
checks that it is usable.
 2010-11-03 11:12:24 +00:00
Love Hornquist Astrand
edc1c3e2a1 add heimbase.h 2010-10-27 20:43:15 -07:00
Love Hornquist Astrand
d893207413 add check-rd-req-server 2010-09-01 21:56:17 -07:00
Love Hornquist Astrand
687db64c56 Patch from Secure Endpoints/Asanka Herath for windows support 2009-12-21 08:45:28 +01:00
Love Hornquist Astrand
34cbe76fdc include <com_err.h> for com_right_r 2009-11-22 07:34:59 -08:00
Love Hornquist Astrand
28c9deebf1 edd extra flags 2009-11-22 00:14:57 -08:00
Love Hornquist Astrand
23d05643e1 Include <com_err.h> 2009-11-03 23:59:46 -08:00
Love Hornquist Astrand
1e65f30a2d drop hx509_context in krb5_id 2009-09-29 13:13:51 -07:00
Love Hornquist Astrand
1ac50627e6 add forward decl for hx509_certs_data 2009-09-29 11:29:20 -07:00
Love Hornquist Astrand
61cc35b83b include hx509_context in krb5_context 2009-09-29 09:23:37 -07:00
Love Hornquist Astrand
878eb853df Add debug_dest member 2009-09-07 20:38:29 -07:00
Love Hornquist Astrand
9f9783464c Don't make krb5_ccache point into krb5_context allocated memory 
Don't make a copy of the krb5_cc_ops into krb5_context and hand that
out to callers of the api, this way its possible to free a krb5_context
w/o invalidating all krb5_ccaches that was allocated using that krb5_context
(also, it saves memory)
 2009-09-01 12:22:16 -07:00
Love Hörnquist Åstrand
ab2a36de97 Add KRB5_CTX_F_HOMEDIR_ACCESS. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24937 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-25 15:36:03 +00:00
Love Hörnquist Åstrand
953fc83a9e add selected cert 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24708 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-14 20:14:45 +00:00
Love Hörnquist Åstrand
3767202e6e drop RCSID 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24359 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:31:10 +00:00
Love Hörnquist Åstrand
744ddd3a04 add krb5_gic_process_last_req 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-11 21:46:06 +00:00
Love Hörnquist Åstrand
49c15486ef remove krb_error from init_creds_opt 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24216 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-18 05:01:05 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
48fdb5cb1b fix ifdef 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23746 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:11:09 +00:00
Love Hörnquist Åstrand
08686d1b69 glue for bindtextdomain 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23743 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:10:09 +00:00
Love Hörnquist Åstrand
02a6a32f82 Make i18n support compile. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23739 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:08:43 +00:00
Love Hörnquist Åstrand
1c4c9c7f55 toggle on HAVE_LIBINTL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23736 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:07:53 +00:00
Love Hörnquist Åstrand
4f023f744b provide i18n hooks and renew krb5_create_checksum_iov from comments from metze 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23733 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:06:34 +00:00
Love Hörnquist Åstrand
fd7caae377 define HC_DEPRECATED_CRYPTO 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23613 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-17 15:57:05 +00:00
Love Hörnquist Åstrand
4384fb0209 use SOCK_CLOEXEC 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23517 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 10:01:38 +00:00
Love Hörnquist Åstrand
7b5981996c sprinle O_CLOEXEC, from Andrew Bartlett 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23474 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-07-28 08:49:43 +00:00
Love Hörnquist Åstrand
05df27d04d Drop support for reading kerberos 4 srvtab 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23324 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-26 03:54:45 +00:00
Love Hörnquist Åstrand
4a3e5bf152 Remove error_buf, add error_code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23272 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 03:24:46 +00:00
Love Hörnquist Åstrand
79df2904b3 Add <wind.h> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23238 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-01 22:26:43 +00:00
Love Hörnquist Åstrand
7b1fad970e add AlgorithmIdentifier for glue. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22944 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-04-10 06:26:55 +00:00
Love Hörnquist Åstrand
b07aeaac64 Name the pkinit type enum. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22914 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-04-08 08:16:56 +00:00
Love Hörnquist Åstrand
a5301b2daa Include pkinit and include add krb5_pk_identity. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22910 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-04-08 08:16:40 +00:00
Love Hörnquist Åstrand
20b3e07a73 Add flag EXTRACT_TICKET_AS_REQ. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22764 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:09:06 +00:00
Love Hörnquist Åstrand
b59d7eeece Replace the dns flag with a flag field and use that. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22226 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-08 21:31:53 +00:00
Love Hörnquist Åstrand
068fc5ff83 (krb5_context_data): Flag if default_cc_name was set by the user. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22126 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-04 00:53:59 +00:00
Love Hörnquist Åstrand
0d124a5725 Add KRB5_DEFAULT_CCNAME_KCM, redefine KRB5_DEFAULT_CCNAME to KRB5_DEFAULT_CCTYPE 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22105 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-03 17:20:06 +00:00