Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						16b4ddcf14 
					 
					
						
						
							
							document gss_release_cred  
						
						
						
						
					 
					
						2009-09-06 12:18:14 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0d60a7d0ae 
					 
					
						
						
							
							implement gss-wrap-iov and friends  
						
						
						
						
					 
					
						2009-08-29 09:04:53 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						c81b66aa0c 
					 
					
						
						
							
							init gm_flags for dynamic modules  
						
						
						
						
					 
					
						2009-08-29 08:53:16 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						8f376895ae 
					 
					
						
						
							
							drop export symbol  
						
						
						
						
					 
					
						2009-08-29 08:51:00 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						2f1a370cd3 
					 
					
						
						
							
							hack for gss-wrap-iov to it work  
						
						... 
						
						
						
						Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-28 13:31:12 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						f030b4e59a 
					 
					
						
						
							
							free context  
						
						
						
						
					 
					
						2009-08-27 18:30:29 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						9a4e91b1de 
					 
					
						
						
							
							don't reset handle twice  
						
						
						
						
					 
					
						2009-08-27 18:30:28 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						74538fc2af 
					 
					
						
						
							
							Plug memory leak in prf function  
						
						
						
						
					 
					
						2009-08-27 18:30:28 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6c3f3fafa3 
					 
					
						
						
							
							Don't leak kerberos credentials when trying dns canon  
						
						
						
						
					 
					
						2009-08-27 18:30:28 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						45cfe3f971 
					 
					
						
						
							
							Fix server context client context order to match callee  
						
						
						
						
					 
					
						2009-08-27 18:30:28 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						1999c85670 
					 
					
						
						
							
							Make mech glue layer aware of composite mechs that uses mech glue layer credentials  
						
						... 
						
						
						
						This make it possible to use krb5/ntlm credentials with SPNEGO.
Needs some more work to avoid double fetching credentials. 
						
						
					 
					
						2009-08-27 12:12:44 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						32ee735d73 
					 
					
						
						
							
							drop RCSID  
						
						
						
						
					 
					
						2009-08-26 23:15:35 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						a2820df666 
					 
					
						
						
							
							spelling  
						
						
						
						
					 
					
						2009-08-26 22:53:38 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						d18cdee577 
					 
					
						
						
							
							don't reset EC  
						
						
						
						
					 
					
						2009-08-26 22:52:26 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ebb2e72c61 
					 
					
						
						
							
							make error message more unique  
						
						
						
						
					 
					
						2009-08-26 22:43:25 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						022e7d4319 
					 
					
						
						
							
							Return unwrapped delegated credentials if the actual mech is not the called mech  
						
						... 
						
						
						
						Assumes that pseudo mechs are are of how mechglue credentails look like and
return credentials like that.
Pointed out on krbdev by Nicolas Williams 
						
						
					 
					
						2009-08-26 22:32:50 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						559103b218 
					 
					
						
						
							
							if not trailer set, init EC to 0  
						
						
						
						
					 
					
						2009-08-26 21:40:07 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						03998aeccb 
					 
					
						
						
							
							gsskrb5: fix test_context. after gss_wrap_iov changes  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						40a6abd116 
					 
					
						
						
							
							gsskrb5: make the check for dcestyle and conf_req_flag == 0 more explicit  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						560cb0c132 
					 
					
						
						
							
							gsskrb5: fix ec and padding handling in _gssapi_unwrap_cfx_iov()  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						76f0fb9170 
					 
					
						
						
							
							gsskrb5: fix ec and padding handling in _gssapi_wrap_cfx_iov()  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						f286dd5d64 
					 
					
						
						
							
							gsskrb5: fix _gssapi_wrap_iov_length_cfx() - there's more than just krb5 overhead...  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						1a0423fd3d 
					 
					
						
						
							
							gsskrb5: make _gk_allocate_buffer() non static  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:38 -07:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						60725fd2f5 
					 
					
						
						
							
							gsskrb5: add _gk_verify_buffers()  
						
						... 
						
						
						
						metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-25 23:34:37 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						9ccc79c5b6 
					 
					
						
						
							
							Don't leak context if nsi_probe failes  
						
						... 
						
						
						
						Deduced from valgrind log produced by Markus Moeller 
						
						
					 
					
						2009-08-22 10:52:22 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6618ca5ffc 
					 
					
						
						
							
							switch to EVP_MD_CTX_create() and thus make smaller  
						
						
						
						
					 
					
						2009-08-21 07:22:49 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						56f90c5b19 
					 
					
						
						
							
							switch to EVP_MD_CTX_create() and thus make smaller  
						
						
						
						
					 
					
						2009-08-21 07:16:28 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						f465930be7 
					 
					
						
						
							
							switch to EVP_MD_CTX_create() and thus make smaller  
						
						
						
						
					 
					
						2009-08-21 07:16:19 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						dfd40e4403 
					 
					
						
						
							
							switch to EVP_MD_CTX_create() and thus make smaller  
						
						
						
						
					 
					
						2009-08-21 07:16:09 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						03cb3aa56b 
					 
					
						
						
							
							use EVP_MD_CTX_create  
						
						
						
						
					 
					
						2009-08-20 17:13:09 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						88d55a1d06 
					 
					
						
						
							
							Make compile for weak crypto global (HEIM_WEAK_CRYPTO) and use it for GSSAPI too  
						
						
						
						
					 
					
						2009-08-17 18:06:42 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						fc702a97f5 
					 
					
						
						
							
							switch to use EVP interface instead of old crypto interface  
						
						
						
						
					 
					
						2009-08-17 17:30:59 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						62433c844c 
					 
					
						
						
							
							switch to use EVP interface instead of old crypto interface  
						
						
						
						
					 
					
						2009-08-17 16:02:45 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						fcfa32b0b9 
					 
					
						
						
							
							Use constant time memcmp  
						
						
						
						
					 
					
						2009-08-17 12:04:51 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						42cec58cb4 
					 
					
						
						
							
							switch to use EVP interface instead of old crypto interface  
						
						
						
						
					 
					
						2009-08-17 11:43:24 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						dfd1edb54d 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:20:01 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ddb54ca483 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:16:13 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						13c3b9b1c6 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:15:31 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						639e93d436 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:14:24 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						3ef05891ee 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:13:04 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ddb8230917 
					 
					
						
						
							
							switch to use EVP interface instead of old MDX_ style interface  
						
						
						
						
					 
					
						2009-08-17 10:10:42 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6ac304d156 
					 
					
						
						
							
							Use min() instead of MIN()  
						
						
						
						
					 
					
						2009-08-14 20:05:36 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						07f0c8be5d 
					 
					
						
						
							
							Clean better  
						
						
						
						
					 
					
						2009-08-06 10:18:52 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						95993f222c 
					 
					
						
						
							
							Fix order of flags, passes regression test now  
						
						
						
						
					 
					
						2009-08-05 13:42:34 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0ede7ac561 
					 
					
						
						
							
							Pass down the use-dce-style flag instead of the while gssapi krb5 context  
						
						
						
						
					 
					
						2009-08-05 12:00:07 +02:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						ab9e5d13ec 
					 
					
						
						
							
							gsskrb5: try to be compatible with windows for gss_wrap* and cfx  
						
						... 
						
						
						
						The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.
metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-04 20:22:05 +02:00 
						 
				 
			
				
					
						
							
							
								Stefan Metzmacher 
							
						 
					 
					
						
						
							
						
						0297d047a4 
					 
					
						
						
							
							gsskrb5: add support for DCE_STYLE and des and des3 keys  
						
						... 
						
						
						
						Only the des keys are tested as windows doesn't support des3
metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org > 
						
						
					 
					
						2009-08-04 20:21:20 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						3cebc3767f 
					 
					
						
						
							
							add more test to test_acquire_cred that removes the need of test_init_creds.c  
						
						
						
						
					 
					
						2009-08-03 13:05:36 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						3608b815b4 
					 
					
						
						
							
							Don't bother checking usage of minor_status [CID-23]  
						
						
						
						
					 
					
						2009-07-30 14:01:57 +02:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						901bac07e8 
					 
					
						
						
							
							Don't need to look check *input_name twice [CID-27].  
						
						
						
						
					 
					
						2009-07-30 14:00:48 +02:00