oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
14,086 Commits 2 Branches 2 Tags
cce019aa2f21e3febdfd0540a35403be1ea9c05b
Commit Graph

53 Commits

Author SHA1 Message Date
Luke Howard
244ca04320 Remove GSS_C_EXPECTING_MECH_LIST_MIC_FLAG, it is no longer in rfc2478bis 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14584 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-02-21 08:48:15 +00:00
Luke Howard
1d02386069 don't call krb5_get_credentials() with 
KRB5_TC_MATCH_KEYTYPE, it can lead to the credentials cache
growing indefinitely as no key is found with KEYTYPE_NULL


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14583 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-02-21 08:44:25 +00:00
Love Hörnquist Åstrand
88562c0362 (spnego_reply): use _gss_spnego_require_mechlist_mic to figure out if 
we need to check MechListMIC; From: Luke Howard <lukeh@padl.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13694 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-07 14:24:58 +00:00
Love Hörnquist Åstrand
23e937a42a avoid the malloc loop and just allocate the propper amount of data 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13684 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 13:34:32 +00:00
Love Hörnquist Åstrand
b8af153f50 (spnego_initial): handle mech_token better 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13682 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-05 08:48:20 +00:00
Love Hörnquist Åstrand
fb53d3762e handle acceptor asserted subkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13519 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-14 16:31:02 +00:00
Love Hörnquist Åstrand
f96b2ccb60 (spnego_reply): make sure the length of the choice element doesn't 
overrun us


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13444 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-03-07 14:25:33 +00:00
Love Hörnquist Åstrand
2c1317d353 (init_auth): set sequence number when not requesting mutual auth 
From: Luke Howard <lukeh@PADL.COM>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12838 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-17 04:15:36 +00:00
Love Hörnquist Åstrand
b1576251e1 (spnego_initial): add #if 0 out version of the CHOICE branch encoding, 
also where here, free no longer used memory


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12818 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-10 20:49:11 +00:00
Love Hörnquist Åstrand
bb22f358b1 (spnego_initial): catch errors and return them 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12806 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-09 23:44:25 +00:00
Love Hörnquist Åstrand
c65c7ace38 (spnego_reply): SPNEGO doesn't include gss wrapping on 
SubsequentContextToken like the Kerberos 5 mech does. Lets check for
it anyway.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12801 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-09 10:40:12 +00:00
Love Hörnquist Åstrand
c94bb7e568 Add support for SPNEGO on the initator side. Tested with ldap server 
on a Windows 2000 DC. Implementation initially from Assar Westerlund,
passes though quite a lot of hands before I commited it.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12792 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-09 02:31:47 +00:00
Love Hörnquist Åstrand
c8cf8c9880 encap/decap now takes a oid 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12639 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-08-25 20:02:49 +00:00
Love Hörnquist Åstrand
32752ea144 (repl_mutual): don't set kerberos error where there was no kerberos error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12496 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-07-22 19:53:43 +00:00
Love Hörnquist Åstrand
532c716e88 remember to free data 
use sequence number verifier


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12365 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-06-17 03:58:43 +00:00
Love Hörnquist Åstrand
f6870509a7 (init_auth): if the cred is expired before we tries to create a token, 
fail so the peer doesn't need reject us
(*): make sure time is returned in seconds from now, not in kerberos time
(repl_mutual): remember to unlock the context mutex


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12345 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-06-03 15:22:58 +00:00
Love Hörnquist Åstrand
42f3fc029a - do some basic locking (no reference counting so contexts can be 
removed while still used)
- don't export gss_ctx_id_t_desc_struct and gss_cred_id_t_desc_struct
- make sure all lifetime are returned in seconds left until expired,
  not in unix epoch


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-05-21 14:52:14 +00:00
Love Hörnquist Åstrand
67c9487313 take care to set export value to something sane before we start so 
caller will have harmless values in them if then function fails


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11766 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-03-16 18:00:00 +00:00
Love Hörnquist Åstrand
c448764976 (do_delegation): remove unused variable subkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11669 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-02-27 20:18:12 +00:00
Love Hörnquist Åstrand
797b1db76b (init_auth): only generate one subkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11657 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-02-21 03:05:37 +00:00
Love Hörnquist Åstrand
cd32525e84 (init_auth): check if we need compat for older get_mic/verify_mic 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11622 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-01-27 14:07:56 +00:00
Johan Danielsson
14d8cdb894 check return value from gssapi_krb5_init 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11534 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-10-31 16:06:35 +00:00
Johan Danielsson
9ff457f2fd we need to generate a local subkey here 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11333 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-09-02 17:16:12 +00:00
Johan Danielsson
1473f2521c (init_auth): set AP_OPTS_USE_SUBKEY 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11326 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-09-02 15:37:16 +00:00
Assar Westerlund
28d9223040 (gssapi_krb5_verify_8003_checksum, gssapi_krb5_create_8003_checksum): make more consistent by always returning an gssapi error and setting minor status. update callers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10588 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-29 02:21:09 +00:00
Assar Westerlund
e129105771 handle minor_status more consistently 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10533 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-08-23 04:35:55 +00:00
Assar Westerlund
e55eee640b try to return the error string from krb5 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9902 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-11 09:16:47 +00:00
Assar Westerlund
11eeed3017 add missing setting of minor_status and failure checks 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9697 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-02-18 03:39:09 +00:00
Assar Westerlund
71a4b877eb indent 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9624 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-30 22:49:56 +00:00
Assar Westerlund
19543430ad add support for getting creds from a keytab, from fvdl@netbsd.org 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9591 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-30 00:49:05 +00:00
Assar Westerlund
c91daf6ab7 (init_auth): always zero fwd_data 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9312 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-12-08 05:04:37 +00:00
Assar Westerlund
8a61a90f12 (init_auth): update to new krb5_build_authenticator 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-11-15 21:14:30 +00:00
Assar Westerlund
dec76735f4 actually pay attention to `time_req' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9009 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-27 04:53:33 +00:00
Assar Westerlund
2662f930e7 re-organize. leak less memory. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9003 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-27 04:22:49 +00:00
Assar Westerlund
7d7194da08 code for token delegation. From Daniel Kouril <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8429 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-06-21 02:32:38 +00:00
Assar Westerlund
202c4d09e8 (init_auth): always initialize `output_token' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7677 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-26 18:31:36 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Assar Westerlund
6d59562dac (gss_init_sec_context): initialize `ticket' 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7004 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-09-21 05:10:13 +00:00
Assar Westerlund
e48065ffaa (init_sec_context): cosmetics 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6726 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-08-04 17:18:40 +00:00
Johan Danielsson
9bef97b773 set minor_status 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5857 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-04-07 12:09:50 +00:00
Assar Westerlund
30250940c5 (init_auth): remove unnecessary gssapi_krb5_init. ask for KEYTYPE_DES 
credentials


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5364 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-02-15 21:02:39 +00:00
Johan Danielsson
aaae186ab9 merge new-crypto branch 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5332 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-02-11 21:03:59 +00:00
Assar Westerlund
1650ccddc7 (repl_mutual): no output token 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4935 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-05-24 03:23:12 +00:00
Johan Danielsson
cf602d1267 Zero cred, and store session key properly in auth-context. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4652 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-03-23 22:43:50 +00:00
Assar Westerlund
e8bb38e6ba updated to new krb5 function prototypes 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4019 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-16 09:25:07 +00:00
Johan Danielsson
74dc9c65d3 Use krb5_auth_con_getkey. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3919 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-11 02:02:34 +00:00
Johan Danielsson
5a32a5c8e7 Add copyright notice. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 21:40:05 +00:00
Assar Westerlund
6307cf23ae set GSS_C_SEQUENCE_FLAG 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2281 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-14 11:43:52 +00:00
Assar Westerlund
74bc65b95b fix pointer bug 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2207 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-12 20:49:44 +00:00
Assar Westerlund
420b334bba adapt to krb5 changes 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1935 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-06-29 08:40:23 +00:00