oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,261 Commits 2 Branches 2 Tags
d116a78297a06fb865ae95d5496ae2c4de60f971
Commit Graph

26261 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jelmer Vernooij
36ade8b509 hx509: Make various functions used by Samba public. 
* hx509_cert_public_encrypt
* hx509_parse_private_key
* hx509_private_key_assign_rsa
* hx509_private_key_free
* hx509_private_key_private_decrypt
* hx509_private_key_init
* hx509_private_key2SPKI
* hx509_request_get_name
* hx509_request_get_SubjectPublicKeyInfo
* hx509_request_free
* hx509_request_init
* hx509_request_set_name
* hx509_request_set_SubjectPublicKeyInfo

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-02-23 19:47:28 -08:00
Andrew Bartlett
6ee82593ec heimdal Pass F_CANON down to the hdb layer for servers in AS-REP as well 
This fixes Win2003 domain logons against Samba4, which need a
canonicalised reply, and helpfully do set that flag.

Specifically, they need that realm in krbtgt/realm@realm that these
both match exactly in the reply.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Feb 17 06:40:53 CET 2011 on sn-devel-104

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-02-23 19:46:21 -08:00
Love Hornquist Astrand
1f59fe0edf move up internal framework to avoid using already installed frameworks 2011-02-12 09:49:35 -08:00
Love Hornquist Astrand
8704b871ff add enc-pa-rep(15) to ticket flags 2011-02-06 16:35:36 -08:00
Love Hornquist Astrand
2fb63b37e7 add KRB5_KU_AS_REQ 2011-02-06 16:35:10 -08:00
Love Hornquist Astrand
fb29123dfd add KRB5-PADATA-REQ-ENC-PA-REP 2011-02-06 16:28:48 -08:00
Love Hornquist Astrand
9c7c6eadd3 add Jaideep Padhye and sort 2011-02-02 21:38:02 -08:00
Love Hornquist Astrand
7e1ba19fda setup cfx context, found by Jaideep Padhye 2011-02-02 21:37:26 -08:00
Love Hornquist Astrand
b746f1ce34 add _kdc_db_fetch and _kdc_free_ent for digest-service 2011-01-30 12:12:30 -08:00
Andrew Tridgell
9e1d467534 s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY 
this e_data field in a kerberos error packet tells windows to do clock
skew recovery.

See [MS-KILE] 2.2.1 KERB-ERROR-DATA

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-30 11:26:31 -08:00
Matthieu Patou
8ce821c387 heimdal: make some private key manipulation function public 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-26 12:03:50 -08:00
Matthieu Patou
4c507594d3 heimdal: make hx509_cert_public_encrypt public 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-26 12:03:35 -08:00
Andrew Bartlett
995d305f8c lib/com_err only use error_message for the exported libcom_err 
This avoids using the same function name in compile_et internally

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-26 12:00:32 -08:00
Jelmer Vernooij
5ff461d0af kcc: Add explicitly link against LIB_readline. 
Fixes linking when using binutils-gold (used by e.g. Ubuntu natty).

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-25 17:52:53 -08:00
Love Hornquist Astrand
4be5db6a32 define GSS_IOV_BUFFER_FLAG_ALLOCATE and friends 2011-01-18 16:49:03 +01:00
Love Hornquist Astrand
49ca1a40fa export hx509_find_private_alg 2011-01-12 17:49:12 +01:00
Matthieu Patou
d083ae19af export hx509_private_key_ops 
export hx509_private_key_ops

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-12 17:45:17 +01:00
Luke Howard
4304e719a6 Add SPI for dynamically loading mechanism object information 2011-01-09 22:16:18 +11:00
Luke Howard
45cd381f53 Cleanup API-as-SPI compatibility layer 2011-01-09 22:05:27 +11:00
Luke Howard
f52d919a50 Fix incorrect argument order 2011-01-09 21:24:07 +11:00
Luke Howard
728fd7cad2 Merge branch 'master' of github.com:heimdal/heimdal 2011-01-05 15:49:15 +11:00
Luke Howard
21c5987018 Rename GSS_IOV_BUFFER_TYPE_FLAG to GSS_IOV_BUFFER_FLAG 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-03 13:22:57 +01:00
Luke Howard
0b4f6bbfc2 Use RTLD_GROUP 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-03 13:21:47 +01:00
Luke Howard
5b47a8816d MIT SASL/attribute introspection SPI compat 2011-01-03 22:51:51 +11:00
Luke Howard
95cabf578c Rename GSS_IOV_BUFFER_TYPE_FLAG to GSS_IOV_BUFFER_FLAG 2011-01-03 22:13:20 +11:00
Love Hornquist Astrand
9427bcc22e log more version numbers 2011-01-03 12:12:18 +01:00
Jelmer Vernooij
1ad64fe599 hdb.h: Include krb5.h first, so hdb.h can be included standalone. 
This makes it a bit easier to find libhdb in e.g. configure tests and
is consistent with the main header files for the other Heimdal
libraries, none of which has any prerequisite other headers.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-01-03 11:51:09 +01:00
Luke Howard
cace66a435 Add naming extension SPIs 2011-01-03 14:45:07 +11:00
Luke Howard
77121ec58c Use RTLD_GROUP 2011-01-03 14:05:47 +11:00
Luke Howard
098148ac20 MIT SPI compat 2011-01-02 20:30:57 +11:00
Jelmer Vernooij
1bc55fab42 Explicitly link against required libraries. 
This breaks on some newer systems which enable --as-needed by default.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-12-19 22:50:00 -08:00
Jelmer Vernooij
0c7e233195 base: Make heim_cmp global, as it is used by test_base. 
"make checK" breaks without this symbol.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-12-19 22:49:41 -08:00
Love Hornquist Astrand
fbf5673e77 add Donald Norwood, our wiki master 2010-12-19 22:46:43 -08:00
Love Hornquist Astrand
b2bca91672 no more tagged strings 2010-12-12 12:47:43 -08:00
Love Hornquist Astrand
25a79a1ba8 remove tag string 2010-12-12 12:29:09 -08:00
Love Hornquist Astrand
73769bf777 always define HEIM_SLIST 2010-12-12 11:47:45 -08:00
Love Hornquist Astrand
3c241aef9e don't undefined SLIST 2010-12-12 11:45:53 -08:00
Love Hornquist Astrand
7c7dd8e1af prefix SLIST with HEIM 2010-12-12 11:45:35 -08:00
Jeffrey Altman
7b1e954ad4 Reorder DES algs to work around MIT pre-1.8 GSS 
Pre-1.8 MIT GSS accept_sec_context() has a bug which treats
des-cbc-md4 as if the received token format should be CFX.
The previous DES alg ordering resulted in MIT KDCs issuing
des-cbc-md4 session keys for service tickets which triggered
this bug.  Reorder the list so md4 is not preferred.

Change-Id: I11269498a6eb8494044c618db29c43f62b0ced49
 2010-12-07 00:28:13 -05:00
Asanka C. Herath
b45dd13c44 Expand path tokens for krb5.moduli 2010-12-03 17:42:42 -05:00
Asanka C. Herath
e4d2d78a21 Condition roken's ssize_t definition for compatibility 
If SSIZE_T_DEFINED macro is defined, assume we already have ssize_t.
 2010-12-03 01:12:32 -05:00
Asanka C. Herath
e0e746b1ca Revert use of backslash as an escape for double quote in config strings 2010-12-03 01:12:31 -05:00
Asanka C. Herath
dd6d5a0e2c Windows: Build multiplatform installer 
When building the x64 installer, we can optionally include 32-bit
components as well.  This requires that the 32-bit build to be already
completed.  The resulting multiplatform installer will install
both sets of components.

This is enabled by the environment variable MULTIPLATFORM_INSTALLER.
 2010-12-03 01:12:30 -05:00
Asanka C. Herath
3f6b4c9fdd Windows: Include shim from thirdparty/MKShim directory 2010-12-02 13:19:21 -05:00
Asanka C. Herath
7ba01bda98 Deal with possibly non-const initializers 2010-12-02 01:18:03 -05:00
Asanka C. Herath
94aa4de1b9 Windows: Don't treat drive letters as keytab types 2010-12-02 01:18:03 -05:00
Asanka C. Herath
3e8172f9e3 Initialize allocated memory in any_resolve() 
Otherwise we might attempt to free an uninitialized pointer.
 2010-12-02 01:18:02 -05:00
Asanka C. Herath
361ae3b03d Windows: Annotate data GSSAPI exports 2010-12-02 01:18:01 -05:00
Asanka C. Herath
7b8f4a58d6 Windows: Build GSSAPI tests 2010-12-02 01:17:37 -05:00
Asanka C. Herath
acc27fd2bd Include <roken.h> before <gssapi.h> 2010-12-01 17:54:29 -05:00