oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,471 Commits 2 Branches 2 Tags
d6979fcc40e00fd6ddd393c724cd728349b86de8
Commit Graph

172 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
896bc81f54 Default to always print subject dn for pk-init authorization. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18874 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-24 17:51:33 +00:00
Love Hörnquist Åstrand
69883abf62 Prefix der primitives with der_. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18460 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-14 10:16:45 +00:00
Love Hörnquist Åstrand
ca35d60f1e (pk_mk_pa_reply_enckey): add missing break. From Olga Kornievskaia. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18427 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-12 20:00:25 +00:00
Love Hörnquist Åstrand
760f9f5bee Sign the request in the encKey case. 
Bug reported by Olga Kornievskaia of Umich.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18220 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-04 20:54:25 +00:00
Love Hörnquist Åstrand
615106f750 (_kdc_pk_check_client): make it not crash when there are no acl 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17831 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:37:58 +00:00
Love Hörnquist Åstrand
fea203a708 (_kdc_pk_check_client): use the acl in the kerberos database 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17830 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:32:45 +00:00
Love Hörnquist Åstrand
4c970b550e Avoid shadowing. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17579 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-13 21:22:55 +00:00
Love Hörnquist Åstrand
eeb100abe7 Don't call DH_check_pubkey, it doesn't exists in older OpenSSL. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17489 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-06 13:22:33 +00:00
Love Hörnquist Åstrand
044719a5bd (_kdc_pk_mk_pa_reply): send back ocsp response if it seems to be 
valid, simplfy the pkinit-windows DH case (it doesn't exists).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-02 14:04:34 +00:00
Love Hörnquist Åstrand
36b923f56a (_kdc_pk_check_client): reorganize and make log when a SAN matches. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17348 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-29 14:30:01 +00:00
Love Hörnquist Åstrand
61be59e8c7 make compile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:53:52 +00:00
Love Hörnquist Åstrand
459f0648f1 Add option [kdc]pki-allow-proxy-certificate=bool to allow using proxy certificate. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17287 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:42:48 +00:00
Love Hörnquist Åstrand
d7bc1efbc8 (_kdc_pk_check_client): Use hx509_cert_get_base_subject to get subject 
name of the certificate, needed for proxy certificates.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17285 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:36:22 +00:00
Love Hörnquist Åstrand
313fa917d5 Adapt to change in hx509_cms_create_signed_1. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-22 12:10:16 +00:00
Love Hörnquist Åstrand
1b73708904 (_kdc_pk_rd_padata): use hx509_cms_unwrap_ContentInfo. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17117 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 19:55:09 +00:00
Love Hörnquist Åstrand
2ad7b45365 Handle diffrences between libhcrypto and libcrypto. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17111 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 18:15:48 +00:00
Love Hörnquist Åstrand
6815452550 Added certificate revoke information from configuration file. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17054 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-12 13:21:46 +00:00
Love Hörnquist Åstrand
945efb8a96 Add pool of certificates to help certificate path building for clients 
sending incomplete path in the signedData.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16854 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-28 19:57:25 +00:00
Love Hörnquist Åstrand
cd6acf1200 Allow passing in related certificates used to build the chain. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16850 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-28 04:38:14 +00:00
Love Hörnquist Åstrand
56057ad91b (pk_mk_pa_reply_dh): encode the DH public key with asn1 wrapping 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16822 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 02:27:59 +00:00
Love Hörnquist Åstrand
b6350decc0 (_kdc_pk_check_client): More logging. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16821 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 02:15:12 +00:00
Love Hörnquist Åstrand
f024392e81 Switch to hx509. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-26 23:55:17 +00:00
Love Hörnquist Åstrand
5290184954 update to new paChecksum definition, use hdb_entry_ex 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16733 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-13 11:48:21 +00:00
Love Hörnquist Åstrand
3bfded2697 (get_dh_param): Pass down config so this function can check pkinit_dh_min_bits 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16210 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-21 17:14:19 +00:00
Love Hörnquist Åstrand
1ef128fbff Removing PK-INIT-19 support. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16141 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 11:00:05 +00:00
Love Hörnquist Åstrand
b1fffa7079 Save DH group name and print it on success. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16139 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 10:40:00 +00:00
Love Hörnquist Åstrand
776512783d Check dh group parameters from client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16137 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 08:57:51 +00:00
Love Hörnquist Åstrand
61b1ea80de The public DH key is encoded as an INTEGER in subjectPublicKey. 
Don't verify OID's for now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16098 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-25 15:18:14 +00:00
Love Hörnquist Åstrand
f498bc66ae Implement correct DH for -27, now working with client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16088 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-22 13:41:01 +00:00
Love Hörnquist Åstrand
28d0ef8d96 Move DH support from -19 to -27. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16086 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-21 00:40:32 +00:00
Love Hörnquist Åstrand
39b04f72d8 Support PK-INIT-27 DH (and remove -19) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16080 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 19:10:29 +00:00
Love Hörnquist Åstrand
aa0dc9b533 Switch over logging and comments to -27. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15923 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 09:21:40 +00:00
Love Hörnquist Åstrand
761074d9a4 (pk_mk_pa_reply_enckey): add missing break; 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15922 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 09:14:52 +00:00
Love Hörnquist Åstrand
9c7e1cc84a Make compile. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15920 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 08:58:10 +00:00
Love Hörnquist Åstrand
d8b8b146cc Fill in asChecksum, we now implements -27 in the KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15915 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 08:17:13 +00:00
Love Hörnquist Åstrand
7e8fdbc14d update to pkinit-27 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15760 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-26 18:37:02 +00:00
Love Hörnquist Åstrand
9af7efed48 prefix pkinit symbols with _kdc 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15544 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-01 15:37:24 +00:00
Love Hörnquist Åstrand
de92125f9d adapt pkinit code to libkdc split 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15540 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-07-01 04:42:59 +00:00
Love Hörnquist Åstrand
7a3fc5e663 Don't pollute namespace, generate public headerfile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15532 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:54:49 +00:00
Love Hörnquist Åstrand
7132a9b084 Merge in the libkdc/kdc configuration split from Andrew Bartlet <abartlet@samba.org> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15529 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:03:35 +00:00
Love Hörnquist Åstrand
10cedfe58e (pk_principal_from_X509): remember to free KRB5PrincipalName 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15365 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-11 00:42:20 +00:00
Love Hörnquist Åstrand
a3c6124483 handle pkinit-9, pkinit-19, and pkinit-25 enckey, still no DH 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15116 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-05-10 19:40:39 +00:00
Love Hörnquist Åstrand
2446dccfda pass a NULL prompter data to _krb5_pk_load_openssl_id 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15041 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-04-30 16:15:45 +00:00
Love Hörnquist Åstrand
01f52d48e6 use generated oid's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14628 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-09 15:49:23 +00:00
Love Hörnquist Åstrand
2b0b4dc044 update to the asn1 structures used in -25's 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14625 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-03-08 22:17:46 +00:00
Love Hörnquist Åstrand
9f52383628 match new error names 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-14 15:49:51 +00:00
Love Hörnquist Åstrand
4feb3c1abd use ETYPE_DES3_CBC_NONE_CMS 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14302 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-12 21:25:43 +00:00
Love Hörnquist Åstrand
1212f664ea free openssl engine 
deal with RecipientIdentifier -> CMSIdentifier and heim_any -> name change


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14293 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-06 22:37:46 +00:00
Love Hörnquist Åstrand
31b9ad59ba improve error logging 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14282 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 16:54:11 +00:00
Love Hörnquist Åstrand
15994aadba stop using AlgorithmIdentifierNonOpt 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14280 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-10-03 16:43:24 +00:00