oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,052 Commits 2 Branches 2 Tags
d769eced7bb14e8f0b9bb55d937863e820ae134c
Commit Graph

27052 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Love Hörnquist Åstrand
c4721dd1d0 add basic support for pkinit 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
503266c4a3 use json to drive kdc-tester 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
354ef711f3 restructure 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
1d7c483db2 use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
3b38640e4b quoted string tests 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
5a744a9ca6 add heim_string_create_with_bytes 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
6ace66345b use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
40b0d518af use get and set, add json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
58ea7f5b0c use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
9bb4b5aec8 basic handing of quoted strings 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
6a6bb430e7 test test_base 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
a56e097ae4 include json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
3d1dbbfbc0 test json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
43ac50913b handle quotes 2011-11-21 20:34:35 -08:00
Love Hornquist Astrand
8a0e0f9472 do m-r on more then one prime 2011-11-21 20:33:53 -08:00
Love Hörnquist Åstrand
376181632b handle &&, from Jaideep Padhye 2011-11-20 09:55:15 -08:00
Love Hörnquist Åstrand
660d996dbf set compile-et to no if its not found, try to not use it 2011-11-20 09:55:15 -08:00
Love Hornquist Astrand
3489110db0 fixup rule for krb5-hdb-mitdb.conf 2011-11-19 10:57:51 -08:00
Stefan Metzmacher
7ecbac23f6 lib/krb5: add utf8 support to build_logon_name() for the PAC 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
55d66f2aff lib/wind: export wind_ucs2write() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
805304d3f8 lib/winbd: fix wind_ucs2write with WIND_RW_LE 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Stefan Metzmacher
dcd34e5967 lib/wind: fix wind_ucs4utf8() and wind_ucs2utf8() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Nicolas Williams
124eccf014 Make this work with kvno 0 and no kvno 2011-11-15 21:53:34 -06:00
Nicolas Williams
38f726d8b4 Fix bug in key rollover code in TGS, make check-kdc test what we can 
We can't test the key rollover support in the TGS in the x-realm
    path using just Heimdal because the krb5_get_creds() path will try a
    referral, which will produce a cross-realm TGT that has the
    enc_part.kvno set.  But we can test this for the plain TGT case.
 2011-11-15 21:53:34 -06:00
Nicolas Williams
349609ed20 Initial test of x-realm TGT w/ kvno 0 and key rollover 
NOTE: The test runs and succeeds, but the client seems to be getting
	  a new x-realm TGT after we set the kvno to 0 or remove the
	  kvno from the tickets.  This means we're not really testing
	  the TGS paths!  So this test is not yet ready.
 2011-11-15 21:53:34 -06:00
Nicolas Williams
c9609cdb37 Initial patch for dealing with AD x-realm key rollover 
AD issues x-realm TGTs with kvno 0.  On key x-realm trust key change
    we need to be able to try current and previous keys for trust, else
    we will have some failures.
 2011-11-15 21:53:33 -06:00
Love Hörnquist Åstrand
b26fc106de fix typo, from Robert Simmons 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
0ae0dcba85 database is in srcdir 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
1a562410c9 dup of ok for the fast cookie 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
01ddeee37f use heim_verbose 2011-11-13 10:01:40 -08:00
Love Hörnquist Åstrand
d576ee3866 add glue for silent-rules 2011-11-13 10:01:40 -08:00
Love Hornquist Astrand
84caf5bbd8 jgssapi_server is a java file 2011-11-09 08:04:52 -08:00
Nicolas Williams
0e852b330f Make sure we always allow weak enctypes in MIT HDB test 
Also, we still try to create the version key in the MIT HDB, so we
    might as well update the test DB to have the version key already
    there.  (But really, we should just never write to the MIT HDB.)
 2011-11-09 00:59:51 -06:00
Nicolas Williams
19b6c47f72 Handle 1DES enctype similarity in MIT HDB 
We have some cross-realm principals in an MIT KDB with one kind of
    1DES enctype, but the other realm's KDCs issue x-realm TGTs where
    the ticket encpart key enctype is a different 1DES enctype.  We need
    this to work if we use Heimdal with the MIT HDB backend.

    An alternative would be to check for similar (or, rather,
    compatible) enctypes in the KDC (and elsewhere?).  This patch avoids
    the need to make such ugly changes elsewhere.
 2011-11-09 00:59:15 -06:00
Nicolas Williams
8586d9f88e Fix enctype selection issues for PAC and other authz-data signatures 
We were using the enctype from the PA-TGS-REQ's AP-REQ's Ticket to
    decide what key from the service's realm's krbtgt principal to use.
    This breaks when: a) we're doing cross-realm, b) the service's
    realm's krbtgt principal doesn't have keys for the enctype used in
    the cross-realm TGT.

    The fix is to pick the correct key (strongest or first, per-config)
    from the service's realm's krbtgt principal.
 2011-11-09 00:32:38 -06:00
Nicolas Williams
40a7d4b62f More fixes for -Werror (GCC 4.6 catches more stuff) 2011-11-02 23:20:55 -05:00
Nicolas Williams
3bebbe5323 Fixes to make Heimdal -Wall -Werror clean 
These fixes make developer mode build, at least on Ubuntu.
 2011-11-02 21:42:08 -05:00
Love Hörnquist Åstrand
9c830f5237 indent 2011-10-31 22:10:09 -07:00
Love Hörnquist Åstrand
877df213eb make sure we don't use stack content, don't count on that unsigned value can be negative 2011-10-31 22:05:42 -07:00
Love Hörnquist Åstrand
2e2b5daf7a send output to /dev/null 2011-10-31 21:27:51 -07:00
Love Hornquist Astrand
f3709535ea make make rules silent 2011-10-31 09:49:56 -07:00
Love Hornquist Astrand
5835c81e6c make the test tell what they do, disable LOCALDOMAIN tests 2011-10-31 09:06:10 -07:00
Nicolas Williams
c353962428 Oops, mismerge in principal.c 2011-10-31 00:29:36 -05:00
Nicolas Williams
104bb8ef53 Fix unitialized HDB_extension problem (specifically the mandatory field) 2011-10-31 00:20:05 -05:00
Nicolas Williams
7da9d7d75f Fix memory leak in name canon rule iterator 2011-10-31 00:15:07 -05:00
Love Hörnquist Åstrand
c8f1a6f0a0 don't install hcrypto unless we build them 2011-10-30 19:51:59 -07:00
Love Hornquist Astrand
483afb3390 avoid compile warning 2011-10-29 19:14:14 -07:00
Love Hornquist Astrand
6436cd99b7 remove lex_classic_input(void) prototype 2011-10-29 19:13:04 -07:00
Love Hornquist Astrand
42e6fb794d avoid const warning 2011-10-29 19:10:20 -07:00
Nicolas Williams
1192120b86 Fix 64-bit warnings in name canon rules code 2011-10-29 16:48:56 -05:00