oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
25,388 Commits 2 Branches 2 Tags
d837f736f8521af6bdc6ff33a19e4c78bee1df79
Commit Graph

14574 Commits

Author SHA1 Message Date
Love Hornquist Astrand
d837f736f8 Make locking work when doing rename, rename assume db in not ->hdb_open'ed. 2010-03-21 14:55:36 -07:00
Love Hornquist Astrand
c491b59007 pull out unix /dev/random if we cant get users home directory 2010-03-21 11:01:24 -07:00
Love Hornquist Astrand
76122d97c2 Test emptier environment 2010-03-21 10:59:26 -07:00
Love Hornquist Astrand
fc9aff2260 log the source too 2010-03-21 09:41:20 -07:00
Love Hornquist Astrand
3ac7d626c2 log failures 2010-03-21 09:37:42 -07:00
Love Hornquist Astrand
32d148b2f8 Check for dd_fd in DIR not struct dirent 
Pointed out by Ragnnar Sundblad in private mail
 2010-03-21 09:08:46 -07:00
Love Hornquist Astrand
ad2de1222f spelling 2010-03-20 15:25:55 -07:00
Love Hornquist Astrand
cfb43997ae define YY_NULL 2010-03-20 14:44:16 -07:00
Love Hornquist Astrand
b0a79dcd40 Improve the dns retry logic 
Bug reported by Richard Silverman on heimdal-bugs
 2010-03-19 14:19:43 -07:00
Love Hornquist Astrand
3af54e67d9 Renumber signedticket to 512 since 142 was stolen. 2010-03-19 13:44:51 -07:00
Andrew Tridge
6bff49a89d memset the right length of the {i,o}pad data, memset opad not ipad in the opad case (typo) 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-03-18 10:59:51 -07:00
Love Hornquist Astrand
f26d6c2398 (krb5_set_default_in_tkt_etypes): filter out unwanted enctypes 
Needed for Samba that tries really hard to use DES encryption types.

Reported by Natanael Copa on heimdal-discuss
 2010-03-17 09:30:11 -07:00
Matthias Dieter Wallnöfer
69ea9b38e9 heimdal - fix overlapped identifiers in the "krb5" library 
heimdal - fix overlapped identifiers in the "krb5" library

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-03-16 10:05:35 -07:00
Love Hornquist Astrand
50990d61cf free always "ctx->password" when it isn't needed anymore 
Patch originally from Matthias Dieter Wallnöfer, changed by me to keep
clearing the password from memory.
 2010-03-16 10:04:20 -07:00
Love Hornquist Astrand
313a2243bb Allow users to specify their own configuration file ~/.krb5/config 
Idea from Rune L on heimdal-discuss
 2010-03-16 09:09:27 -07:00
Love Hornquist Astrand
33d80cbcfc include roken.h 2010-03-12 09:04:39 -08:00
Love Hornquist Astrand
cf1b11f8a0 export more 2010-03-11 23:35:26 -08:00
Love Hornquist Astrand
6da28e73eb move same ifdef magic from roken-common.h.in to here, use strerror() 2010-03-11 23:35:00 -08:00
Love Hornquist Astrand
7d9335ce69 in the STRERROR_R_PROTO_COMPATIBLE case, only provide a rk_strerror_r function if there is a broken prototype 
From harald barth.
 2010-03-11 18:40:47 -08:00
Love Hornquist Astrand
e57bd85101 spelling 2010-03-10 20:05:31 -08:00
Love Hornquist Astrand
ae74dc7316 allow a cross realm ticket returned in the non referrals case 2010-03-07 01:02:02 -08:00
Love Hornquist Astrand
03262460dd use krb5_principal_is_krbtgt 2010-03-07 01:01:32 -08:00
Love Hornquist Astrand
71150bb1bc add krb5_principal_is_krbtgt 2010-03-07 01:00:48 -08:00
Love Hornquist Astrand
a46bc97443 Windows code never calls dirfd, avoid warning 2010-02-27 19:23:08 -08:00
Love Hornquist Astrand
94a8d9c5e5 autoconf test for dirfd and dd_fd 2010-02-25 22:18:32 -08:00
Love Hornquist Astrand
53024a5a22 start to document gss_import_name 2010-02-21 23:21:58 +01:00
Love Hornquist Astrand
521098738c document gss_release_name 2010-02-21 23:21:43 +01:00
Love Hornquist Astrand
24eeb74c4a make getnameinfo quiet by default 2010-02-20 14:01:53 -08:00
Love Hornquist Astrand
7c86764dea make getifaddrs quiet by default 2010-02-20 13:59:39 -08:00
Love Hornquist Astrand
e297702f78 split dist and nodisk source for heim_ipc[cs] 
So that the generated files doesn't have to be built on host w/o mig,
reported by Jelmer Vernooij on heimdal-discuss
 2010-02-20 11:22:07 -08:00
Love Hornquist Astrand
3ddb2af8d5 more flags and stuff 2010-02-13 17:41:33 -08:00
Love Hornquist Astrand
33e9da40b4 *** empty log message *** 2010-02-13 17:39:08 -08:00
Love Hornquist Astrand
61d6c3b9c5 add flags in gssapi_context_flags 2010-02-13 17:38:56 -08:00
Love Hornquist Astrand
53f7c6be92 more refs 2010-02-13 17:28:29 -08:00
Love Hornquist Astrand
57332c9b7d gssapi_mechs_intro 2010-02-13 17:28:13 -08:00
Love Hornquist Astrand
b7581f5dcb document more about mechs 2010-02-13 17:27:14 -08:00
Love Hornquist Astrand
96852bdc79 list contants for mechs 2010-02-13 17:23:09 -08:00
Love Hornquist Astrand
84b58b78b6 start of documention of gss_init_sec_context 2010-02-13 17:14:46 -08:00
Love Hornquist Astrand
711ef346a0 move krb5_set_home_dir_access() group krb5 2010-02-10 18:26:46 -08:00
Love Hornquist Astrand
c9a0c39786 add check for [libdefaults_entries]allow_weak_crypto 2010-02-04 16:13:06 -08:00
Russ Allbery
bc3d8992cd Don't attempt to load a password quality verifier from NULL 
When kadm5_add_passwd_quality_verifier is called with a NULL
check_library parameter and [password_quality].policy_libraries
is set, the function calls add_verifier() for each string in the
policy_libraries section and then falls through to the non-NULL
case and calls add_verifier() a final time with a NULL argument.
This leads to dlopening the running executable and then failing
since it contains no password quality verifier.

If the check_library argument is NULL, only call add_verifier()
for the configured policy_libraries and do not fall through to
the non-NULL case.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-02-02 20:46:23 -08:00
Love Hornquist Astrand
04d3215d39 _wind_ucs2read is not a private symbol 2010-02-02 20:16:47 -08:00
Russ Allbery
8a57d5cb08 Add krb5_allow_weak_crypto API to enable weak enctypes 
Add krb5_allow_weak_crypto parallel to the API introduced in MIT
Kerberos 1.8.  Enables or disables all enctypes marked as weak.
Add a new enctype flag marking weak enctypes (all of the ones that
are disabled by default).

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-01-27 21:50:58 -08:00
Love Hornquist Astrand
560fc640bb Lowercase linux, from Harald Barth 2010-01-26 22:14:59 -08:00
Love Hornquist Astrand
908ece3604 Adapt for Linux with SOCK_CLOEXEC, patch from Harald Barth 2010-01-26 10:46:51 -08:00
Love Hornquist Astrand
4376b6c8b1 spelling 2010-01-25 23:50:37 -08:00
Love Hornquist Astrand
2fbdb6a514 rewrite socket to rk_socket of there is SOCK_CLOEXEC and there is linux, prompted by Harald Barth 2010-01-25 23:01:18 -08:00
Love Hornquist Astrand
deee0bbad9 put SOCK_CLOEXEC in the right argument, from Harald Barth 2010-01-25 23:01:09 -08:00
Russ Allbery
4038832098 Export krb5_principal_get_num_comp 
krb5_principal_get_num_comp was prototyped as a public function but
not exported from libkrb5.  Add it to the export version map.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-01-25 22:39:14 -08:00
Love Hornquist Astrand
609e8dd156 reset GSS_C_DELEG_FLAG when there is no consumer 2010-01-19 21:22:53 +00:00