oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,316 Commits 2 Branches 2 Tags
dca1de8dc80d8b78680719a1d2f74d6b9c99390c
Commit Graph

27316 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Love Hornquist Astrand
623bd64f0c use sl_did_you_mean 2011-11-22 12:18:48 -08:00
Love Hornquist Astrand
d26df6ba7f export sl_did_you_mean that uses OptimalStringAlignmentDistance to propose an alternative 2011-11-22 12:18:37 -08:00
Love Hornquist Astrand
791c70eaa2 reopen logfile every request 2011-11-22 11:41:40 -08:00
Love Hornquist Astrand
8b351e5eb2 keep file open when we care about performance (which we do now) 2011-11-22 11:10:41 -08:00
Love Hornquist Astrand
118f99e308 tell if keytab is missing principal 2011-11-22 11:00:51 -08:00
Love Hornquist Astrand
72e88209f8 support keytab testing (and use it) 2011-11-22 11:00:51 -08:00
Love Hornquist Astrand
f2319c2458 better help on unknown command 2011-11-22 11:00:51 -08:00
Nicolas Williams
121ab46bb6 Add missing symbols needed for make check in base 2011-11-22 11:49:26 -06:00
Nicolas Williams
1572b762b6 Fix missing symbols. 2011-11-22 00:32:52 -06:00
Love Hörnquist Åstrand
e037054e8d disable printer 2011-11-21 21:50:23 -08:00
Love Hörnquist Åstrand
a82fb8ae3e perf counter 2011-11-21 20:57:17 -08:00
Love Hörnquist Åstrand
af7f0eb746 less verbose 2011-11-21 20:34:36 -08:00
Love Hörnquist Åstrand
3f1d903a85 add kinit test to kdc-tester 2011-11-21 20:34:36 -08:00
Love Hörnquist Åstrand
6af6e27c50 glue in send_to_kdc 2011-11-21 20:34:36 -08:00
Love Hörnquist Åstrand
c4721dd1d0 add basic support for pkinit 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
503266c4a3 use json to drive kdc-tester 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
354ef711f3 restructure 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
1d7c483db2 use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
3b38640e4b quoted string tests 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
5a744a9ca6 add heim_string_create_with_bytes 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
6ace66345b use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
40b0d518af use get and set, add json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
58ea7f5b0c use get and set 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
9bb4b5aec8 basic handing of quoted strings 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
6a6bb430e7 test test_base 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
a56e097ae4 include json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
3d1dbbfbc0 test json 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
43ac50913b handle quotes 2011-11-21 20:34:35 -08:00
Love Hornquist Astrand
8a0e0f9472 do m-r on more then one prime 2011-11-21 20:33:53 -08:00
Love Hörnquist Åstrand
376181632b handle &&, from Jaideep Padhye 2011-11-20 09:55:15 -08:00
Love Hörnquist Åstrand
660d996dbf set compile-et to no if its not found, try to not use it 2011-11-20 09:55:15 -08:00
Love Hornquist Astrand
3489110db0 fixup rule for krb5-hdb-mitdb.conf 2011-11-19 10:57:51 -08:00
Stefan Metzmacher
7ecbac23f6 lib/krb5: add utf8 support to build_logon_name() for the PAC 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
55d66f2aff lib/wind: export wind_ucs2write() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
805304d3f8 lib/winbd: fix wind_ucs2write with WIND_RW_LE 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Stefan Metzmacher
dcd34e5967 lib/wind: fix wind_ucs4utf8() and wind_ucs2utf8() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Nicolas Williams
124eccf014 Make this work with kvno 0 and no kvno 2011-11-15 21:53:34 -06:00
Nicolas Williams
38f726d8b4 Fix bug in key rollover code in TGS, make check-kdc test what we can 
We can't test the key rollover support in the TGS in the x-realm
    path using just Heimdal because the krb5_get_creds() path will try a
    referral, which will produce a cross-realm TGT that has the
    enc_part.kvno set.  But we can test this for the plain TGT case.
 2011-11-15 21:53:34 -06:00
Nicolas Williams
349609ed20 Initial test of x-realm TGT w/ kvno 0 and key rollover 
NOTE: The test runs and succeeds, but the client seems to be getting
	  a new x-realm TGT after we set the kvno to 0 or remove the
	  kvno from the tickets.  This means we're not really testing
	  the TGS paths!  So this test is not yet ready.
 2011-11-15 21:53:34 -06:00
Nicolas Williams
c9609cdb37 Initial patch for dealing with AD x-realm key rollover 
AD issues x-realm TGTs with kvno 0.  On key x-realm trust key change
    we need to be able to try current and previous keys for trust, else
    we will have some failures.
 2011-11-15 21:53:33 -06:00
Love Hörnquist Åstrand
b26fc106de fix typo, from Robert Simmons 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
0ae0dcba85 database is in srcdir 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
1a562410c9 dup of ok for the fast cookie 2011-11-13 10:01:41 -08:00
Love Hörnquist Åstrand
01ddeee37f use heim_verbose 2011-11-13 10:01:40 -08:00
Love Hörnquist Åstrand
d576ee3866 add glue for silent-rules 2011-11-13 10:01:40 -08:00
Love Hornquist Astrand
84caf5bbd8 jgssapi_server is a java file 2011-11-09 08:04:52 -08:00
Nicolas Williams
0e852b330f Make sure we always allow weak enctypes in MIT HDB test 
Also, we still try to create the version key in the MIT HDB, so we
    might as well update the test DB to have the version key already
    there.  (But really, we should just never write to the MIT HDB.)
 2011-11-09 00:59:51 -06:00
Nicolas Williams
19b6c47f72 Handle 1DES enctype similarity in MIT HDB 
We have some cross-realm principals in an MIT KDB with one kind of
    1DES enctype, but the other realm's KDCs issue x-realm TGTs where
    the ticket encpart key enctype is a different 1DES enctype.  We need
    this to work if we use Heimdal with the MIT HDB backend.

    An alternative would be to check for similar (or, rather,
    compatible) enctypes in the KDC (and elsewhere?).  This patch avoids
    the need to make such ugly changes elsewhere.
 2011-11-09 00:59:15 -06:00
Nicolas Williams
8586d9f88e Fix enctype selection issues for PAC and other authz-data signatures 
We were using the enctype from the PA-TGS-REQ's AP-REQ's Ticket to
    decide what key from the service's realm's krbtgt principal to use.
    This breaks when: a) we're doing cross-realm, b) the service's
    realm's krbtgt principal doesn't have keys for the enctype used in
    the cross-realm TGT.

    The fix is to pick the correct key (strongest or first, per-config)
    from the service's realm's krbtgt principal.
 2011-11-09 00:32:38 -06:00
Nicolas Williams
40a7d4b62f More fixes for -Werror (GCC 4.6 catches more stuff) 2011-11-02 23:20:55 -05:00