Love Hornquist Astrand
ddb54ca483
switch to use EVP interface instead of old MDX_ style interface
2009-08-17 10:16:13 +02:00
Love Hornquist Astrand
13c3b9b1c6
switch to use EVP interface instead of old MDX_ style interface
2009-08-17 10:15:31 +02:00
Love Hornquist Astrand
639e93d436
switch to use EVP interface instead of old MDX_ style interface
2009-08-17 10:14:24 +02:00
Love Hornquist Astrand
3ef05891ee
switch to use EVP interface instead of old MDX_ style interface
2009-08-17 10:13:04 +02:00
Love Hornquist Astrand
ddb8230917
switch to use EVP interface instead of old MDX_ style interface
2009-08-17 10:10:42 +02:00
Love Hornquist Astrand
6ac304d156
Use min() instead of MIN()
2009-08-14 20:05:36 +02:00
Love Hornquist Astrand
95993f222c
Fix order of flags, passes regression test now
2009-08-05 13:42:34 +02:00
Love Hornquist Astrand
0ede7ac561
Pass down the use-dce-style flag instead of the while gssapi krb5 context
2009-08-05 12:00:07 +02:00
Stefan Metzmacher
ab9e5d13ec
gsskrb5: try to be compatible with windows for gss_wrap* and cfx
...
The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.
metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2009-08-04 20:22:05 +02:00
Stefan Metzmacher
0297d047a4
gsskrb5: add support for DCE_STYLE and des and des3 keys
...
Only the des keys are tested as windows doesn't support des3
metze
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2009-08-04 20:21:20 +02:00
Love Hornquist Astrand
fa502c6648
Add support for gss_{import,export}_cred() as requested by metze
...
Works for krb5 and SPNEGO mechanisms. Kerberos credentials are passed as
credential cache names, or if there are memory based credentials, inband in the protocol. This means that the credentials buffers must be keep secret.
As documented by IBM (they have the wrong prototype though)
and GGF (GSS-API Extensions) back in 2001
2009-07-29 13:36:02 +02:00
Love Hornquist Astrand
565236c603
Add store-cred to the dispatch table
2009-07-28 09:50:05 +02:00
Love Hornquist Astrand
c140f0255c
Implement core of _gsskrb5_store_cred()
2009-07-27 09:42:46 +02:00
Love Hornquist Astrand
8b71d0b93f
Prefer the realm of the user when doing referrals style ISC krb5-get-creds
...
The the realm of the user's principal and prefer that when doing a lookup.
This code still need to be smarter can cache the "initial value" -> positive result
to avoid roundtrips to the KDC.
2009-07-17 15:43:19 -07:00
Love Hörnquist Åstrand
de5f912e02
Contributed by Andrew Bartlett:
...
When Samba4's 'fake' GSSAPI client contacts Windows 2008, and does not
request AP_MUTUAL_REQUIRED, it does not elicit a response packet.
We had previously assumed it was unconditional. Samba3 didn't mind
very much, but Samba4's samba3-like client did, and the behaviour
differed to Win2008 behaviour.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25328 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-07-15 22:18:00 +00:00
Love Hörnquist Åstrand
8be9f44602
rename find_buffer
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25289 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-06-23 03:45:56 +00:00
Love Hörnquist Åstrand
2ca3492e42
remove stream bits for now
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25288 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-06-23 03:45:37 +00:00
Love Hörnquist Åstrand
769f86eb33
start of unpack stream if there is one.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25287 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-06-23 03:45:02 +00:00
Love Hörnquist Åstrand
c99b2003e2
Implement gss_wrap_iov, gss_unwrap_iov for CFX type encryption types.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25286 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-06-22 17:56:41 +00:00
Love Hörnquist Åstrand
74af14affc
disable code
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25284 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-06-12 19:05:42 +00:00
Love Hörnquist Åstrand
9e9258e2b8
comment out unsupported options
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25183 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-05-06 19:02:03 +00:00
Love Hörnquist Åstrand
cae7efb522
Make KRB5KRB_AP_ERR_TKT_NYV trigger error_token too.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25128 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-04-16 08:31:15 +00:00
Love Hörnquist Åstrand
8efe3cee79
use krb5_cc_new_unique, use constants for cache types
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25054 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-04-03 04:06:31 +00:00
Love Hörnquist Åstrand
66167a029f
use krb5_cc_new_unique, use constants for cache types
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25053 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-04-03 04:06:21 +00:00
Love Hörnquist Åstrand
6243aee99a
use krb5_cc_new_unique, use constants for cache types
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25052 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-04-03 04:06:10 +00:00
Love Hörnquist Åstrand
06e0f0d12f
use krb5_cc_new_unique, use constants for cache types
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25051 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-04-03 04:05:59 +00:00
Love Hörnquist Åstrand
f6de1a0ed0
make compile (missing implementation)
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24951 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-03-25 23:29:56 +00:00
Love Hörnquist Åstrand
ac45625cb1
basic implementation
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24930 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-03-25 15:34:42 +00:00
Love Hörnquist Åstrand
6bff91ac85
qop_state is not used any more, remove
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24918 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-03-22 17:23:10 +00:00
Love Hörnquist Åstrand
2bd838c5ac
ops is not used any more, remove
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24917 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-03-22 17:23:00 +00:00
Love Hörnquist Åstrand
277e354944
less errors
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24792 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-02-22 23:27:47 +00:00
Love Hörnquist Åstrand
41b829003c
add conf_state to iov_length
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24772 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-02-22 23:24:15 +00:00
Love Hörnquist Åstrand
43ed47f3fe
no longer used
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24746 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-02-16 19:12:12 +00:00
Love Hörnquist Åstrand
1eb329c605
sign_only do not contribute to length
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24721 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-02-16 18:35:49 +00:00
Love Hörnquist Åstrand
d7aefee1ab
Switch arguments.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24720 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-02-16 18:35:38 +00:00
Love Hörnquist Åstrand
269a7a057b
flatten include headers
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-01-25 00:35:00 +00:00
Love Hörnquist Åstrand
8b8e3af545
check return values
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24141 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 05:06:44 +00:00
Love Hörnquist Åstrand
bb8485b49c
check return value from krb5_decrypt_iov_ivec
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24129 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 05:04:39 +00:00
Love Hörnquist Åstrand
62965c76dd
free krb5_storage
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24124 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 05:03:48 +00:00
Love Hörnquist Åstrand
bedf5bc77e
init content before use coverity #146
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24095 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:58:48 +00:00
Love Hörnquist Åstrand
c5ff97dc5b
init content before use coverity #147
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24094 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:58:38 +00:00
Love Hörnquist Åstrand
f964fe1beb
init content before use coverity #148
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24093 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:58:28 +00:00
Love Hörnquist Åstrand
d24b24e07e
init content before use coverity #149
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24092 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:58:18 +00:00
Love Hörnquist Åstrand
63d1d155f2
switch from unsigned int to int for iov_count
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24083 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:55:56 +00:00
Love Hörnquist Åstrand
9586101a49
use the krb5_crypto directly, skipping some per packet calculation, make cfx handling simpler
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24067 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:52:10 +00:00
Love Hörnquist Åstrand
9c1460fe80
dont need cfx flag here
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24058 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:50:38 +00:00
Love Hörnquist Åstrand
d4f5c19c1d
make IS_CFX a more_flag
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24057 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:50:22 +00:00
Love Hörnquist Åstrand
691da91d10
pass back header/trailer sizes
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24056 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:50:10 +00:00
Love Hörnquist Åstrand
7f6d448621
implement the new gss_*_iov interfaces
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24055 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-12-11 04:49:37 +00:00
Love Hörnquist Åstrand
ada58d9cd3
Additional patch from Christan Krause to handle asprintf better
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24041 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-11-15 04:43:42 +00:00