oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,137 Commits 2 Branches 2 Tags
e242c4074653a8c4f1efef3de7fd195bef986671
Commit Graph

27137 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marco Molteni
e242c40746 Verify the existence of the keytab for tcp_server, gssapi_server 
appl/test/tcp_server and gssapi_server try to open the keytab file only when processing a connection.

This patch verifies the existence of the keytab file on program startup, so that troubleshooting is easier. In addition it adds some comments.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2012-05-01 23:01:19 +02:00
Love Hornquist Astrand
dd267e8fc3 heimbase can't depend on roken.h since its not built at this time 
if we need to have this dependency heimbase needs to be moved into lib/s
 2012-05-01 22:48:57 +02:00
Roland C. Dowdeswell
2c5ec44d39 Look for auth_to_local in the default realm's realm section... 
...rather than the authenticated principal's realm section.  We do
this both to maintain compatibility with MIT and because it makes
more sense.  We should likely also fix the auth_to_local_names as
cursory inspection reveals that it has the same incompatibility.
 2012-04-19 23:43:12 +01:00
Tony Acero
e2b6a449ce Windows: Visual Studio 10 support for installers 
Change-Id: I845986247abf607694d2438afaffa6ea7d6fd5c4
 2012-04-11 15:18:52 -04:00
Jeffrey Altman
9be792055c generated files must #include config if supported 
The source files generated by compile_et and asn1-compile must
begin with:

  #ifdef HAVE_CONFIG_H
  #include <config.h>
  #endif

This permits conditional includes based on HAVE_STDINT_H and
HAVE_UNISTD_H to work.

Change-Id: Iefe25317ac3cb1970793748b8318174bcd7a087f
 2012-04-10 17:17:33 -04:00
Jeffrey Altman
8e2762f907 Fix Windows build of mcache.c 
Commit c04aa9e082 specified the
mutex type, pthread_mutex_t, directly instead of using the
abstraction, HEIMDAL_MUTEX.

Change-Id: Iedfc46163140cf23014d357cc8ccc9f0e6224327
 2012-04-10 15:41:23 -04:00
Love Hörnquist Åstrand
c04aa9e082 more mutex locking from Jaudeep Padhye 2012-04-05 23:10:33 -07:00
Samuel Thibault
fbf44ea51d Fix compilation of kafs on Hurd. 
kafs now defines two ioctls, define the GNU _IOT constants.

This was originally submitted to the Debian Heimdal package:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483281

Signed-Off-By: Jelmer Vernooij <jelmer@debian.org>

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2012-04-05 22:55:01 -07:00
Samuel Thibault
0ef0446645 Properly activate the pthread support on GNU/Hurd. 
Originally submitted as a patch to the Debian Heimdal package:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483281

Signed-Off-By: Jelmer Vernooij <jelmer@debian.org>

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2012-04-05 22:55:01 -07:00
Russ Allbery
39460d0045 Remove duplicate __gss_krb5_mechanism_oid_desc definition 
__gss_krb5_mechanism_oid_desc is now defined in gssapi/gssapi_oid.h,
so remove the definition in gssapi/gssapi_krb5.h in favor of including
that header.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2012-04-05 22:55:01 -07:00
Love Hörnquist Åstrand
ec152cdf1a drain pool for each request 2012-04-05 22:55:01 -07:00
Love Hörnquist Åstrand
497eb5a4a4 add description 2012-04-05 22:55:01 -07:00
Roland C. Dowdeswell
67d9094665 Allow hxtool to process multiple --pk-init-principal args. 2012-04-05 20:20:19 +01:00
Viktor Dukhovni
eee3333b76 Handle multiple SANs correctly in KDC pkinit certs 
Signed-off-by: Roland C. Dowdeswell <elric@imrryr.org>
 2012-04-05 20:20:00 +01:00
Simon Wilkinson
10133ece1a hcrypto: Use correct size for memset in md2 
md2.c was doing memset(m, 0, sizeof(m)), and so was only clearing
the first 4 bytes of the passed md2 structure in MD2_Final. Fix
this to clear the entire structure, as expected.
 2012-03-31 19:06:59 -04:00
Jelmer Vernooij
15696d9b90 telnet.1: Avoid undefined macro 'B'. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2012-03-18 11:25:55 -07:00
Nicolas Williams
839ab87c10 Regression test iprop of key rollover and del_enctype 2012-03-15 18:57:35 -05:00
Nicolas Williams
ef9012aef5 Fix ipropd-slave assert when doing del_enctype 
Change a paranoid heim_assert into something better.  Update block
    comment.

    Next commit: add a test for del_enctype and iprop.
 2012-03-15 18:57:32 -05:00
Nicolas Williams
ca6a22276e Test that we copy forwardable/renewable flags from TGT in TGS-REQ 2012-03-14 23:58:40 -05:00
Nicolas Williams
3f86831c6c Fix earlier fix for not passing forwardable and friends in TGS-REQs 2012-03-14 23:45:31 -05:00
Jeffrey Altman
48d255561e Windows: install heimtools not heimtool 
Change-Id: Ie439dd6d2819d7a7088be19f7ecd49863df7ac79
 2012-03-13 23:57:00 -04:00
Jeffrey Altman
8257cc2232 Plugin functions should be KRB5_LIB_CALL 
Plugin functions should be KRB5_LIB_CALL for speed on Windows.

Change-Id: Iaa4dcf73fd2e29e3f95feede5217eac4eaded4e2
 2012-03-13 23:56:11 -04:00
Jeffrey Altman
cb6f7ea40e do not include stdint.h unprotected 
In most cases stdint.h should be inherited from roken.h.
In those cases where it cannot be, it must be protected by
  #ifdef HAVE_STDINT_H

Change-Id: I46cbaeab1d65939468f84179aeeef7e4f898b0bb
 2012-03-13 23:54:27 -04:00
Love Hörnquist Åstrand
25e533421a wrap SOL_SOCKET, SO_PEERCRED in ifdef __linux__ 2012-03-11 10:18:43 -07:00
Love Hörnquist Åstrand
faf39cf6ce wrap __weak_alias with _LIBC 2012-03-11 10:13:47 -07:00
Love Hörnquist Åstrand
979de1dfd0 wrap __weak_alias with _LIBC 2012-03-11 10:13:42 -07:00
Love Hörnquist Åstrand
472141be03 log each error message that is on a very high debug level 2012-03-10 10:23:57 -08:00
Love Hörnquist Åstrand
7b411b3993 fixup logic for prompting for password 2012-03-10 09:59:34 -08:00
Love Hörnquist Åstrand
d791e70894 support ipv6 2012-03-07 07:58:50 -08:00
Roland C. Dowdeswell
92b243a638 We must unlock before close. 2012-03-07 11:17:26 +00:00
Love Hörnquist Åstrand
a20fe9b0ad assert refcount != 0 2012-03-06 19:50:15 -08:00
Roland C. Dowdeswell
b37b991a6f We need heimtools.c which I derived from kcc.c. 2012-03-06 17:22:29 +00:00
Roland C. Dowdeswell
0c0a4ff071 Add require-pwchange flag to HDB and honour it if present in mit-db:. 
Also remove +requires_pwchange on passwd changes.
 2012-03-06 11:39:20 +00:00
Roland C. Dowdeswell
6de861263a Provide support for enctype aliases for ease of use. 
This should be compatible with MIT krb5 at least from my memory.
 2012-03-06 09:34:43 +00:00
Roland C. Dowdeswell
635f5ef5b4 Make kinit print ``Password incorrect'' if it gets KRB5_GET_IN_TKT_LOOP. 2012-03-06 09:28:31 +00:00
Love Hörnquist Åstrand
9d6b30cb8b remove kcc droppings 2012-03-06 00:07:17 -08:00
Jelmer Vernooij
2b365b2327 Rename kcc to heimtools. 
This should prevent naming clashes with other utilities named 'kcc'.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2012-03-06 00:06:26 -08:00
Love Hörnquist Åstrand
4d749f20e6 make header rebuilding work with automake 2012-02-29 22:03:00 -08:00
Love Hörnquist Åstrand
2a11d93bc0 define DEVELOPER_MODE when --enable-developer 2012-02-29 21:58:48 -08:00
Love Hörnquist Åstrand
25fc1a6464 rebuild krb5-protos.h and krb5-private.h if in maintainer-mode 2012-02-29 21:56:07 -08:00
Love Hörnquist Åstrand
053c44e100 Rename over old file, but only if it changed 2012-02-29 21:56:07 -08:00
Roland C. Dowdeswell
3ec78180ce Update krb5-config. 
We update krb5-config to support --all, --deps, and --vendor.  So,
now if you specify --libs, you will only get those libraries that
are required for dynamic linking.  If you are linking statically,
you must provide --deps.  We also allow multiple libraries to be
specified on the command line for applications that use, say, gssapi
and krb5.  And we elide -L and -I args if they have the prefix=/usr
as that's implied.  We also update the --help output to be a little
more verbose.
 2012-02-29 17:27:58 +00:00
Love Hörnquist Åstrand
a8c51aa594 add basic sqlite tests (from Nico) 2012-02-29 08:32:57 -08:00
Love Hörnquist Åstrand
b83452dd37 Wno-unused-result (not supported on gcc-4.2) 2012-02-29 08:31:58 -08:00
Love Hörnquist Åstrand
65987846fd make bind principal a common function 2012-02-28 00:03:20 -08:00
Roland C. Dowdeswell
5b2d65fa2b We need to remove +requires_pwchange on passwd changes. 2012-02-27 11:04:24 +00:00
Roland C. Dowdeswell
0da84c0c3a Add require-pwchange flag to HDB and honour it if present in mit-db:. 2012-02-27 10:19:54 +00:00
Roland C. Dowdeswell
91f2de8d1a Remove libedit's aclocal.m4 and ltmain.sh as they are generated. 2012-02-25 20:33:52 +00:00
Roland C. Dowdeswell
932c4c1859 We use a struct defined in sys/un.h. 2012-02-25 17:19:44 +00:00
Roland C. Dowdeswell
12b24ad876 Add a server side implementation of kadm5_create_principal_3(). 2012-02-24 18:56:30 +00:00