Commit Graph

21608 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
e5baf09800 Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ. This drop
compatibility with pre 0.3d KDCs.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22714 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:49 +00:00
Love Hörnquist Åstrand
50901132f0 Also check KDCOptions->canonicalize when looking for referrals requests.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22713 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:45 +00:00
Love Hörnquist Åstrand
098a497638 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22712 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:41 +00:00
Love Hörnquist Åstrand
b2aff2d2bd x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22711 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:38 +00:00
Love Hörnquist Åstrand
ecd4be81f0 set KRB5_GC_CANONICALIZE.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22710 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:34 +00:00
Love Hörnquist Åstrand
2b861313a8 set KRB5_GC_CANONICALIZE.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22709 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:30 +00:00
Love Hörnquist Åstrand
829360b3f6 Catch KRB5_GC_CANONICALIZE.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22708 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:26 +00:00
Love Hörnquist Åstrand
9a041ab3e3 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22707 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:22 +00:00
Love Hörnquist Åstrand
395d4e88af Test TGS referrals.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22706 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:18 +00:00
Love Hörnquist Åstrand
3fdb2ae3e3 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22705 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:14 +00:00
Love Hörnquist Åstrand
2f7728caff Add stub --canonicalize implementation.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22704 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:10 +00:00
Love Hörnquist Åstrand
b9f88cce4c first version of the tgs referrals pathcheck
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22703 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-24 12:05:02 +00:00
Love Hörnquist Åstrand
68c7f7560e Update to match new API for windc interface.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22702 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-22 22:20:29 +00:00
Love Hörnquist Åstrand
c008e1015f Attached is a patch that fixes the following:
- The argument for setsockopt is an int, not a size_t. This breaks on
  64bit OS's causing the buffer not to be set (or triggers a kernel
  bug on AIX due to size_t being parsed as an int and setting the
  socket buffer to zero due to bad kernel error checking).
- Add a check to see if the socket buffer is large enough already,
  don't make it smaller if it is.

From Niklas Edmundsson


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22701 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-21 21:37:32 +00:00
Love Hörnquist Åstrand
20fa0e0ba4 update (c)
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22700 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-21 21:37:27 +00:00
Love Hörnquist Åstrand
c8bbacc95e x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22699 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-20 08:46:53 +00:00
Love Hörnquist Åstrand
c228c7bc0a Fix sasl-regexp, from Howard Chu.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22698 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-20 08:46:02 +00:00
Love Hörnquist Åstrand
18fde62022 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22697 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-19 19:46:04 +00:00
Love Hörnquist Åstrand
3eaa53c066 Try to find unzip.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22696 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-19 19:45:49 +00:00
Love Hörnquist Åstrand
f47edf11f2 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22695 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-19 16:00:51 +00:00
Love Hörnquist Åstrand
bdcafc6d2d Drop unused defined that originates from aes.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22694 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-19 15:58:50 +00:00
Love Hörnquist Åstrand
8888b88979 kdc: Provide extended error information in AS-REP error replies.
This change utilizes the addition of the e_data parameter to the
   windc_plugin in the heimdal code to pass extended information back
   to the client.  The extended information is provided in an e-data
   block as part of the kerberos error message, and allows the client
   to determine which specific error condition occurred.

From Andrew Kroeger and Andrew Bartlet


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22693 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-19 08:57:49 +00:00
Love Hörnquist Åstrand
15684f3514 Describe certificate matching syntax.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22692 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-18 16:18:13 +00:00
Love Hörnquist Åstrand
23895f4fb9 Check for dup aliases before overwriting, pointed out by Johanna Mannung
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22691 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-18 10:14:02 +00:00
Love Hörnquist Åstrand
3a7287955f x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22690 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-16 14:30:58 +00:00
Love Hörnquist Åstrand
e4549b08d5 add missing symbols
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22689 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-16 11:35:21 +00:00
Love Hörnquist Åstrand
784ffbfa6a Make delegated credentials delegated directly, Oleg Sharoiko pointed out that it always didnt work with the old code. Also add som missing cred and context pass-thou functions in the SPNEGO layer
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22688 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-16 11:33:58 +00:00
Love Hörnquist Åstrand
7dd314d77a x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22687 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:29:51 +00:00
Love Hörnquist Åstrand
6541305988 Adapt to hx509_env changes.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22686 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:29:37 +00:00
Love Hörnquist Åstrand
425c28427f add Zeqing Xia
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22685 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:15:21 +00:00
Love Hörnquist Åstrand
b0d3b3e16b x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22684 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:13:10 +00:00
Love Hörnquist Åstrand
2f58fa6ccb Test gsskrb5_register_acceptor_identity.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22683 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:12:55 +00:00
Love Hörnquist Åstrand
df1cca124b x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22682 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:11:21 +00:00
Love Hörnquist Åstrand
49dffae447 Add test for gsskrb5_register_acceptor_identity.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22681 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 21:10:43 +00:00
Love Hörnquist Åstrand
7984dfc6b7 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22680 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 14:53:38 +00:00
Love Hörnquist Åstrand
00f8b507cb rename to be more consistent, export for teting
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22679 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 14:52:48 +00:00
Love Hörnquist Åstrand
90c30290de Export hx509_query_match_expr.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22678 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-14 01:23:04 +00:00
Love Hörnquist Åstrand
7776ed30a9 Add language to support querying certificates to find a match. Support constructs like "1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"".
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22677 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-13 17:35:49 +00:00
Love Hörnquist Åstrand
08cb59513f Add (c).
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22676 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-12 15:14:55 +00:00
Love Hörnquist Åstrand
b0a619c3aa Add (c).
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22675 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-12 15:14:34 +00:00
Love Hörnquist Åstrand
62c5f2a505 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22674 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-10 15:00:28 +00:00
Love Hörnquist Åstrand
0968e71694 Try searchin the key by to use by first looking for for PK-INIT
EKU, then the Microsoft smart card EKU and last, no special EKU at all.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22673 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-10 15:00:05 +00:00
Love Hörnquist Åstrand
1828420cc3 x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22672 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:58:11 +00:00
Love Hörnquist Åstrand
2d405842ad (init_auth): use right variable to detect if we want to free or not.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22671 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:57:54 +00:00
Love Hörnquist Åstrand
acd0b08bcf x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22670 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:41:01 +00:00
Love Hörnquist Åstrand
aff5c9adc4 Create a new credential cache is ->get_name is called, make
acc_initialize() reset the existing credential cache if needed.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22669 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:39:25 +00:00
Love Hörnquist Åstrand
103467b5ec x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22668 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:08:53 +00:00
Love Hörnquist Åstrand
32809668a9 (acc_get_name): just return the cache_name directly instead of trying
to resolve it.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22667 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 23:08:32 +00:00
Love Hörnquist Åstrand
574683e7ab x
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22666 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 21:48:09 +00:00
Love Hörnquist Åstrand
bdd75a7ca8 Dont need to set this as the controlling PTY on steams sockets, don't
abort on failure. From Harald Barth and Ian Delahorne.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22665 ec53bebd-3082-4978-b11e-865c3cabbd6b
2008-03-09 21:47:53 +00:00