oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,058 Commits 2 Branches 2 Tags
e8de24f236ed5fdfec184e5cc8b2aceae2d2ba57
Commit Graph

11 Commits

Author SHA1 Message Date
Luke Howard
4fb6a6adc9 gss: port NegoEx implementation from MIT 
An implementation of draft-zhu-negoex-04 for MIT Kerberos was developed in
2011. This has been recently integrated, with many fixes from Greg Hudson. This
commit ports it to Heimdal. The implementation has been interoperability tested
with MIT Kerberos and Windows, using the GSS EAP mechanism developed as part of
the Moonshot project.

The SPNEGO code was also updated to import the state machine from Apple which
improves mechListMIC processing and avoids discarding initial context tokens
generated during mechanism probing, that can be used for optimistic tokens.

Finally, to aid in testing, the GSS-API mechanism glue configuration file can
be changed using the environment variable GSS_MECH_CONFIG. This environment
variable name, along with the format of the configuration file, is compatible
with MIT (although it would be difficult for a single mechanism binary to
support both implementations).
 2020-02-04 17:28:35 +11:00
Luke Howard
6af3ea9099 gss: merge enhanced Apple mechglue logging 
Add _gss_mg_log() and friends for logging from within the mechanism glue and
SPNEGO. These APIs wrap around the libkrb5 logging APIs.
 2020-02-04 17:28:35 +11:00
Luke Howard
e9b3b2326d gssapi: remove non-mech status from _gss_mg_error() from Heimdal-520 
_gss_mg_error() should only handle mechanism-specific status codes which are
returned in minor_status. major_status has a global namespace.
 2019-01-03 14:38:39 -06:00
Asanka C. Herath
83745ddc40 Return NUL terminated strings from _gss_mg_get_error() 2010-12-01 17:53:10 -05:00
Love Hornquist Astrand
d890db78a8 Drop RCSID 2009-09-10 09:06:18 -07:00
Love Hörnquist Åstrand
269a7a057b flatten include headers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:35:00 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
f28083f6b3 Avoid checking mech for now... 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23540 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-16 22:59:07 +00:00
Love Hörnquist Åstrand
3673482a9b make the SPNEGO mech store the error itself instead, works for everything except other stackable mechs 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22600 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-21 12:46:24 +00:00
Love Hörnquist Åstrand
ca53ee4e11 If the canned string is "", its no use to the user, make it fall back 
to the default error string.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21248 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-21 00:45:13 +00:00
Love Hörnquist Åstrand
545bb59019 Glue to catch the error from the lower gss-api layer and save that for 
later so gss_display_status() can show the error.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19924 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-16 10:17:01 +00:00