oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
20,335 Commits 2 Branches 2 Tags
ea8a0d2891e9b827bf60438e98ecc3ee8e84fb6a
Commit Graph

1140 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
ea8a0d2891 Add [kdc]pkinit_require_binding option. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21291 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-25 14:14:41 +00:00
Love Hörnquist Åstrand
b64da39b5f (pk_mk_pa_reply_enckey): only allow non-bound reply if its not required. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-25 14:13:23 +00:00
Love Hörnquist Åstrand
cd83aef979 rename pkinit_princ_in_cert and add pkinit_require_binding 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21288 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-25 14:09:55 +00:00
Love Hörnquist Åstrand
ced5a6d55f rename pkinit_princ_in_cert and add pkinit_require_binding 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21287 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-25 14:09:03 +00:00
Love Hörnquist Åstrand
c2da08186b rename pkinit_princ_in_cert 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-25 14:08:34 +00:00
Love Hörnquist Åstrand
4ad305a90c Drop unused variable. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21262 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-21 15:18:37 +00:00
Love Hörnquist Åstrand
6c4ad61bd4 disable anonyous tgs requests 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21260 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-21 14:48:42 +00:00
Love Hörnquist Åstrand
85acea1b76 Don't check PAC on cross realm for now. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21258 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-21 14:11:01 +00:00
Love Hörnquist Åstrand
a0320981ed Return an error message instead of dropping the packet for more 
failure cases.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21241 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 11:30:19 +00:00
Love Hörnquist Åstrand
4b3ea33a6a Factor out fetching of password and move it to the code that uses 
it. This code would not hurt by factoring out some more code...


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21181 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-19 20:52:29 +00:00
Love Hörnquist Åstrand
dd6d82336b Remove extra \n. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21166 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-19 00:05:50 +00:00
Love Hörnquist Åstrand
50f2521922 Remove printing of ntlmv2 hash, was running wrong version of the kdc. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21114 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 13:17:23 +00:00
Love Hörnquist Åstrand
2ee2c22b2e More logging for ntlm v2 digest hash mismatch case. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21112 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 12:59:12 +00:00
Love Hörnquist Åstrand
c561d08c04 export get_dbinfo as krb5_kdc_set_dbinfo and call from users. This to allows libkdc users to to specify their own databases 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21110 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 10:52:20 +00:00
Love Hörnquist Åstrand
30a0cc5d6a (_kdc_db_fetch): set error string for failures. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21106 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 10:18:11 +00:00
Love Hörnquist Åstrand
2430aab0de Use KRB5_AUTHDATA_INITIAL_VERIFIED_CAS. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21095 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-15 20:01:45 +00:00
Love Hörnquist Åstrand
5286ace71e tell user when they got a pk-init request with pkinit disabled. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21087 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-13 18:19:08 +00:00
Love Hörnquist Åstrand
247866e443 Constify. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21041 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-10 06:21:12 +00:00
Love Hörnquist Åstrand
6b687aaa00 Constify. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21040 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-10 06:20:59 +00:00
Love Hörnquist Åstrand
4f3369a872 Check for KRB5-PADATA-PK-AS-09-BINDING. Constify. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21039 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-10 06:20:31 +00:00
Love Hörnquist Åstrand
cc4333b758 remove cvs ignore files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-09 03:09:59 +00:00
Love Hörnquist Åstrand
71bc52d5ac EXTRA_DIST += version-script.map. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21020 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-08 15:35:50 +00:00
Love Hörnquist Åstrand
ad36551067 Break out loading of mappings file to a separate function and remove 
warning that it can't open the mapping file, there are now mappings in
the db, maybe the users uses that instead...


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20998 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 22:53:31 +00:00
Love Hörnquist Åstrand
501beea27a add new symbols 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20978 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 15:28:40 +00:00
Love Hörnquist Åstrand
24cf0fdeae Also update krb5_context view of what the time is. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20970 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 06:54:55 +00:00
Love Hörnquist Åstrand
ea26dbde83 Add --[version|help]. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20963 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 05:12:59 +00:00
Love Hörnquist Åstrand
a3f341f304 Push down the kdc time into the x509 library. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20960 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 04:48:11 +00:00
Love Hörnquist Åstrand
8b91b80a1e Remove out2, no longer used. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20959 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 04:46:06 +00:00
Love Hörnquist Åstrand
23ed41b109 Move up krb5_kdc_save_request so we can catch the reply data too. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20958 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 04:35:05 +00:00
Love Hörnquist Åstrand
4fe154b2f9 verify reply by checking asn1 class, type and tag of the reply if 
there is one.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20957 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 04:34:14 +00:00
Love Hörnquist Åstrand
43a028c82a Save asn1 class, type and tag of the reply if there is one. Used to 
verify the reply in kdc-replay.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20956 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 04:32:53 +00:00
Love Hörnquist Åstrand
1902040622 extern for request_log. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20954 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:30:15 +00:00
Love Hörnquist Åstrand
7d1da27427 Add kdc-replay. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20953 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:20:22 +00:00
Love Hörnquist Åstrand
162660bade Replay kdc messages to the KDC library. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20952 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:19:07 +00:00
Love Hörnquist Åstrand
35a6f8ed22 Pick up request_log from [kdc]kdc-request-log. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20951 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:08:39 +00:00
Love Hörnquist Åstrand
44e3c4e620 Option to save the request to disk. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20950 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:07:42 +00:00
Love Hörnquist Åstrand
7e2f36b1d6 (krb5_kdc_save_request): save request to file. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20949 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 03:07:04 +00:00
Love Hörnquist Åstrand
01d0aa7e38 Update kdc time. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20948 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 02:20:45 +00:00
Love Hörnquist Åstrand
c42a34c36d (krb5_kdc_process*): dont update _kdc_time automagicly. 
(krb5_kdc_update_time): set or get current kdc-time.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20947 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-07 02:20:10 +00:00
Love Hörnquist Åstrand
6f787893cd (_kdc_pk_rd_padata): accept both pkcs-7 and pkauthdata as the signeddata oid 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20943 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-06 22:14:36 +00:00
Love Hörnquist Åstrand
3d7fc2b1e7 (_kdc_pk_rd_padata): Try to log what went wrong. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20942 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-06 22:03:20 +00:00
Love Hörnquist Åstrand
a7169a17a6 Use oid_id_pkcs7_data for pkinit-9 encKey reply to match windows DC 
behavior better.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20927 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-05 17:23:44 +00:00
Love Hörnquist Åstrand
f48ceb510e (digest ntlm): provide log entires by setting ret to an error. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20877 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-04 04:07:26 +00:00
Love Hörnquist Åstrand
ceb434a58b In case of OCSP verification failure, referash every 5 min. In case of 
success, refreash 2 min before expiring or faster.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20812 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-03 03:35:32 +00:00
Love Hörnquist Åstrand
da1be13db5 Handle the ms san in a propper way, still cheat with the realm name. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20748 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 17:31:43 +00:00
Love Hörnquist Åstrand
1c488f05de If _kdc_pk_check_client failes, bail out directly and hand the error back to the client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20742 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 17:15:15 +00:00
Love Hörnquist Åstrand
6da3d7025b More logging for pk-init client mismatch. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20736 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 16:45:21 +00:00
Love Hörnquist Åstrand
4d85d882e1 Also add a KRB5_PADATA_PK_AS_REQ_WIN for windows pk-init (-9) to make MIT clients happy. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20734 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-31 16:00:37 +00:00
Love Hörnquist Åstrand
60df0e8122 Force des3 for win2k. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20703 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-30 18:41:59 +00:00
Love Hörnquist Åstrand
2c99856c1c Add wrapping to ContentInfo wrapping to COMPAT_WIN2K. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20701 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-05-30 18:33:36 +00:00