2430aab0de
Use KRB5_AUTHDATA_INITIAL_VERIFIED_CAS.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21095 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-15 20:01:45 +00:00
5286ace71e
tell user when they got a pk-init request with pkinit disabled.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21087 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-13 18:19:08 +00:00
247866e443
Constify.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21041 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-10 06:21:12 +00:00
6b687aaa00
Constify.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21040 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-10 06:20:59 +00:00
4f3369a872
Check for KRB5-PADATA-PK-AS-09-BINDING. Constify.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21039 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-10 06:20:31 +00:00
cc4333b758
remove cvs ignore files
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21026 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-09 03:09:59 +00:00
71bc52d5ac
EXTRA_DIST += version-script.map.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21020 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-08 15:35:50 +00:00
ad36551067
Break out loading of mappings file to a separate function and remove
...
warning that it can't open the mapping file, there are now mappings in
the db, maybe the users uses that instead...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20998 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 22:53:31 +00:00
501beea27a
add new symbols
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20978 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 15:28:40 +00:00
24cf0fdeae
Also update krb5_context view of what the time is.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20970 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 06:54:55 +00:00
ea26dbde83
Add --[version|help].
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20963 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 05:12:59 +00:00
a3f341f304
Push down the kdc time into the x509 library.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20960 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 04:48:11 +00:00
8b91b80a1e
Remove out2, no longer used.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20959 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 04:46:06 +00:00
23ed41b109
Move up krb5_kdc_save_request so we can catch the reply data too.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20958 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 04:35:05 +00:00
4fe154b2f9
verify reply by checking asn1 class, type and tag of the reply if
...
there is one.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20957 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 04:34:14 +00:00
43a028c82a
Save asn1 class, type and tag of the reply if there is one. Used to
...
verify the reply in kdc-replay.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20956 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 04:32:53 +00:00
1902040622
extern for request_log.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20954 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:30:15 +00:00
7d1da27427
Add kdc-replay.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20953 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:20:22 +00:00
162660bade
Replay kdc messages to the KDC library.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20952 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:19:07 +00:00
35a6f8ed22
Pick up request_log from [kdc]kdc-request-log.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20951 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:08:39 +00:00
44e3c4e620
Option to save the request to disk.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20950 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:07:42 +00:00
7e2f36b1d6
(krb5_kdc_save_request): save request to file.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20949 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 03:07:04 +00:00
01d0aa7e38
Update kdc time.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20948 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 02:20:45 +00:00
c42a34c36d
(krb5_kdc_process*): dont update _kdc_time automagicly.
...
(krb5_kdc_update_time): set or get current kdc-time.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20947 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-07 02:20:10 +00:00
6f787893cd
(_kdc_pk_rd_padata): accept both pkcs-7 and pkauthdata as the signeddata oid
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20943 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-06 22:14:36 +00:00
3d7fc2b1e7
(_kdc_pk_rd_padata): Try to log what went wrong.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20942 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-06 22:03:20 +00:00
a7169a17a6
Use oid_id_pkcs7_data for pkinit-9 encKey reply to match windows DC
...
behavior better.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20927 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-05 17:23:44 +00:00
f48ceb510e
(digest ntlm): provide log entires by setting ret to an error.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20877 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-04 04:07:26 +00:00
ceb434a58b
In case of OCSP verification failure, referash every 5 min. In case of
...
success, refreash 2 min before expiring or faster.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20812 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-06-03 03:35:32 +00:00
da1be13db5
Handle the ms san in a propper way, still cheat with the realm name.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20748 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-31 17:31:43 +00:00
1c488f05de
If _kdc_pk_check_client failes, bail out directly and hand the error back to the client.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20742 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-31 17:15:15 +00:00
6da3d7025b
More logging for pk-init client mismatch.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20736 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-31 16:45:21 +00:00
4d85d882e1
Also add a KRB5_PADATA_PK_AS_REQ_WIN for windows pk-init (-9) to make MIT clients happy.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20734 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-31 16:00:37 +00:00
60df0e8122
Force des3 for win2k.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20703 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-30 18:41:59 +00:00
2c99856c1c
Add wrapping to ContentInfo wrapping to COMPAT_WIN2K.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20701 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-30 18:33:36 +00:00
26c0e3189d
catch failures from _krb5_principalname2krb5_principal
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20697 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-30 14:32:26 +00:00
dcf2f42e79
Allow matching by MS UPN SAN, note that this delta doesn't deal with
...
case of realm.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20690 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-05-30 13:37:44 +00:00
628db42656
rename windc_init to krb5_kdc_windc_init
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20559 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-24 16:00:07 +00:00
7e6b98aa96
version script for libkdc
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20551 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-24 11:45:04 +00:00
f892256e21
version script for libkdc
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20550 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-24 11:43:54 +00:00
ea47402577
Use krb5_kdc_get_config and just fill in what the users wanted differently.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20533 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-23 07:47:56 +00:00
ef7201572e
Make the default configuration fetch info from the krb5.conf.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20532 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-23 07:46:57 +00:00
7ba2b2006c
rename des to hcrypto
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20466 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-20 08:29:05 +00:00
6f469b4af4
remove code that depend on kerberos 4 library
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20456 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-19 20:29:42 +00:00
7a339bab7d
revert 20447, it doesnt pass the regression tests, exports too much
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20454 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-19 20:21:51 +00:00
0c2182a3ba
Call out to Heimdal's krb5.conf processing to configure many aspects
...
of KDC behaviour. This should allow PKINIT to be turned on and
managed with reasonable sanity.
From Andrew Bartlet
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20447 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-19 18:22:41 +00:00
87e6051ddc
(main): free the message when done with it.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20434 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-19 14:00:32 +00:00
97e369f300
don't check size since that currently leaks memory
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20430 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-19 10:33:30 +00:00
760ffa0e99
Spelling, from raga <raga@comcast.net> via Bjorn Sandell.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20316 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-04-11 11:53:20 +00:00
9fe7e832c7
Return the same error codes as a windows KDC.
...
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20279 ec53bebd-3082-4978-b11e-865c3cabbd6b
2007-02-22 02:05:53 +00:00
Love Hörnquist Åstrand