oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,223 Commits 2 Branches 2 Tags
ed4fe657948b69cf1b67aa3ada3fb78177fdf10a
Commit Graph

1167 Commits

Author SHA1 Message Date
Stefan Metzmacher
76f0fb9170 gsskrb5: fix ec and padding handling in _gssapi_wrap_cfx_iov() 
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-25 23:34:38 -07:00
Stefan Metzmacher
f286dd5d64 gsskrb5: fix _gssapi_wrap_iov_length_cfx() - there's more than just krb5 overhead... 
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-25 23:34:38 -07:00
Stefan Metzmacher
1a0423fd3d gsskrb5: make _gk_allocate_buffer() non static 
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-25 23:34:38 -07:00
Stefan Metzmacher
60725fd2f5 gsskrb5: add _gk_verify_buffers() 
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-25 23:34:37 -07:00
Love Hornquist Astrand
6618ca5ffc switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:22:49 -07:00
Love Hornquist Astrand
56f90c5b19 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:28 -07:00
Love Hornquist Astrand
f465930be7 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:19 -07:00
Love Hornquist Astrand
dfd40e4403 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:09 -07:00
Love Hornquist Astrand
03cb3aa56b use EVP_MD_CTX_create 2009-08-20 17:13:09 -07:00
Love Hornquist Astrand
88d55a1d06 Make compile for weak crypto global (HEIM_WEAK_CRYPTO) and use it for GSSAPI too 2009-08-17 18:06:42 +02:00
Love Hornquist Astrand
fc702a97f5 switch to use EVP interface instead of old crypto interface 2009-08-17 17:30:59 +02:00
Love Hornquist Astrand
62433c844c switch to use EVP interface instead of old crypto interface 2009-08-17 16:02:45 +02:00
Love Hornquist Astrand
fcfa32b0b9 Use constant time memcmp 2009-08-17 12:04:51 +02:00
Love Hornquist Astrand
42cec58cb4 switch to use EVP interface instead of old crypto interface 2009-08-17 11:43:24 +02:00
Love Hornquist Astrand
ddb54ca483 switch to use EVP interface instead of old MDX_ style interface 2009-08-17 10:16:13 +02:00
Love Hornquist Astrand
13c3b9b1c6 switch to use EVP interface instead of old MDX_ style interface 2009-08-17 10:15:31 +02:00
Love Hornquist Astrand
639e93d436 switch to use EVP interface instead of old MDX_ style interface 2009-08-17 10:14:24 +02:00
Love Hornquist Astrand
3ef05891ee switch to use EVP interface instead of old MDX_ style interface 2009-08-17 10:13:04 +02:00
Love Hornquist Astrand
ddb8230917 switch to use EVP interface instead of old MDX_ style interface 2009-08-17 10:10:42 +02:00
Love Hornquist Astrand
6ac304d156 Use min() instead of MIN() 2009-08-14 20:05:36 +02:00
Love Hornquist Astrand
95993f222c Fix order of flags, passes regression test now 2009-08-05 13:42:34 +02:00
Love Hornquist Astrand
0ede7ac561 Pass down the use-dce-style flag instead of the while gssapi krb5 context 2009-08-05 12:00:07 +02:00
Stefan Metzmacher
ab9e5d13ec gsskrb5: try to be compatible with windows for gss_wrap* and cfx 
The good thing is that windows and heimdal both use EC=0
in the non DCE_STYLE case, so we need the windows compat hack
only in DCE_STYLE mode.

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-04 20:22:05 +02:00
Stefan Metzmacher
0297d047a4 gsskrb5: add support for DCE_STYLE and des and des3 keys 
Only the des keys are tested as windows doesn't support des3

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-04 20:21:20 +02:00
Love Hornquist Astrand
fa502c6648 Add support for gss_{import,export}_cred() as requested by metze 
Works for krb5 and SPNEGO mechanisms. Kerberos credentials are passed as
credential cache names, or if there are memory based credentials, inband in the protocol. This means that the credentials buffers must be keep secret.

As documented by IBM (they have the wrong prototype though)
and GGF (GSS-API Extensions) back in 2001
 2009-07-29 13:36:02 +02:00
Love Hornquist Astrand
565236c603 Add store-cred to the dispatch table 2009-07-28 09:50:05 +02:00
Love Hornquist Astrand
c140f0255c Implement core of _gsskrb5_store_cred() 2009-07-27 09:42:46 +02:00
Love Hornquist Astrand
8b71d0b93f Prefer the realm of the user when doing referrals style ISC krb5-get-creds 
The the realm of the user's principal and prefer that when doing a lookup.
This code still need to be smarter can cache the "initial value" -> positive result
to avoid roundtrips to the KDC.
 2009-07-17 15:43:19 -07:00
Love Hörnquist Åstrand
de5f912e02 Contributed by Andrew Bartlett: 
When Samba4's 'fake' GSSAPI client contacts Windows 2008, and does not
request AP_MUTUAL_REQUIRED, it does not elicit a response packet.

We had previously assumed it was unconditional.  Samba3 didn't mind
very much, but Samba4's samba3-like client did, and the behaviour
differed to Win2008 behaviour.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25328 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-07-15 22:18:00 +00:00
Love Hörnquist Åstrand
8be9f44602 rename find_buffer 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25289 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-23 03:45:56 +00:00
Love Hörnquist Åstrand
2ca3492e42 remove stream bits for now 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25288 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-23 03:45:37 +00:00
Love Hörnquist Åstrand
769f86eb33 start of unpack stream if there is one. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25287 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-23 03:45:02 +00:00
Love Hörnquist Åstrand
c99b2003e2 Implement gss_wrap_iov, gss_unwrap_iov for CFX type encryption types. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-22 17:56:41 +00:00
Love Hörnquist Åstrand
74af14affc disable code 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25284 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-12 19:05:42 +00:00
Love Hörnquist Åstrand
9e9258e2b8 comment out unsupported options 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25183 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-05-06 19:02:03 +00:00
Love Hörnquist Åstrand
cae7efb522 Make KRB5KRB_AP_ERR_TKT_NYV trigger error_token too. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25128 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-16 08:31:15 +00:00
Love Hörnquist Åstrand
8efe3cee79 use krb5_cc_new_unique, use constants for cache types 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25054 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:06:31 +00:00
Love Hörnquist Åstrand
66167a029f use krb5_cc_new_unique, use constants for cache types 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25053 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:06:21 +00:00
Love Hörnquist Åstrand
6243aee99a use krb5_cc_new_unique, use constants for cache types 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25052 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:06:10 +00:00
Love Hörnquist Åstrand
06e0f0d12f use krb5_cc_new_unique, use constants for cache types 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25051 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:05:59 +00:00
Love Hörnquist Åstrand
f6de1a0ed0 make compile (missing implementation) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24951 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-25 23:29:56 +00:00
Love Hörnquist Åstrand
ac45625cb1 basic implementation 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24930 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-25 15:34:42 +00:00
Love Hörnquist Åstrand
6bff91ac85 qop_state is not used any more, remove 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24918 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-22 17:23:10 +00:00
Love Hörnquist Åstrand
2bd838c5ac ops is not used any more, remove 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24917 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-22 17:23:00 +00:00
Love Hörnquist Åstrand
277e354944 less errors 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24792 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-22 23:27:47 +00:00
Love Hörnquist Åstrand
41b829003c add conf_state to iov_length 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24772 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-22 23:24:15 +00:00
Love Hörnquist Åstrand
43ed47f3fe no longer used 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24746 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 19:12:12 +00:00
Love Hörnquist Åstrand
1eb329c605 sign_only do not contribute to length 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24721 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 18:35:49 +00:00
Love Hörnquist Åstrand
d7aefee1ab Switch arguments. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24720 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 18:35:38 +00:00
Love Hörnquist Åstrand
269a7a057b flatten include headers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:35:00 +00:00