oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,071 Commits 2 Branches 2 Tags
f4ba41ebdd6a9c3e7c2dd8ccf2940b724b333f99
Commit Graph

27071 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Bartlett
0e7437ba2e HEIMDAL: Supply krb5_context to _krb5_internal_hmac to allow logging 
Without this, log messages from any abort are not printed to
the samba logs.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-12-11 21:45:15 -08:00
Love Hornquist Astrand
c4d97ae93e encode result code with right length, pointed out by Rangar Sundblad, thanks! 2011-12-11 18:22:29 -08:00
Love Hornquist Astrand
2eb0d6ec82 dont entrust sprintf to encode binary packets 2011-12-11 18:08:05 -08:00
Nicolas Williams
35e28dcd5d Fix incomplete sentence in krb5.conf.5 2011-12-10 14:27:46 -06:00
Nicolas Williams
27ba7a5982 Address code review comments (use .Xr and .Pa macros in krb5.conf.5) 2011-12-10 14:06:16 -06:00
Nicolas Williams
e00b43a94b Address code review comments (k5login/foo in EXTRA_DIST) 2011-12-10 14:06:15 -06:00
Nicolas Williams
3109770484 Address code review comments (use _krb5_homedir_access()) 2011-12-10 14:06:09 -06:00
Nicolas Williams
8e04b6dce2 Address code review comments (use krb5_enomem()) 2011-12-10 14:05:35 -06:00
Nicolas Williams
abd065be02 Add a test for krb5_kuserok() 2011-12-08 13:34:02 -06:00
Nicolas Williams
b9f8e6d956 Add DENY rule for krb5_kuserok() and update manpage 2011-12-08 13:34:02 -06:00
Nicolas Williams
8e63cff2cc Document krb5_kuserok() configuration parameters 2011-12-08 13:34:01 -06:00
Nicolas Williams
ad7e54d698 Generalize token expansion to allow for context-specific tokens 2011-12-08 13:33:37 -06:00
Nicolas Williams
6aec02f979 Make krb5_kuserok() pluggable and add features (including MIT config compat) 2011-12-08 13:33:36 -06:00
Nicolas Williams
cfe7f6312a Improve _krb5_plugin_run_f() 2011-12-08 13:33:36 -06:00
Love Hörnquist Åstrand
b8c710a130 some more status 2011-12-03 13:36:39 -08:00
Love Hörnquist Åstrand
0e6bd29e44 use right directory 2011-12-03 13:36:32 -08:00
Love Hörnquist Åstrand
01884ebf2f fix argument order 2011-12-03 13:24:15 -08:00
Love Hörnquist Åstrand
fdeb7b2318 fix sizeof 2011-12-03 13:02:28 -08:00
Nicolas Williams
89bae59b49 Fix error clobbering bug and code review comments 2011-12-02 01:04:22 -06:00
Nicolas Williams
da14596f0e Add a test for aname2lname 2011-12-02 01:03:31 -06:00
Nicolas Williams
f468ed4759 Make krb5_aname_to_localname() use the libheimbase binary search functions 2011-12-02 01:03:08 -06:00
Nicolas Williams
659c761213 Add private text file binary search API to libheimbase 2011-12-02 01:02:44 -06:00
Nicolas Williams
aea02876e7 Initial aname2lname plugin patch based on code from Love 
Included is a default plugin that searches a sorted text file where
    every line is of the form:
	<unparsed-principal>[<whitespace><username>]
    If the username is missing in a matching line then an error is
    returned.  If a matching line is not found then the next plugin will
    be allowed to run, if any.
 2011-12-02 00:58:26 -06:00
Nicolas Williams
d0abcebf80 Make _krb5_plugin_run_f() use krb5_plugin_register()ed plugins too 2011-12-02 00:58:26 -06:00
Love Hörnquist Åstrand
58329bc1a0 __HEIM_OCTET_STRING__ 2011-11-30 00:35:51 -08:00
Love Hörnquist Åstrand
32aef60c6c __HEIM_OCTET_STRING__ 2011-11-30 00:34:50 -08:00
Love Hörnquist Åstrand
206b22c9f5 add data object 2011-11-29 23:40:28 -08:00
Nicolas Williams
417dff03ba Fix trailing whitespace 2011-11-29 14:50:44 -06:00
Roland C. Dowdeswell
af011f57fc Provide server side kadm5_chpass_principal_3() with ks_tuple implementation. 
We enable kadm5_chpass_principal_3() in the server side of the
library.  The client kadm5 library calls will still return the
error KAMD5_KS_TUPLE_NO_SUPP.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Roland C. Dowdeswell
00bea41dcb Fix hdb_generate_key_set() to honour ks_tuple, n_ks_tuple. 
The code was generating a char ** of string representations of the
ks_tuple() array but it was not using it.  We modify the code to:

	1.  extend the array returned by ks_tuple2str() to include
	    enough space for the trailing NULL and ensure that there
	    is a NULL at the end,

	2.  not free the array before exiting ks_tuple2str() as we
	    intend to use it in the caller,

	3.  re-organise the pointers in hdb_generate_key_set() to
	    make it more clear how we are to free things that have
	    been allocated.

	4.  free the char ** given us by ks_tuple2str() if it has
	    been allocated.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Roland C. Dowdeswell
2f6ad56c46 Reverse order of n_ks_tuple and ks_tuple in hdb_generate_key_set(). 
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Luke Howard
21173f98dc add fast.c to dist sources 2011-11-29 12:52:32 +11:00
Luke Howard
c18d1a804e add fast.c to Windows build 2011-11-29 12:51:07 +11:00
Nicolas Williams
265d9ba5ca Error/warning cleanups for clang (LLVM) 2011-11-28 14:42:06 -06:00
Nicolas Williams
c757eb7fb0 Rename and fix as/tgs-use-strongest-key config parameters 
Different ticket session key enctype selection options should
    distinguish between target principal type (krbtgt vs. not), not
    between KDC request types.
 2011-11-25 17:21:04 -06:00
Nicolas Williams
c930853dd1 Export heim_bool_val from libheimbase 2011-11-24 00:00:50 -06:00
Love Hörnquist Åstrand
fa304162db test rsa mode too 2011-11-23 09:43:56 -08:00
Love Hörnquist Åstrand
04895ee955 extract out perf number code 2011-11-23 07:10:35 -08:00
Love Hörnquist Åstrand
b69246d766 use pre-generated certs/keys 2011-11-22 19:11:26 -08:00
Love Hörnquist Åstrand
a8e4c393ee use pre-generated certs/keys 2011-11-22 19:11:16 -08:00
Love Hörnquist Åstrand
c376e869a0 kdc-tester4.json is in objdir 2011-11-22 19:01:56 -08:00
Love Hörnquist Åstrand
8242b14eb9 add kdc-tester3.json 2011-11-22 18:59:38 -08:00
Nicolas Williams
0dd9982cb7 Forgot tests/kdc/kdc-tester4.json.in 2011-11-22 20:45:19 -06:00
Love Hörnquist Åstrand
2e37f67e6f handle new syntax for ccache's 2011-11-22 17:57:49 -08:00
Love Hörnquist Åstrand
dce7b990ed handle writing credential into ccache, use them in as fast-ccache and then destory them 2011-11-22 17:57:05 -08:00
Love Hörnquist Åstrand
f53199ba53 pretty printing 2011-11-22 17:56:25 -08:00
Nicolas Williams
35f4032381 Add PKINIT support in kdc-tester and check-tester 2011-11-22 18:48:41 -06:00
Nicolas Williams
b02365d714 Forgot to add kdc-tester3.json 2011-11-22 17:47:29 -06:00
Nicolas Williams
7d04b50398 Merge branch 'kdc-tester' 2011-11-22 17:08:33 -06:00
Nicolas Williams
d630567f70 Add performance measurements for FAST (with host key and user keys, not password) 2011-11-22 17:05:06 -06:00