oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,523 Commits 2 Branches 2 Tags
fb8c65a8c2a74a2916b180fd4675f5b51e56c674
Commit Graph

4849 Commits

Author SHA1 Message Date
Asanka C. Herath
6e6468ab98 Windows: Search for config files in %{COMMON_APPDATA}/Kerberos 
In addition to the Heimdal directory, also search in the
generic Kerberos configuration file directory.
 2010-11-24 15:32:36 -05:00
Asanka C. Herath
2f2dca748d Don't dereference a possible NULL pointer 2010-11-24 15:32:35 -05:00
Asanka C. Herath
00ba841893 Windows: Use backwards compatible registry key for default cache 
On Windows, existing applications determine and change the default
credentials cache using the Kerberos for Windows registry key
(\Software\MIT\Kerberos5, ccname).  Use it for backwards
compatibility.
 2010-11-24 15:32:34 -05:00
Asanka C. Herath
45002e092c Use rk_socket_t in lib/krb5/changepw.c 2010-11-24 15:32:33 -05:00
Asanka C. Herath
ba6c36b0d7 Windows: Fix exports for libkrb5 2010-11-24 15:32:22 -05:00
Asanka C. Herath
f40fe926ad Windows: Comprehensive clean target 2010-11-24 15:32:13 -05:00
Asanka C. Herath
f44925e8a6 Deal with quoted strings when reading lists of config strings 2010-11-24 15:32:12 -05:00
Asanka C. Herath
03694f3505 Trim trailing slashes of plug-in paths 2010-11-24 15:32:11 -05:00
Asanka C. Herath
f159cef78a Rename get_entry() -> _krb5_config_get_entry() 2010-11-24 15:32:11 -05:00
Asanka C. Herath
d247242f63 Windows: Registry based configuration 
Load configuration data in the registry into a krb5_config_section.
Each registry key corresponds to a krb5_config_section and each
registry value becomes a bound string value.

The set of values contained in the root Heimdal registry key is
treated as if they were defined in the [libdefaults] section.

E.g. the configuration file:

[libdefaults]
foo = bar

[Foo]
x = y
y = {
  baz = quux
}

is equivalent to the registry keys:

[HKEY_CURRENT_USER\Software\Heimdal]
"foo"="bar"

[HKEY_CURRENT_USER\Software\Heimdal\Foo]
"x"="y"

[HKEY_CURRENT_USER\Software\Heimdal\Foo\y]
"baz"="quux"
 2010-11-24 15:32:08 -05:00
Asanka C. Herath
392f9541f1 Override existing plug-ins by default when loading cache plug-ins 2010-11-24 15:32:08 -05:00
Asanka C. Herath
6abe08a0a3 Validate plug-in names before loading 
On Windows, we only want to load .dll files are plug-ins, even though
there might be other support files present in the plug-in directory.
 2010-11-24 15:32:06 -05:00
Asanka C. Herath
7fea5ff69a Use expanded path names when loading plug-ins 2010-11-24 15:32:05 -05:00
Love Hornquist Astrand
6920fbbef1 remove krb5 support 2010-11-20 14:39:20 -08:00
Love Hornquist Astrand
fae3d127a2 remove krb4 support 2010-11-20 14:38:21 -08:00
Love Hornquist Astrand
8f2e0a7010 export internal functions so we dont need private headers 2010-11-20 14:05:54 -08:00
Andrew Tridgell
157d60a0eb heimdal: fixed a shadowed variable warning for error_message 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-08 22:27:32 -08:00
Love Hornquist Astrand
457c2d6d2c use md4 to verify md4 2010-11-08 14:39:26 -08:00
Love Hornquist Astrand
f178458310 use krb5_data_ct_cmp 2010-11-06 20:53:04 +01:00
Love Hornquist Astrand
5a801c8f4a use krb5_data_ct_cmp 2010-11-06 20:52:53 +01:00
Love Hornquist Astrand
2d1ca83efa use krb5_data_ct_cmp 2010-11-06 20:52:33 +01:00
Love Hornquist Astrand
15f0adad02 add krb5_data_ct_cmp 2010-11-06 20:36:12 +01:00
Love Hornquist Astrand
0be50bf118 add krb5_data_ct_cmp 2010-11-06 20:36:08 +01:00
Love Hornquist Astrand
55c4979df2 Now pac from christian passes since we make hmac checksums always use the raw key 2010-11-06 20:23:49 +01:00
Love Hornquist Astrand
d6b93cec1e internal function _krb5_HMAC_MD5_checksum 2010-11-06 20:11:19 +01:00
Love Hornquist Astrand
55ccd5ff9c use _krb5_enomem and indent 2010-11-06 20:10:26 +01:00
Love Hornquist Astrand
a1f749f4af add _krb5_enomem 2010-11-06 20:09:07 +01:00
Love Hornquist Astrand
5ab43b8520 plug memory leak 2010-11-06 20:01:02 +01:00
Andrew Bartlett
a42b77fb22 heimdal Add handling for PAC signatures over all encryption types 
There are exceptions from the expected behaviour of 'checksum type
matches key type' that we must deal with here, or else we can't serve
DES-only servers.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-06 19:56:48 +01:00
Simon Wilkinson
1d9072f026 krb5: reorganise crypto.c 
lib/krb5/crypto.c was a large, monolithic block of code which made
it very difficult to selectively enable and disable particular
alogrithms.

Reorganise crypto.c into individual files for each encryption and
salt time, and place the structures which tie everything together
into their own file (crypto-algs.c)

Add a non-installed library (librfc3961) and test program
(test_rfc3961) which builds a minimal rfc3961 crypto library, and
checks that it is usable.
 2010-11-03 11:12:24 +00:00
Love Hornquist Astrand
6184422fef compare the value of the client realm now that it might not be the same pointer 
fixes the check-delegate test that the new direct hop patch broke
 2010-11-01 13:46:56 -07:00
Love Hornquist Astrand
a16f7ea0ab add missing 
prototype
 2010-10-31 01:09:24 -07:00
Asanka C. Herath
a73d30e619 get_cred_kdc_capath() always try direct cross-realm first 2010-10-31 01:04:27 -07:00
Love Hornquist Astrand
6f9a423c0a add libheimbase.la 2010-10-30 13:59:19 -07:00
Love Hornquist Astrand
e0a1e0a806 simplify 2010-10-27 20:48:55 -07:00
Love Hornquist Astrand
edc1c3e2a1 add heimbase.h 2010-10-27 20:43:15 -07:00
Love Hornquist Astrand
7259b7deff new way to run plugins that have less overhead (code and performance vice) 2010-10-27 20:42:35 -07:00
Love Hornquist Astrand
ba8fe4b799 load plugin once 2010-10-27 20:42:01 -07:00
Jan Rękorajski
99f690fd19 krb5_cc_last_change_time is missing 2010-10-18 16:07:59 -07:00
Love Hornquist Astrand
0a608964a4 only set error code in case of failure, add comment 2010-10-02 12:13:19 -07:00
Love Hornquist Astrand
0789271ebb indent, return error code 2010-10-02 11:59:53 -07:00
Andrew Bartlett
7ea9ccf737 heimdal: added verbose logging of hemimdal crypto errors 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:56:26 -07:00
Buck Huppmann
799956e9b7 Check if we should enable weak crypto before parsing enctypes list 
This since the enctypes lists doesn't include weak crypto alg in the
resulting list.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:28:20 -07:00
Love Hornquist Astrand
6beb058640 Handle picky windows RODC servers 2010-10-01 17:49:05 -07:00
Love Hornquist Astrand
1072afd6bf Andrew Bartlet pointed out that the patch was incomplete, update and write doxygen. 2010-09-30 00:44:35 -07:00
Love Hornquist Astrand
f454f45fbf If the hostname contains a dot, assumes it's a FQAN and don't use 
search domains since that might be painfully slow when machine is
disconnected from that network.

Found by Tridge
 2010-09-28 22:37:01 -07:00
Karolin Seeger
035106be97 s4-krb5: Fix typos in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:12:09 -07:00
Asanka C. Herath
cad554ad3d Generalize MSLSA ccache type to a plug-in based ccache type 2010-09-18 23:50:38 -04:00
Love Hornquist Astrand
fea391eb96 remove prefix zeros 2010-09-18 14:45:33 -07:00
Love Hornquist Astrand
8668bfaefc less brokenness 2010-09-18 11:55:59 -07:00