Nicolas Williams 
							
						 
					 
					
						
						
							
						
						9f5a43084c 
					 
					
						
						
							
							Cleanups: s/ENOMEM/krb5_enomem(context)/  
						
						
						
						
					 
					
						2011-10-22 14:54:25 -05:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						a5e77c578e 
					 
					
						
						
							
							Deferred hostname canon using name canon rules  
						
						
						
						
					 
					
						2011-10-22 14:54:13 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						aaf9594429 
					 
					
						
						
							
							new use of _krb5_extract_ticket  
						
						
						
						
					 
					
						2011-07-24 20:24:38 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						0f489b7b28 
					 
					
						
						
							
							unexport krb5_init_etype, remove duplicate code  
						
						
						
						
					 
					
						2011-06-14 21:08:52 -07:00 
						 
				 
			
				
					
						
							
							
								Nicolas Williams 
							
						 
					 
					
						
						
							
						
						2fbad6432b 
					 
					
						
						
							
							Initial support for default_{as, tgs}_etypes.  
						
						... 
						
						
						
						Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org > 
						
						
					 
					
						2011-06-14 20:35:19 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						0879b9831a 
					 
					
						
						
							
							remove trailing whitespace  
						
						
						
						
					 
					
						2011-05-21 11:57:31 -07:00 
						 
				 
			
				
					
						
							
							
								Jeffrey Altman 
							
						 
					 
					
						
						
							
						
						6850d6a65f 
					 
					
						
						
							
							avoid uninit variable and unreachable code warnings  
						
						... 
						
						
						
						most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.
Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8 
						
						
					 
					
						2011-05-17 12:02:16 -04:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						f5f9014c90 
					 
					
						
						
							
							Warning fixes from Christos Zoulas  
						
						... 
						
						
						
						- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code 
						
						
					 
					
						2011-04-29 20:25:05 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						42f9c644cf 
					 
					
						
						
							
							Also try key usage 8 for tgs-rep subkey  
						
						... 
						
						
						
						If the is Windows 2000 DC, we need to retry with key usage 8 when doing ARCFOUR.
Thanks to Andrew and Tridge that helped me debug this using their systems. 
						
						
					 
					
						2010-11-29 11:19:24 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						c6d0dea6be 
					 
					
						
						
							
							remove dup prototype, fix the ok_as_delegate protocol  
						
						
						
						
					 
					
						2010-11-25 11:21:05 -08:00 
						 
				 
			
				
					
						
							
							
								Asanka C. Herath 
							
						 
					 
					
						
						
							
						
						35ac353f73 
					 
					
						
						
							
							Add forward declaration of get_cred_kdc_capth()  
						
						
						
						
					 
					
						2010-11-24 15:33:14 -05:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6184422fef 
					 
					
						
						
							
							compare the value of the client realm now that it might not be the same pointer  
						
						... 
						
						
						
						fixes the check-delegate test that the new direct hop patch broke 
						
						
					 
					
						2010-11-01 13:46:56 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						a16f7ea0ab 
					 
					
						
						
							
							add missing  
						
						... 
						
						
						
						prototype 
						
						
					 
					
						2010-10-31 01:09:24 -07:00 
						 
				 
			
				
					
						
							
							
								Asanka C. Herath 
							
						 
					 
					
						
						
							
						
						a73d30e619 
					 
					
						
						
							
							get_cred_kdc_capath() always try direct cross-realm first  
						
						
						
						
					 
					
						2010-10-31 01:04:27 -07:00 
						 
				 
			
				
					
						
							
							
								Asanka Herath 
							
						 
					 
					
						
						
							
						
						5dcc605f6b 
					 
					
						
						
							
							Fix calling conventions for Windows  
						
						
						
						
					 
					
						2010-08-20 13:14:10 -04:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						4a6a9d026b 
					 
					
						
						
							
							Plug double frees, patch orignally from Matthias Dieter Wallnöfer  
						
						
						
						
					 
					
						2010-06-29 08:12:55 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						03262460dd 
					 
					
						
						
							
							use krb5_principal_is_krbtgt  
						
						
						
						
					 
					
						2010-03-07 01:01:32 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						687db64c56 
					 
					
						
						
							
							Patch from Secure Endpoints/Asanka Herath for windows support  
						
						
						
						
					 
					
						2009-12-21 08:45:28 +01:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						dab6e078b2 
					 
					
						
						
							
							more logging, track kdc offset better  
						
						
						
						
					 
					
						2009-11-22 12:24:58 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						ae56d6eede 
					 
					
						
						
							
							unused variable  
						
						
						
						
					 
					
						2009-11-17 15:51:41 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						316fc6ff8f 
					 
					
						
						
							
							Simplify subkey usage for tgs-req, don't rewrite tgs-rep-sub-key keyuage for arcfour, its correct  
						
						
						
						
					 
					
						2009-11-15 21:31:25 -08:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						977acdd84d 
					 
					
						
						
							
							Always send subkey and assume reply is encrypted using subkey  
						
						
						
						
					 
					
						2009-10-11 09:12:01 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						8e08aa0a15 
					 
					
						
						
							
							Use krb5_free_keyblock()  
						
						
						
						
					 
					
						2009-10-11 08:45:51 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						57b40643b9 
					 
					
						
						
							
							use server name for referral decision  
						
						
						
						
					 
					
						2009-10-06 07:38:29 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						6d1d17efed 
					 
					
						
						
							
							don't canonicalize names that are short then 2 name element  
						
						... 
						
						
						
						Since KDC will probably guess wrong on them, and doing
afs@CLIENT-REALM have too large change of actually working. 
						
						
					 
					
						2009-10-05 22:07:47 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						753e2cc925 
					 
					
						
						
							
							Check that enctypes are valid/enabled before trying to request them  
						
						
						
						
					 
					
						2009-10-05 19:17:11 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						dc31556b7d 
					 
					
						
						
							
							use krb5_generate_subkey_extended  
						
						
						
						
					 
					
						2009-10-04 11:12:43 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						9211c47a30 
					 
					
						
						
							
							Deprecate krb5_get_cred_from_kdc{,_opt} since they are replacement functions  
						
						
						
						
					 
					
						2009-07-17 20:38:32 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						80021f5e05 
					 
					
						
						
							
							Make get_cred_kdc_any a private function.  
						
						
						
						
					 
					
						2009-07-17 20:36:42 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hornquist Astrand 
							
						 
					 
					
						
						
							
						
						de5110c05a 
					 
					
						
						
							
							(krb5_get_kdc_cred): make sure that out_creds points to NULL on failure  
						
						
						
						
					 
					
						2009-07-16 23:54:54 -07:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						942a821fab 
					 
					
						
						
							
							remove RCSID  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25171 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2009-05-04 06:17:40 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						6adab55480 
					 
					
						
						
							
							rename S4U2SELF to FOR_USER  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25046 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2009-04-03 04:04:54 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						f1a7da6a55 
					 
					
						
						
							
							Patch from Riverbed (Derrick Pallas) under the license of the files they are in:  
						
						... 
						
						
						
						memory leak in krb5_get_creds_opt->ticket
	The function krb5_get_creds_opt_set_ticket copies a Ticket
	into a krb5_get_cred_opt structure. However,
	krb5_get_creds_opt_free does not clean up this Ticket, even
	thought he manual pages indicate that it should.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24945 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2009-03-25 15:37:42 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						7f51de4922 
					 
					
						
						
							
							check that length > 0, not that data is a pointer, cid#143  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24107 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-12-11 05:00:49 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						60d35f97bc 
					 
					
						
						
							
							use asn1 decoder function directly  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24060 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-12-11 04:50:58 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						03babea1e3 
					 
					
						
						
							
							switch to krb5_clear_error_message  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23911 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-10-14 02:55:39 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						44c8e64262 
					 
					
						
						
							
							split long lines  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23870 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-09-28 05:14:55 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						11ffd80c63 
					 
					
						
						
							
							Strip of ok-as-delegate for the tgt/service if the cross ticket didn't  
						
						... 
						
						
						
						have one.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23846 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-09-20 11:16:33 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						6937d41a02 
					 
					
						
						
							
							remove trailing whitespace  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-09-13 09:21:03 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						e172367898 
					 
					
						
						
							
							switch to utf8 encoding of all files  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-09-13 08:53:55 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						e8a185dbf5 
					 
					
						
						
							
							N_()ify  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23759 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-09-07 21:17:02 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						d542833a1f 
					 
					
						
						
							
							use krb5_set_error_message  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23280 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-06-23 03:26:18 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						e46ef6c72a 
					 
					
						
						
							
							Try both kdc server referral and the old client chasing mode.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22770 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:09:29 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						2523a24965 
					 
					
						
						
							
							Don't do canonicalize by default, make add_cred() sane, make loop  
						
						... 
						
						
						
						detection in credential fetching better.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22768 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:09:21 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						526b428c75 
					 
					
						
						
							
							Make work for constrained delegation and impersonation.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22758 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:08:43 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						e33ec47aaf 
					 
					
						
						
							
							Try moving referrals checking into _krb5_extract_ticket().  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22743 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:07:46 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						1da2a3782e 
					 
					
						
						
							
							Add code to check PA_ServerReferralData.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22737 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:07:22 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						d6845ca8a4 
					 
					
						
						
							
							kill trailing whitespace  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22734 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:07:09 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						a86c4ec9ab 
					 
					
						
						
							
							Insecure tgs referrals.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22723 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:06:26 +00:00 
						 
				 
			
				
					
						
							
							
								Love Hörnquist Åstrand 
							
						 
					 
					
						
						
							
						
						756ead1cd9 
					 
					
						
						
							
							Find_cred to try krb5_cc_retrieve_cred first, remove comment.  
						
						... 
						
						
						
						git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22719 ec53bebd-3082-4978-b11e-865c3cabbd6b 
						
						
					 
					
						2008-03-24 12:06:08 +00:00