oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,070 Commits 2 Branches 2 Tags
git2svn-syncpoint-master
Commit Graph

21 Commits

Author SHA1 Message Date
Nicolas Williams
19b6c47f72 Handle 1DES enctype similarity in MIT HDB 
We have some cross-realm principals in an MIT KDB with one kind of
    1DES enctype, but the other realm's KDCs issue x-realm TGTs where
    the ticket encpart key enctype is a different 1DES enctype.  We need
    this to work if we use Heimdal with the MIT HDB backend.

    An alternative would be to check for similar (or, rather,
    compatible) enctypes in the KDC (and elsewhere?).  This patch avoids
    the need to make such ugly changes elsewhere.
 2011-11-09 00:59:15 -06:00
Nicolas Williams
1b03abb250 This should be the final fix for enctype 0 issues (tested) 
But how to build an MIT KDB with enctype 0 keys for testing in
    Heimdal?  Hmmm...
 2011-10-06 00:55:54 -05:00
Nicolas Williams
e15cabe10a Fix for enctype 0 / length 0 keys in MIT HDB backend was incomplete 2011-10-05 17:50:26 -05:00
Nicolas Williams
3d6f86af27 Fix segfault in hdb-mitdb when princ have salt 2011-10-02 23:08:37 -05:00
Love Hornquist Astrand
923f3a434f free krb5_storage when dne 2011-09-30 12:44:34 +02:00
Nicolas Williams
0c893d3980 Fixed booboos from kadm5 key history patch set 
Also: add support for ignoring null enctype / zero-length keys,
    which *can* be found in MIT DB entries created in pre-historic
    times.

    Also: make the mitdb HDB backend more elegant (e.g., use the ASN.1
    compiler's generated sequence/array utility functions.

    Also: add a utility function needed for kadm5 kvno change
    improvements and make kadmin's mod --kvno work correctly and
    naturally.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-09-22 15:13:13 +02:00
Nicolas Williams
95262936c7 s/assert/heim_assert/ and remove dead code 2011-07-24 11:07:27 -05:00
Nicolas Williams
abd94953e2 Fixes to lock nesting code. 2011-07-22 16:04:52 -05:00
Nicolas Williams
58d72035f1 Added kadm5_lock() and unlock. 2011-07-22 16:04:52 -05:00
Nicolas Williams
e7f385ad0d Initial patch to make the MIT KDB backend for HDB handle multiple kvnos. 2011-07-22 16:04:51 -05:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Nicolas Williams
b5137810fb Various bug fixes in hdb-mitdb.c. 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-04-04 22:44:58 -07:00
Nicolas Williams
941eba430b Fixed a bug by s/u16/SEEK_CURR/; the bug prevented this mitdb backend from parsing MIT KDB entries with multiple kvnos in non-increasing order. 
Fixed a double-free bug that was triggered by MIT KDB entries with
multiple kvnos in non-increasing order.

Added lots of comments regarding the MIT KDB entry format.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-04-04 22:44:57 -07:00
Luke Howard
987658325e correctly decode MIT KDB flags 
Patch from Nico Williams <nico@cryptonector.com>
 2011-03-23 11:26:50 +11:00
Love Hornquist Astrand
0a10f35897 drop unused functions 2010-11-28 11:50:42 -08:00
Love Hornquist Astrand
6c6726d76c drop hdb_fetch 2010-11-28 11:46:46 -08:00
Love Hornquist Astrand
daa3d4753d implement fetch_kvno 2010-11-28 11:31:15 -08:00
Love Hornquist Astrand
1be05e6568 support KRB5_KDB_SALTTYPE_CERTHASH 2010-11-27 13:27:35 -08:00
Love Hornquist Astrand
bf3b753298 less warnings 2009-11-22 14:37:45 -08:00
Love Hornquist Astrand
89b14e91c2 backend to read the MIT Kerberos databse file directly 2009-11-22 12:52:57 -08:00