oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,070 Commits 2 Branches 2 Tags
git2svn-syncpoint-master
Commit Graph

15670 Commits

Author SHA1 Message Date
Nicolas Williams
d0abcebf80 Make _krb5_plugin_run_f() use krb5_plugin_register()ed plugins too 2011-12-02 00:58:26 -06:00
Love Hörnquist Åstrand
58329bc1a0 __HEIM_OCTET_STRING__ 2011-11-30 00:35:51 -08:00
Love Hörnquist Åstrand
32aef60c6c __HEIM_OCTET_STRING__ 2011-11-30 00:34:50 -08:00
Nicolas Williams
417dff03ba Fix trailing whitespace 2011-11-29 14:50:44 -06:00
Roland C. Dowdeswell
af011f57fc Provide server side kadm5_chpass_principal_3() with ks_tuple implementation. 
We enable kadm5_chpass_principal_3() in the server side of the
library.  The client kadm5 library calls will still return the
error KAMD5_KS_TUPLE_NO_SUPP.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Roland C. Dowdeswell
00bea41dcb Fix hdb_generate_key_set() to honour ks_tuple, n_ks_tuple. 
The code was generating a char ** of string representations of the
ks_tuple() array but it was not using it.  We modify the code to:

	1.  extend the array returned by ks_tuple2str() to include
	    enough space for the trailing NULL and ensure that there
	    is a NULL at the end,

	2.  not free the array before exiting ks_tuple2str() as we
	    intend to use it in the caller,

	3.  re-organise the pointers in hdb_generate_key_set() to
	    make it more clear how we are to free things that have
	    been allocated.

	4.  free the char ** given us by ks_tuple2str() if it has
	    been allocated.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Roland C. Dowdeswell
2f6ad56c46 Reverse order of n_ks_tuple and ks_tuple in hdb_generate_key_set(). 
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
 2011-11-29 14:47:37 -06:00
Luke Howard
21173f98dc add fast.c to dist sources 2011-11-29 12:52:32 +11:00
Luke Howard
c18d1a804e add fast.c to Windows build 2011-11-29 12:51:07 +11:00
Nicolas Williams
c757eb7fb0 Rename and fix as/tgs-use-strongest-key config parameters 
Different ticket session key enctype selection options should
    distinguish between target principal type (krbtgt vs. not), not
    between KDC request types.
 2011-11-25 17:21:04 -06:00
Nicolas Williams
7d04b50398 Merge branch 'kdc-tester' 2011-11-22 17:08:33 -06:00
Nicolas Williams
81293d9334 krb5_get_init_creds*() should not krb5_cc_close() the FAST ccache! 2011-11-22 17:04:35 -06:00
Nicolas Williams
ad60b236a0 Add missing symbols to export list 2011-11-22 17:04:03 -06:00
Love Hornquist Astrand
35848f5869 use low match distance for helping, or use ask user to use "help" 2011-11-22 13:58:41 -08:00
Love Hornquist Astrand
00494ac136 use sl_did_you_mean 2011-11-22 12:21:15 -08:00
Love Hornquist Astrand
e0613d6aa6 use ? 2011-11-22 12:19:04 -08:00
Love Hornquist Astrand
623bd64f0c use sl_did_you_mean 2011-11-22 12:18:48 -08:00
Love Hornquist Astrand
d26df6ba7f export sl_did_you_mean that uses OptimalStringAlignmentDistance to propose an alternative 2011-11-22 12:18:37 -08:00
Love Hornquist Astrand
118f99e308 tell if keytab is missing principal 2011-11-22 11:00:51 -08:00
Love Hornquist Astrand
f2319c2458 better help on unknown command 2011-11-22 11:00:51 -08:00
Love Hörnquist Åstrand
354ef711f3 restructure 2011-11-21 20:34:35 -08:00
Love Hörnquist Åstrand
1d7c483db2 use get and set 2011-11-21 20:34:35 -08:00
Love Hornquist Astrand
8a0e0f9472 do m-r on more then one prime 2011-11-21 20:33:53 -08:00
Stefan Metzmacher
7ecbac23f6 lib/krb5: add utf8 support to build_logon_name() for the PAC 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
55d66f2aff lib/wind: export wind_ucs2write() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:45 -08:00
Stefan Metzmacher
805304d3f8 lib/winbd: fix wind_ucs2write with WIND_RW_LE 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Stefan Metzmacher
dcd34e5967 lib/wind: fix wind_ucs4utf8() and wind_ucs2utf8() 
Pair-Programmed-With: Arvid Requate <requate@univention.de>

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-11-16 19:42:44 -08:00
Nicolas Williams
349609ed20 Initial test of x-realm TGT w/ kvno 0 and key rollover 
NOTE: The test runs and succeeds, but the client seems to be getting
	  a new x-realm TGT after we set the kvno to 0 or remove the
	  kvno from the tickets.  This means we're not really testing
	  the TGS paths!  So this test is not yet ready.
 2011-11-15 21:53:34 -06:00
Nicolas Williams
c9609cdb37 Initial patch for dealing with AD x-realm key rollover 
AD issues x-realm TGTs with kvno 0.  On key x-realm trust key change
    we need to be able to try current and previous keys for trust, else
    we will have some failures.
 2011-11-15 21:53:33 -06:00
Love Hörnquist Åstrand
01ddeee37f use heim_verbose 2011-11-13 10:01:40 -08:00
Nicolas Williams
19b6c47f72 Handle 1DES enctype similarity in MIT HDB 
We have some cross-realm principals in an MIT KDB with one kind of
    1DES enctype, but the other realm's KDCs issue x-realm TGTs where
    the ticket encpart key enctype is a different 1DES enctype.  We need
    this to work if we use Heimdal with the MIT HDB backend.

    An alternative would be to check for similar (or, rather,
    compatible) enctypes in the KDC (and elsewhere?).  This patch avoids
    the need to make such ugly changes elsewhere.
 2011-11-09 00:59:15 -06:00
Nicolas Williams
40a7d4b62f More fixes for -Werror (GCC 4.6 catches more stuff) 2011-11-02 23:20:55 -05:00
Nicolas Williams
3bebbe5323 Fixes to make Heimdal -Wall -Werror clean 
These fixes make developer mode build, at least on Ubuntu.
 2011-11-02 21:42:08 -05:00
Love Hörnquist Åstrand
9c830f5237 indent 2011-10-31 22:10:09 -07:00
Love Hörnquist Åstrand
877df213eb make sure we don't use stack content, don't count on that unsigned value can be negative 2011-10-31 22:05:42 -07:00
Love Hörnquist Åstrand
2e2b5daf7a send output to /dev/null 2011-10-31 21:27:51 -07:00
Nicolas Williams
c353962428 Oops, mismerge in principal.c 2011-10-31 00:29:36 -05:00
Nicolas Williams
104bb8ef53 Fix unitialized HDB_extension problem (specifically the mandatory field) 2011-10-31 00:20:05 -05:00
Nicolas Williams
7da9d7d75f Fix memory leak in name canon rule iterator 2011-10-31 00:15:07 -05:00
Love Hornquist Astrand
6436cd99b7 remove lex_classic_input(void) prototype 2011-10-29 19:13:04 -07:00
Love Hornquist Astrand
42e6fb794d avoid const warning 2011-10-29 19:10:20 -07:00
Nicolas Williams
1192120b86 Fix 64-bit warnings in name canon rules code 2011-10-29 16:48:56 -05:00
Love Hörnquist Åstrand
1fe4d77846 remove getprogname.c 2011-10-28 20:36:40 -07:00
Love Hörnquist Åstrand
a57988153e indent 2011-10-28 20:08:08 -07:00
Love Hörnquist Åstrand
f1e7d2ccba allow checksum type NULL since des3-cbc-null uses it (gss-api mech) 2011-10-28 19:54:02 -07:00
Love Hörnquist Åstrand
b4972bd4f0 no longer need getprogname() 2011-10-28 19:31:05 -07:00
Love Hörnquist Åstrand
3570802d59 use getprogname if we have, otherwise punt, remove roken dependency 2011-10-28 19:30:55 -07:00
Love Hörnquist Åstrand
1a1bd736c0 merge support for FAST in as-req codepath 2011-10-28 19:25:48 -07:00
Nicolas Williams
3a393427e9 krb5_principal_compare() can't return errors... 2011-10-27 22:57:02 -05:00
Nicolas Williams
c433fefb23 Fix contributewd by Roland Dowdeswell for 64-bit bug in name canon patches 2011-10-27 17:34:57 -05:00