oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • 2a2a83b712 base: fix string description of array-object type Luke Howard 2022-01-03 16:24:11 +11:00
  • 44a8cf1747 base: avoid unnecessary allocation of "reason" key Luke Howard 2022-01-03 16:19:49 +11:00
  • 097a3de44e kdc: don't cast away const in krb5plugin_kdc_ftable Luke Howard 2022-01-03 13:37:03 +11:00
  • fcff5933ad kdc: rename windc to kdc plugin Luke Howard 2022-01-03 11:10:18 +11:00
  • a4c6b81ce9 kdc: add audit plugin API to windc API Luke Howard 2022-01-02 21:19:43 +11:00
  • 98070b5eaa Revert "heimdal: handle referrals for 3 part DRSUAPI SPNs" Luke Howard 2022-01-02 22:22:15 +11:00
  • 3fa47f5a1a kdc: add referral_policy callback to windc plugin Luke Howard 2022-01-02 21:51:43 +11:00
  • 5cce73a6ef gss: expose canonical name from PAC if present Luke Howard 2022-01-02 18:57:36 +11:00
  • 2a826d769f gss: expose PAC info buffers under urn:mspac: Luke Howard 2022-01-02 18:47:54 +11:00
  • 66e256e672 krb5: Can't test KCM in test_cc Nicolas Williams 2022-01-02 22:16:06 -06:00
  • 73bb84c0f3 bx509d: Fix tests (log message diffs) Nicolas Williams 2022-01-02 21:37:43 -06:00
  • 7e311ea9bf gss: Fix test_names clang-13 build Nicolas Williams 2022-01-02 21:19:13 -06:00
  • 3f2b1007a3 base: Fix test_base clang-13 build Nicolas Williams 2022-01-02 21:16:36 -06:00
  • 8be05797cc httpkadmind: Use enum MHD_Result return type Nicolas Williams 2022-01-02 21:11:48 -06:00
  • e328c0e496 bx509d: Use enum MHD_Result return type Nicolas Williams 2022-01-02 21:11:40 -06:00
  • 53e63d9ec9 kdc: Fix bx509d/httpkadmind (b1dcc1a47) Nicolas Williams 2022-01-02 21:11:07 -06:00
  • bc7c73b5d7 hcrypto: Fix build with clang-13 Nicolas Williams 2022-01-02 20:58:39 -06:00
  • a849015350 roken: Fix mergesort_r() clang-13 build Nicolas Williams 2022-01-02 20:53:09 -06:00
  • 957633b793 kdc: remove unused rx.h header Luke Howard 2022-01-03 13:12:03 +11:00
  • 24c606719e kdc: fix _kdc_audit_addkv_bool wrapper copy paste Luke Howard 2022-01-03 09:36:50 +11:00
  • 52b9531cb5 kdc: note that GSS PA uses synthetic principals Luke Howard 2022-01-02 23:15:55 +11:00
  • 41ec5733ef kdc: document windc plugin entry points Luke Howard 2022-01-02 23:00:43 +11:00
  • d833ce4cbc hdb: Namespace referrals Nicolas Williams 2021-11-14 16:24:48 -06:00
  • be708ca3cf gsskrb5: Add simple name attributes support Nicolas Williams 2021-12-22 17:01:12 -06:00
  • 1cede09a0b krb5: Add support for AD-KDC-ISSUED Nicolas Williams 2021-12-29 11:59:59 -06:00
  • 87f8c0d2b5 krb5: Add name attributes to krb5_principal Nicolas Williams 2021-12-20 16:22:52 -06:00
  • f3484d5e2e gss: pass GSS_C_NO_OID name type through to mechanism Luke Howard 2022-01-02 10:44:45 +11:00
  • d683780b1d kdc: separate PKINIT/GSS authorization failure Luke Howard 2022-01-01 23:44:05 +11:00
  • a9c6bc2bf2 kdc: audit "yes" boolean values as booleans Luke Howard 2022-01-01 18:32:52 +11:00
  • e15e711b13 kdc: remove auth_event_details audit key Luke Howard 2022-01-01 18:05:51 +11:00
  • 93c8d57091 kdc: call HDB audit function in both AS and TGS Luke Howard 2022-01-01 17:15:37 +11:00
  • 1e1c5dbbfc kdc: make error code available to audit function Luke Howard 2022-01-01 17:11:18 +11:00
  • cc0874d410 kdc: preserve value types in auditing Luke Howard 2022-01-01 16:50:58 +11:00
  • b1dcc1a474 kdc: refactor Samba-specific auditing API in terms of existing API Luke Howard 2021-12-31 17:24:58 +11:00
  • 32032dec7e base: heimbase-svc.h needs to include heimbase.h Luke Howard 2022-01-01 17:19:32 +11:00
  • d165e73fff bx509d: don't audit NULL message string Luke Howard 2022-01-01 05:57:14 +00:00
  • 52b1dffa63 kdc: return KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN (PA) Luke Howard 2022-01-01 23:19:42 +11:00
  • 0492729ba7 kdc: remove unused v4 hprop code Luke Howard 2021-12-29 21:19:52 +11:00
  • 09f3f96467 gsskrb5: Use optimistic anon PKINIT armored FAST Nicolas Williams 2021-12-29 16:56:53 -06:00
  • 554f375626 kinit: Use optimistic anon PKINIT armored FAST Nicolas Williams 2021-12-15 16:17:52 -06:00
  • 944e12e103 krb5: Add GIC optimistic FAST w/ anon Nicolas Williams 2021-12-15 15:49:54 -06:00
  • ca71e365ec asn1: Move decoration to krb5.opt file Nicolas Williams 2021-12-20 18:35:27 -06:00
  • 486a1ea773 kdc: remove unnecessary cast in finalize() (windc.c) Luke Howard 2021-12-29 15:21:48 +11:00
  • fb3ea5b943 kdc: Add ret to common svc req elements Nicolas Williams 2021-12-23 23:06:59 -06:00
  • 5e3c0a7ce0 base: Add ret to common svc req elements Nicolas Williams 2021-12-23 23:04:54 -06:00
  • 81077eea7b tests: use cname/sname string name instead of unparsing Luke Howard 2021-12-24 13:26:55 +11:00
  • 833483137b kdc: Log more about KRB-ERROR failures Nicolas Williams 2021-12-23 21:06:31 -06:00
  • eeba89a1af kdc: Stop confusing the compiler Nicolas Williams 2021-12-23 21:05:54 -06:00
  • 6baac3126f asn1: Fix template decoration copy Nicolas Williams 2021-12-23 19:11:19 -06:00
  • f74e9223b6 tests: add some logging to windc test plugin Luke Howard 2021-12-24 10:41:43 +11:00
  • f49e99e15f kdc: remove e_text argument to _kdc_encode_reply() Luke Howard 2021-12-24 10:33:08 +11:00
  • b6be850e0d kdc: remove outpadata from astgs_request_t Luke Howard 2021-12-24 10:25:11 +11:00
  • 64dad876a4 kdc: simplify client_access windc plugin API Luke Howard 2021-12-23 20:51:37 +11:00
  • 36fe09f433 kdc: remove unused padata field from astgs_request_t Luke Howard 2021-12-23 20:22:41 +11:00
  • e81bcb71f3 kdc: add finalize_reply API to windc plugin Luke Howard 2021-12-23 15:31:12 +11:00
  • 6b312659cb kdc: use PAC from request in _kdc_gss_finalize_pac() Luke Howard 2021-12-23 19:51:35 +11:00
  • d3549c4ab7 kdc: remove superflous request arg to _kdc_check_access() Luke Howard 2021-12-23 19:49:38 +11:00
  • 805ea5e0a0 kdc: use rep/et/ek fields in astgs_request_t Luke Howard 2021-12-23 19:45:32 +11:00
  • e3a5169862 kdc: make common astgs_request_t elements public API Luke Howard 2021-12-23 19:31:15 +11:00
  • 2e8b172f38 kdc: move PAC into astgs_request_t structure Luke Howard 2021-12-23 19:23:22 +11:00
  • d95be72681 kdc: separate astgs_request_t common elements Luke Howard 2021-12-23 19:20:11 +11:00
  • 5b7cf5d56f kdc: centralize include PAC logic Luke Howard 2021-12-23 13:19:22 +11:00
  • 0165633964 hdb: add no-auth-data-reqd flag to HDB entry Luke Howard 2021-12-23 13:24:10 +11:00
  • 317df4dbd4 kdc: remove pac_attributes_present field Luke Howard 2021-12-23 13:23:17 +11:00
  • ebd7092dff kdc: distinguish long-term key from replacing reply key Luke Howard 2021-12-23 11:24:35 +11:00
  • bdb3e1020c Revert "kdc: distinguish long-term key from replacing reply key" Luke Howard 2021-12-23 11:24:00 +11:00
  • e89848719a kdc: distinguish long-term key from replacing reply key Luke Howard 2021-12-23 11:08:09 +11:00
  • 357c73e013 kdc: avoid linear search of PA types Luke Howard 2021-12-23 11:04:38 +11:00
  • f18c9e06a8 kdc: honor PAC_ATTRIBUTES in presented TGT Luke Howard 2021-12-22 17:13:13 +11:00
  • b4f3617964 kdc: don't add PAC_ATTRIBUTES PAC buffer for service tickets Luke Howard 2021-12-22 16:38:52 +11:00
  • b36ac3c15e kdc: don't add REQUESTOR_SID PAC buffer for service tickets Luke Howard 2021-12-22 16:37:32 +11:00
  • c974f8625c krb5: PAC_EXTRA_LOGON_INFO_FLAGS_UPN_DEFAULTED fix Luke Howard 2021-12-22 16:36:32 +11:00
  • 692ed5e841 krb5: fix build regression in report_canonical_client_name Luke Howard 2021-12-22 15:01:54 +11:00
  • 7990dc287d asn1: use " instead of ' when quoting on Windows Luke Howard 2021-12-22 14:52:04 +11:00
  • 7cd99b86d3 roken: include MIT license text Luke Howard 2021-12-22 14:45:35 +11:00
  • 5ba4607277 krb5: report_canonical_client_name implies check_pac Luke Howard 2021-12-22 14:33:01 +11:00
  • 9aa67e58ba roken: don't call assert() before variable decl Luke Howard 2021-12-22 13:43:17 +11:00
  • 8590499b53 kdc: include SID in PAC with GSS authorizer Luke Howard 2021-12-20 17:09:50 +11:00
  • a2c225fe0a kdc: add PA PAC finalize callback Luke Howard 2021-12-20 16:40:35 +11:00
  • f7964251ff kdc: support for PAC_ATTRIBUTES_INFO Luke Howard 2021-12-20 15:31:33 +11:00
  • e50033aec2 kdc: add canonical principal name to authz data Luke Howard 2021-12-19 16:02:58 +11:00
  • 0ab3b7b2dd krb5: support for canonical name in PAC Luke Howard 2021-09-23 13:39:36 +10:00
  • b3bb3ac49d roken: add rk_clzll() helper function Luke Howard 2021-12-20 20:50:27 +11:00
  • 29cd8a46d8 krb5: zero memory in krb5_storage_emem() Luke Howard 2021-12-20 19:28:06 +11:00
  • 5528039a07 bx509d: Fix tests/kdc/check-bx509 Nicolas Williams 2021-12-20 16:34:13 -06:00
  • 2bb85f61e9 roken: unbreak Windows build Luke Howard 2021-12-21 08:15:17 +11:00
  • fe095aa1c0 krb5: Decorate Principal type with name attributes Nicolas Williams 2021-12-19 23:18:27 -06:00
  • 8962abdfbc asn1: Fix build (revert bits of 823fb8247) Nicolas Williams 2021-12-20 11:50:55 -06:00
  • 823fb82477 asn1: Add --decorate=... for internal bookkeeping Nicolas Williams 2021-12-19 22:51:10 -06:00
  • 309d1192df asn1: Add module->JSON dump Nicolas Williams 2021-12-08 16:23:11 -06:00
  • f5823216d0 kdc: Return error code from _kdc_check_pac() with an armor ticket Joseph Sutton 2021-12-20 15:14:23 +13:00
  • b16f93240e kdc: Fix NULL pointer dereference on failure to verify armor ticket PAC Joseph Sutton 2021-12-20 15:10:46 +13:00
  • 2670599efa krb5: fix allocation error in krb5_mk_ncred() Luke Howard 2021-12-20 12:41:59 +11:00
  • f555fdda7e hdb: fix allocation error in derive_keyset() Luke Howard 2021-12-20 12:40:28 +11:00
  • 45ea54a44a kdc: audit armor client principal name Luke Howard 2021-12-19 18:24:38 +11:00
  • 2730e12b6a hdb: SQLite HDB can handle enterprise principals Luke Howard 2021-12-19 21:01:14 +11:00
  • 7717cb71c3 tests: check TGS with GSS pre-authentication Luke Howard 2021-12-18 15:07:32 +11:00
  • a3392b099e kdc: allow cross-realm FAST armor TGT Luke Howard 2021-12-17 14:12:35 +11:00
  • e7588952ce kdc: add auth data type for synthetic principals Luke Howard 2021-12-18 14:54:13 +11:00
  • 23d96d822f klist: Check unparse_flags() result differently Nicolas Williams 2021-12-17 14:40:55 -06:00