24cf0fdeae
Also update krb5_context view of what the time is.
Love Hörnquist Åstrand
2007-06-07 06:54:55 +00:00
0c4f093b59
Disable, needs more fixing.
Love Hörnquist Åstrand
2007-06-07 06:50:18 +00:00
d60c3a63ca
x
Love Hörnquist Åstrand
2007-06-07 06:05:35 +00:00
db9f9dcead
add tests/can/Makefile
Love Hörnquist Åstrand
2007-06-07 06:04:56 +00:00
e561d49edc
SUBDIRS += can
Love Hörnquist Åstrand
2007-06-07 06:04:14 +00:00
5375fb3085
pre-canned requests from older versions and other implementations
Love Hörnquist Åstrand
2007-06-07 06:03:29 +00:00
0c60a66fa8
x
Love Hörnquist Åstrand
2007-06-07 05:13:14 +00:00
ea26dbde83
Add --[version|help].
Love Hörnquist Åstrand
2007-06-07 05:12:59 +00:00
9ea34e5fa3
Add check for key lengths for known enctypes for all principals.
Love Hörnquist Åstrand
2007-06-07 05:09:24 +00:00
6df13ddebf
x
Love Hörnquist Åstrand
2007-06-07 04:48:37 +00:00
a3f341f304
Push down the kdc time into the x509 library.
Love Hörnquist Åstrand
2007-06-07 04:48:11 +00:00
8b91b80a1e
Remove out2, no longer used.
Love Hörnquist Åstrand
2007-06-07 04:46:06 +00:00
23ed41b109
Move up krb5_kdc_save_request so we can catch the reply data too.
Love Hörnquist Åstrand
2007-06-07 04:35:05 +00:00
4fe154b2f9
verify reply by checking asn1 class, type and tag of the reply if there is one.
Love Hörnquist Åstrand
2007-06-07 04:34:14 +00:00
43a028c82a
Save asn1 class, type and tag of the reply if there is one. Used to verify the reply in kdc-replay.
Love Hörnquist Åstrand
2007-06-07 04:32:53 +00:00
55df27f234
x
Love Hörnquist Åstrand
2007-06-07 03:30:32 +00:00
1902040622
extern for request_log.
Love Hörnquist Åstrand
2007-06-07 03:30:15 +00:00
7d1da27427
Add kdc-replay.
Love Hörnquist Åstrand
2007-06-07 03:20:22 +00:00
162660bade
Replay kdc messages to the KDC library.
Love Hörnquist Åstrand
2007-06-07 03:19:07 +00:00
35a6f8ed22
Pick up request_log from [kdc]kdc-request-log.
Love Hörnquist Åstrand
2007-06-07 03:08:39 +00:00
44e3c4e620
Option to save the request to disk.
Love Hörnquist Åstrand
2007-06-07 03:07:42 +00:00
7e2f36b1d6
(krb5_kdc_save_request): save request to file.
Love Hörnquist Åstrand
2007-06-07 03:07:04 +00:00
01d0aa7e38
Update kdc time.
Love Hörnquist Åstrand
2007-06-07 02:20:45 +00:00
c42a34c36d
(krb5_kdc_process*): dont update _kdc_time automagicly. (krb5_kdc_update_time): set or get current kdc-time.
Love Hörnquist Åstrand
2007-06-07 02:20:10 +00:00
32ba8c49ad
x
Love Hörnquist Åstrand
2007-06-06 22:17:27 +00:00
8456183c48
rename functions, leaks less memory and more paranoia.
Love Hörnquist Åstrand
2007-06-06 22:17:17 +00:00
d3f35f642c
x
Love Hörnquist Åstrand
2007-06-06 22:15:34 +00:00
6f787893cd
(_kdc_pk_rd_padata): accept both pkcs-7 and pkauthdata as the signeddata oid
Love Hörnquist Åstrand
2007-06-06 22:14:36 +00:00
3d7fc2b1e7
(_kdc_pk_rd_padata): Try to log what went wrong.
Love Hörnquist Åstrand
2007-06-06 22:03:20 +00:00
e133dc6209
x
Love Hörnquist Åstrand
2007-06-06 20:57:18 +00:00
9e01858ba1
Test cms peer-alg.
Love Hörnquist Åstrand
2007-06-06 20:56:54 +00:00
8d185f280c
(rsa_create_signature): make oid_id_pkcs1_rsaEncryption mean rsa-with-sha1 but oid oid_id_pkcs1_rsaEncryption in algorithm field. XXX should probably use another algorithmIdentifier for this.
Love Hörnquist Åstrand
2007-06-06 20:53:02 +00:00
c8cb0753ee
Make free function return void.
Love Hörnquist Åstrand
2007-06-06 20:51:34 +00:00
a93b07021f
(hx509_cms_create_signed_1): Use hx509_peer_info to select the signature algorithm too.
Love Hörnquist Åstrand
2007-06-06 20:50:55 +00:00
5c70b04159
Merge init of hx509_peer_info structure and allow it for cms-create-sd.
Love Hörnquist Åstrand
2007-06-06 20:49:14 +00:00
9d1bb9e015
Add cms-create-sd --peer-alg.
Love Hörnquist Åstrand
2007-06-06 20:21:54 +00:00
af12b5af0e
Use _hx509_crypto_default_sig_alg.
Love Hörnquist Åstrand
2007-06-06 15:30:02 +00:00
887517a8aa
Create crl, because everyone needs one.
Love Hörnquist Åstrand
2007-06-06 05:00:32 +00:00
70722e64f8
add wcrl.crl
Love Hörnquist Åstrand
2007-06-06 04:47:02 +00:00
689c6d559a
x
Love Hörnquist Åstrand
2007-06-06 00:24:35 +00:00
5652b93c15
Disable KEYCHAIN for now, its slow.
Love Hörnquist Åstrand
2007-06-06 00:23:42 +00:00
f3b2b8b19c
Make sure the gethostname() returned string is NUL terminated.
Love Hörnquist Åstrand
2007-06-05 21:19:22 +00:00
3fdc9f718e
x
Love Hörnquist Åstrand
2007-06-05 17:27:59 +00:00
a7169a17a6
Use oid_id_pkcs7_data for pkinit-9 encKey reply to match windows DC behavior better.
Love Hörnquist Åstrand
2007-06-05 17:23:44 +00:00
dbb87065cd
When we are not using pkcs7-data, avoid seing signedAttributes since some clients get upset by that (pkcs7 based or just plain broken).
Love Hörnquist Åstrand
2007-06-05 17:21:58 +00:00
7e3fbc9232
Provide rsa signatures.
Love Hörnquist Åstrand
2007-06-05 15:48:07 +00:00
349077b505
x
Love Hörnquist Åstrand
2007-06-05 06:17:59 +00:00
624dc60c1b
Limit the searches to the selected keychain.
Love Hörnquist Åstrand
2007-06-05 06:17:44 +00:00
7ba3c7c11e
include -framework Security specific header files after #ifdef
Love Hörnquist Åstrand
2007-06-05 06:05:24 +00:00
b14a49e02e
Find and attach private key (does not provide operations yet though).
Love Hörnquist Åstrand
2007-06-05 05:54:19 +00:00
0800216d7b
Prefix rsa method with p11_
Love Hörnquist Åstrand
2007-06-05 05:47:06 +00:00
902605872f
x
Love Hörnquist Åstrand
2007-06-05 04:20:55 +00:00
96d0020bca
x
Love Hörnquist Åstrand
2007-06-05 04:17:08 +00:00
a9130ec025
Allow opening a specific chain, making "system" special and be the system X509Anchors file. By not specifing any keychain ("KEYCHAIN:"), all keychains are probed.
Love Hörnquist Åstrand
2007-06-05 04:16:46 +00:00
8a865fee2e
Read in and use default trust anchors if they exists.
Love Hörnquist Åstrand
2007-06-05 03:58:56 +00:00
31ac88517f
Add concept of default_trust_anchors.
Love Hörnquist Åstrand
2007-06-05 03:58:24 +00:00
90318d31b3
Remove err(), remove extra empty comment, fix _iter function.
Love Hörnquist Åstrand
2007-06-05 03:57:52 +00:00
7761ecce3f
(hx509_get_error_string): if the error code is not the one we expect, punt and use the default com_err/strerror string instead.
Love Hörnquist Åstrand
2007-06-05 03:53:52 +00:00
43ba803237
(hx509_certs_merge): its ok to merge in the NULL set of certs.
Love Hörnquist Åstrand
2007-06-05 03:41:17 +00:00
4b729dfdd7
Fix status string.
Love Hörnquist Åstrand
2007-06-05 03:27:41 +00:00
340dff70cb
(store_func): free whole CertBag, not just the data part.
Love Hörnquist Åstrand
2007-06-05 03:09:13 +00:00
9e262359f2
Check that the self-signed cert is really self-signed.
Love Hörnquist Åstrand
2007-06-05 02:59:33 +00:00
6623ac6441
Use selfsigned for CRL DP whine, tell if its a self-signed.
Love Hörnquist Åstrand
2007-06-05 02:28:18 +00:00
887bb5f354
Whine if its a non CA/proxy and doesn't have CRL DP.
Love Hörnquist Åstrand
2007-06-05 02:23:45 +00:00
baee263bda
Default path-length to -1.
Love Hörnquist Åstrand
2007-06-05 01:59:19 +00:00
6ab9862950
Add cRLSign to CA certs.
Love Hörnquist Åstrand
2007-06-05 01:58:45 +00:00
337ff1cf7f
Set subject DN to Windows-CA for the ca cert.
Love Hörnquist Åstrand
2007-06-05 01:23:57 +00:00
b3c3aabd9f
Register NULL and KEYCHAIN.
Love Hörnquist Åstrand
2007-06-04 23:14:53 +00:00
934a23b023
register the NULL keystore.
Love Hörnquist Åstrand
2007-06-04 23:14:08 +00:00
b13087f976
Add ks_keychain.c and related libs.
Love Hörnquist Åstrand
2007-06-04 23:13:32 +00:00
32ef7d06b5
x
Love Hörnquist Åstrand
2007-06-04 23:08:33 +00:00
98a0fa6017
Print certificate with utf8.
Love Hörnquist Åstrand
2007-06-04 23:07:46 +00:00
ab50fce383
x
Love Hörnquist Åstrand
2007-06-04 23:06:06 +00:00
852d5a2392
Leak less memory.
Love Hörnquist Åstrand
2007-06-04 23:05:31 +00:00
789e4f5ac7
Leak less memory.
Love Hörnquist Åstrand
2007-06-04 23:04:48 +00:00
f4600fe0a5
Leak less memory, use functions that does same but more.
Love Hörnquist Åstrand
2007-06-04 23:03:10 +00:00
91a69074fd
x
Love Hörnquist Åstrand
2007-06-04 22:53:18 +00:00
75acfd5e12
x
Love Hörnquist Åstrand
2007-06-04 22:51:54 +00:00
0f76edd889
(quote_string): don't sign extend the (signed) char to avoid printing too much, add an assert to check that we didn't overrun the buffer.
Love Hörnquist Åstrand
2007-06-04 22:51:41 +00:00
fcc3edd1aa
Use right element out of the CHOICE for printableString and utf8String
Love Hörnquist Åstrand
2007-06-04 22:39:51 +00:00
701cb835e8
Certificate only KeyChain backend.
Love Hörnquist Åstrand
2007-06-04 21:58:24 +00:00
0f7c0d6a71
use test for -framework Security
Love Hörnquist Åstrand
2007-06-04 21:47:40 +00:00
a7965c2210
x
Love Hörnquist Åstrand
2007-06-04 21:47:12 +00:00
492b12e998
test for -framework Security
Love Hörnquist Åstrand
2007-06-04 21:46:55 +00:00
9c322b0357
Reset name before parsing it.
Love Hörnquist Åstrand
2007-06-04 21:13:14 +00:00
b96343ee7b
Reset name before parsing it.
Love Hörnquist Åstrand
2007-06-04 21:12:38 +00:00
4204cbd8b1
Reset name before parsing it.
Love Hörnquist Åstrand
2007-06-04 21:11:53 +00:00
19f39c8621
Free memory when done.
Love Hörnquist Åstrand
2007-06-04 17:42:50 +00:00
0b5b8b46d7
x
Love Hörnquist Åstrand
2007-06-04 16:55:25 +00:00
1b98e1e231
Print status to stdout.
Love Hörnquist Åstrand
2007-06-04 16:55:00 +00:00
915a0d9074
Use stdout from uu_server.
Love Hörnquist Åstrand
2007-06-04 16:54:24 +00:00
80857df32a
x
Love Hörnquist Åstrand
2007-06-04 04:07:45 +00:00
f48ceb510e
(digest ntlm): provide log entires by setting ret to an error.
Love Hörnquist Åstrand
2007-06-04 04:07:26 +00:00
a7b1c0a273
x
Love Hörnquist Åstrand
2007-06-04 04:06:33 +00:00
e5b2960fd6
x
Love Hörnquist Åstrand
2007-06-03 21:57:11 +00:00
7510b36c3b
Indent crl-sign.
Love Hörnquist Åstrand
2007-06-03 21:55:02 +00:00
94affdf316
One more crl-sign example.
Love Hörnquist Åstrand
2007-06-03 21:54:06 +00:00
03161c046c
x
Love Hörnquist Åstrand
2007-06-03 21:40:19 +00:00
72e100cd08
(hx509_crl_*): fix sizeof() mistakes to fix memory corruption.
Love Hörnquist Åstrand
2007-06-03 21:22:51 +00:00
Love Hörnquist Åstrand