bea7ea3c62
Provide some prototypes for the rk_vis functions.
Love Hörnquist Åstrand
2006-12-13 20:26:23 +00:00
ba29865749
inital version of a NTLM library, only handles ntml version 1 and ascii strings for now
Love Hörnquist Åstrand
2006-12-13 20:12:58 +00:00
3e591d8e66
x
Love Hörnquist Åstrand
2006-12-13 10:34:28 +00:00
fa438f7ca1
(init_auth): only turn on GSS_C_CONF_FLAG and GSS_C_INT_FLAG if the caller requseted it.
Love Hörnquist Åstrand
2006-12-13 10:33:20 +00:00
d31c63863f
Read the appdefault configration before we try to use the flags. Bug reported by Ingemar Nilsson.
Love Hörnquist Åstrand
2006-12-12 16:35:41 +00:00
f594e615ea
prefix digest commands with digest-
Love Hörnquist Åstrand
2006-12-12 12:48:09 +00:00
3fea7004b2
x
Love Hörnquist Åstrand
2006-12-12 12:24:06 +00:00
d7f223ff70
prefix digest commands with digest_
Love Hörnquist Åstrand
2006-12-12 12:23:54 +00:00
5cb68077c7
prefix digest commands with digest-
Love Hörnquist Åstrand
2006-12-12 12:23:00 +00:00
f91432b111
remove stuff that should have be commited yet
Love Hörnquist Åstrand
2006-12-11 21:27:52 +00:00
4a37d22a51
drop include
Love Hörnquist Åstrand
2006-12-11 19:40:19 +00:00
d70dc49b06
x
Love Hörnquist Åstrand
2006-12-11 19:39:54 +00:00
1872e0488a
(libgssapi_la_OBJECTS): depends on gssapi_asn1.h spnego_asn1.h.
Love Hörnquist Åstrand
2006-12-11 19:38:25 +00:00
b25a73eff1
x
Love Hörnquist Åstrand
2006-12-11 19:13:26 +00:00
ebcbf5f119
(print_certificate): print serial number.
Love Hörnquist Åstrand
2006-12-11 19:13:10 +00:00
b15afd6054
x
Love Hörnquist Åstrand
2006-12-11 19:08:07 +00:00
05a31a062b
(no): add S=stateOrProvinceName
Love Hörnquist Åstrand
2006-12-11 19:03:44 +00:00
a6f5b0d0ac
Prefix getifaddrs functions with rk_
Love Hörnquist Åstrand
2006-12-11 18:59:31 +00:00
3fa3fa004c
Prefix strvis functions with rk_ and do symbol renaming.
Love Hörnquist Åstrand
2006-12-11 18:58:15 +00:00
a548a4cd91
prefix strvis functions with rk_
Love Hörnquist Åstrand
2006-12-11 18:54:03 +00:00
7d15657340
x
Love Hörnquist Åstrand
2006-12-11 18:50:08 +00:00
db6202c4f0
Install extra posix headers in <roken/...> to avoid dup headers.
Love Hörnquist Åstrand
2006-12-11 18:49:51 +00:00
59238c7f99
Remember to p11_put_session in the failure cases too.
Love Hörnquist Åstrand
2006-12-11 18:42:42 +00:00
c7d5dd6b32
Less verbose error message.
Love Hörnquist Åstrand
2006-12-10 01:12:00 +00:00
8a32874a95
x
Love Hörnquist Åstrand
2006-12-10 01:09:48 +00:00
ed5e62f11c
Return error codes on failure, improve error reporting.
Love Hörnquist Åstrand
2006-12-10 01:03:46 +00:00
7a0fadc477
(_hx509_private_key_assign_rsa): set a default sig alg
Love Hörnquist Åstrand
2006-12-09 12:56:34 +00:00
fa270376d8
Pass in hx509_signature_rsa to key collector
Love Hörnquist Åstrand
2006-12-09 12:18:09 +00:00
1f4452b34e
(try_decrypt): pass down AlgorithmIdentifier that key uses to do sigatures so there is no need to hardcode RSA into this function.
Love Hörnquist Åstrand
2006-12-09 12:13:21 +00:00
6f0d8af9a6
x
Love Hörnquist Åstrand
2006-12-08 02:48:33 +00:00
90832c9d52
sprinkle more _krb5_pk_copy_error
Love Hörnquist Åstrand
2006-12-08 02:48:09 +00:00
c2633ac58b
Pass filename to the parse functions and use it in the error messages
Love Hörnquist Åstrand
2006-12-08 02:35:19 +00:00
76a79be26e
Copy more hx509 error strings to krb5 error strings
Love Hörnquist Åstrand
2006-12-08 02:30:20 +00:00
64e2e55060
regen, this time with openssl 0.9.8x
Love Hörnquist Åstrand
2006-12-08 02:22:06 +00:00
e3d4ff2f14
x
Love Hörnquist Åstrand
2006-12-08 00:48:28 +00:00
5999737afa
add pkix proxy cert policy lang oids
Love Hörnquist Åstrand
2006-12-08 00:08:26 +00:00
53256a007f
make a note that we MUST check info.proxyPolicy
Love Hörnquist Åstrand
2006-12-08 00:02:10 +00:00
188770ff73
x
Love Hörnquist Åstrand
2006-12-07 23:48:54 +00:00
184d8c9f29
fix errorstring for PROXY_CERT_NAME_WRONG
Love Hörnquist Åstrand
2006-12-07 23:46:58 +00:00
2728037bfe
regen
Love Hörnquist Åstrand
2006-12-07 23:46:06 +00:00
e825c5107c
test proxy cert (third level)
Love Hörnquist Åstrand
2006-12-07 23:43:21 +00:00
9d3e385800
EXTRA_DIST: add data/proxy10-child-child-test.{key,crt}
Love Hörnquist Åstrand
2006-12-07 23:42:16 +00:00
13438750b1
x
Love Hörnquist Åstrand
2006-12-07 23:41:53 +00:00
72a670336e
Fix names and restrictions on the proxy certificates
Love Hörnquist Åstrand
2006-12-07 23:41:06 +00:00
71e4dc1497
Clairfy and make proxy cert handling work for multiple levels, before it was too restrictive. More helpful error message.
Love Hörnquist Åstrand
2006-12-07 23:39:26 +00:00
a55d8abf5c
x
Love Hörnquist Åstrand
2006-12-07 22:54:04 +00:00
01fde0e9c5
unbreak id-pe-proxyCertInfo
Love Hörnquist Åstrand
2006-12-07 22:53:10 +00:00
7ea26d8dc4
(check_key_usage): print subject, not issuer
Love Hörnquist Åstrand
2006-12-07 22:41:26 +00:00
eecdea2e20
(check_key_usage): tell what keyusages are missing
Love Hörnquist Åstrand
2006-12-07 22:35:27 +00:00
d987d9258d
Split OtherName printing code to a oid lookup and print function.
Love Hörnquist Åstrand
2006-12-07 20:37:57 +00:00
812f7102a1
ops, remove extra stuff copied from the draft
Love Hörnquist Åstrand
2006-12-07 20:24:06 +00:00
b8fc9ba909
Add id-pkix-on-dnsSRV and related oids
Love Hörnquist Åstrand
2006-12-07 20:24:05 +00:00
c693f4cd8e
AltNames: Print all diffrent names of a GeneralName
Love Hörnquist Åstrand
2006-12-07 17:20:09 +00:00
800d5b5cc8
x
Love Hörnquist Åstrand
2006-12-07 16:37:53 +00:00
6621f45c1f
(Time2string): print hour as hour not min
Love Hörnquist Åstrand
2006-12-07 16:34:53 +00:00
801dd6cd8a
x
Love Hörnquist Åstrand
2006-12-07 16:30:46 +00:00
4e70f181f9
CLEANFILES += test
Love Hörnquist Åstrand
2006-12-07 16:30:09 +00:00
758f8afd95
CLEANFILES += test_crypto
Love Hörnquist Åstrand
2006-12-07 16:28:14 +00:00
2dc81f5710
CLEANFILES += vis.h
Love Hörnquist Åstrand
2006-12-07 16:26:50 +00:00
5e5521c9e1
Include <pkinit_asn1.h>.
Love Hörnquist Åstrand
2006-12-07 16:16:46 +00:00
8bf7f3a2dd
Prettyprint SAN/IAN
Love Hörnquist Åstrand
2006-12-07 16:14:52 +00:00
01dad85177
Print more of the SAN's, esp id-pkinit-san.
Love Hörnquist Åstrand
2006-12-07 16:11:57 +00:00
4c9ebfbbfb
x
Love Hörnquist Åstrand
2006-12-06 22:09:00 +00:00
08789bb39c
x
Love Hörnquist Åstrand
2006-12-06 21:24:24 +00:00
e1bac0567e
(_kdc_as_rep): add AD-INITAL-VERIFIED-CAS to the encrypted ticket
Love Hörnquist Åstrand
2006-12-06 21:24:10 +00:00
8300ee6ee2
(_kdc_add_inital_verified_cas): new function, adds an empty (for now) AD_INITIAL_VERIFIED_CAS to tell the clients that we vouches for the CA.
Love Hörnquist Åstrand
2006-12-06 21:21:11 +00:00
9fed7e931e
(_kdc_tkt_add_if_relevant_ad): use _kdc_tkt_add_if_relevant_ad to add the SignedPath.
Love Hörnquist Åstrand
2006-12-06 21:16:03 +00:00
eb2670591c
(_kdc_tkt_add_if_relevant_ad): new function.
Love Hörnquist Åstrand
2006-12-06 21:15:20 +00:00
5eb5bcc668
x
Love Hörnquist Åstrand
2006-12-06 20:20:41 +00:00
b30dd88ab0
x
Love Hörnquist Åstrand
2006-12-06 14:54:59 +00:00
0923df342a
fix test for COM_ERR
Love Hörnquist Åstrand
2006-12-06 13:47:57 +00:00
8872637199
x
Love Hörnquist Åstrand
2006-12-06 13:36:46 +00:00
a2bf2a8e79
Make the directories test automake conditional so automake can include directories in make dist step.
Love Hörnquist Åstrand
2006-12-06 13:36:36 +00:00
0dff0819ef
set automake symbol COM_ERR when we build local com_err
Love Hörnquist Åstrand
2006-12-06 13:32:55 +00:00
bd5258540f
x
Love Hörnquist Åstrand
2006-12-06 13:10:32 +00:00
85bcc19262
(_kdc_pk_rd_padata): leak less memory for ExternalPrincipalIdentifiers
Love Hörnquist Åstrand
2006-12-06 13:10:21 +00:00
b6b9423a2b
(hx509_query_match_issuer_serial): make a copy of the data
Love Hörnquist Åstrand
2006-12-06 13:08:31 +00:00
24ce3844d0
update (c)
Love Hörnquist Åstrand
2006-12-06 12:31:09 +00:00
a36abf458c
Remove unused function.
Love Hörnquist Åstrand
2006-12-06 12:25:47 +00:00
eadd6575cf
x
Love Hörnquist Åstrand
2006-12-06 12:21:46 +00:00
dcf2f6807a
(hx509_query_match_issuer_serial): allow matching on issuer and serial num
Love Hörnquist Åstrand
2006-12-06 12:21:35 +00:00
528e4e53e7
Parse and use PA-PK-AS-REQ.trustedCertifiers
Love Hörnquist Åstrand
2006-12-06 12:21:02 +00:00
ef6bf7a0fe
(find_CMSIdentifier): require the certificate we are looking for to be valid.
Love Hörnquist Åstrand
2006-12-06 11:30:44 +00:00
12008ec7fc
x
Love Hörnquist Åstrand
2006-12-06 10:43:29 +00:00
65d743807c
Add comment that the anchors in the signed data really should be the trust anchors of the client.
Love Hörnquist Åstrand
2006-12-06 10:42:41 +00:00
6dbdfd41fc
x
Love Hörnquist Åstrand
2006-12-06 10:36:15 +00:00
8bc1396160
(_hx509_calculate_path): add flag to allow leaving out trust anchor
Love Hörnquist Åstrand
2006-12-06 10:35:16 +00:00
d58d796709
(hx509_cms_create_signed_1): when building the path, omit the trust anchors.
Love Hörnquist Åstrand
2006-12-06 10:34:39 +00:00
7a308c3ab3
add HX509_CALCULATE_PATH_NO_ANCHOR
Love Hörnquist Åstrand
2006-12-06 10:32:42 +00:00
dddb1000d7
x
Love Hörnquist Åstrand
2006-12-06 10:25:12 +00:00
e99ef09706
(rsa_create_signature): Abort when signature is longer, not shorter.
Love Hörnquist Åstrand
2006-12-06 10:23:14 +00:00
2243d26b39
x
Love Hörnquist Åstrand
2006-12-06 08:05:36 +00:00
3154e1056e
Use strcspn to remove \n from string returned by fgets. From Björn Sandell
Love Hörnquist Åstrand
2006-12-06 08:04:05 +00:00
9de2bce244
x
Love Hörnquist Åstrand
2006-12-06 07:48:46 +00:00
e7a2d233f5
Add rsakey.der to EXTRA_DIST.
Love Hörnquist Åstrand
2006-12-06 07:48:27 +00:00
6134eea21c
x
Love Hörnquist Åstrand
2006-12-05 23:47:28 +00:00
a3ece41637
Provide time to _hx509_calculate_path so we don't send no longer valid certs to our peer.
Love Hörnquist Åstrand
2006-12-05 23:47:11 +00:00
0528938895
(find_parent): when checking for certs and its not a trust anchor, require time be in range. (_hx509_query_match_cert): Add time validity-testing to query mask
Love Hörnquist Åstrand
2006-12-05 23:46:19 +00:00
Love Hörnquist Åstrand