oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • 26df35d5f0 hdb: Fix test_namespace crash Nicolas Williams 2021-11-14 16:08:27 -06:00
  • 52e5cba08b Fix tests/check-kdc.in (fix 6d1e3c3d5) Nicolas Williams 2021-11-14 17:50:15 -06:00
  • 526317e80e Initialize local variable in kimpersonate to avoid crash in krb5_free_principal() Eric Hawicz 2021-11-12 16:38:22 -05:00
  • 2f31063e97 spnego: Minor style cleanup Nicolas Williams 2021-11-11 22:41:05 -06:00
  • 7a19658c1f spnego: Fix NULL deref Nicolas Williams 2021-11-11 22:38:46 -06:00
  • 6cbe35ad5d kadm5: Fix crash in principal creation Nicolas Williams 2021-10-30 00:42:02 -05:00
  • 66dabe7d39 hdb: Fix bug in hdb_clear_extension() Nicolas Williams 2021-10-30 00:41:15 -05:00
  • 831a5f9db3 hdb: Fix crash when expected KR is missing Nicolas Williams 2021-10-30 00:40:32 -05:00
  • 2a9b57cdad kadmin: Add command aliases to man page Nicolas Williams 2021-10-30 15:21:34 -05:00
  • 5d462795ce Add stub for gss_acquire_cred_impersonate_name(). Robert Crowston 2021-10-14 22:49:14 +01:00
  • 6d1e3c3d5b Fix spelling/grammar in various PKINIT messages Robert Crowston 2021-10-15 00:01:16 +01:00
  • a7f0b14f59 kdc: Fix check-pkinit UPN test misquoting Nicolas Williams 2021-10-15 13:59:07 -05:00
  • a8bd9b8c72 hdb: update HDB_F_SYNTHETIC_OK description Luke Howard 2021-10-15 11:12:06 +11:00
  • 341848a27b base: Fix leak on ENOMEM Nicolas Williams 2021-10-10 21:35:48 -05:00
  • 7672ad31db kdc: Fix leak and loss of kdc_check_flags() reason Nicolas Williams 2021-10-10 21:36:28 -05:00
  • 7e17db9f04 kdc: Fix leak on TGS referral Nicolas Williams 2021-10-10 21:18:51 -05:00
  • 54581d2d52 krb5: Fix PAC signature leak affecting KDC Nicolas Williams 2021-10-10 21:55:59 -05:00
  • 403a445f5b krb5: Document TGS HDB entry alias referral feature Nicolas Williams 2021-10-08 02:23:44 -05:00
  • 4e7c0fd129 kdc: Test referrals via HDB entry aliases Nicolas Williams 2021-10-08 02:02:17 -05:00
  • ba98690a0a kadmin: Add add_alias, del_alias Nicolas Williams 2021-10-06 21:59:43 -05:00
  • decd8f4102 hdb: Support referrals via aliases Nicolas Williams 2021-10-06 22:06:46 -05:00
  • a703bd1212 hdb: Deleting aliases corrupts iprop log Nicolas Williams 2021-10-08 18:09:24 -05:00
  • 8671858178 kadm5: Fix KRB5_TL_LAST_PWD_CHANGE handling Nicolas Williams 2021-10-08 02:01:29 -05:00
  • fb298a023b kadm5: Teach perform_tl_data() about aliases Nicolas Williams 2021-10-08 02:00:53 -05:00
  • 838431d95e krb5: Fix krb5.conf.5 man page bug Nicolas Williams 2021-10-08 02:23:26 -05:00
  • 06e6113960 gss: _gss_spnego_set_sec_context_option return Luke Howard 2021-10-11 14:57:09 +11:00
  • 7f8bb85cf5 tests: fix recent test from using system klist Isaac Boukris 2021-10-07 15:36:14 +03:00
  • 3e466caf10 krb5: skip cache check in S4U2Proxy requests Isaac Boukris 2021-09-28 02:55:00 +03:00
  • 85a5e5fb30 gss_preauth: remove protocol changes section from README Luke Howard 2021-09-24 07:38:10 +10:00
  • e21e2b8d14 tests: ticket acquired by AS cannot be used as evidence Isaac Boukris 2021-09-23 15:07:03 +03:00
  • d0e6ab43bc tests: check PAC client name in the non-canon case Isaac Boukris 2021-09-23 14:51:19 +03:00
  • fe71574be3 doc: add draft-perez-krb-wg-gss-preauth-03.txt Luke Howard 2021-09-23 19:16:22 +10:00
  • e7863e2af9 kdc: correctly generate PAC TGS signature Luke Howard 2021-09-23 17:51:51 +10:00
  • fab07c4274 kdc: move _kdc_verify_checksum() to misc.c Luke Howard 2021-09-23 17:41:43 +10:00
  • 3b0856cab2 kdc: use ticket client name when signing PAC Luke Howard 2021-09-23 14:39:35 +10:00
  • 071b95e683 roken: fix theoretical leak introduced in 7fbe7be6 Luke Howard 2021-09-23 10:32:45 +10:00
  • 8fc67658a6 various: squash MSVC uninitialized variable warnings (C4701) Luke Howard 2021-09-13 23:32:09 +10:00
  • 18a7562fa4 asn1: initialize L in ASN1_MALLOC_ENCODE Luke Howard 2021-09-14 00:25:10 +10:00
  • cba3f9a563 krb5: return KRB5KRB_AP_ERR_INAPP_CKSUM if PAC checksum fails Luke Howard 2021-09-17 13:57:57 +10:00
  • fd3f463152 kdc: map KRB5_PROG_SUMTYPE_NOSUPP to KRB5KDC_ERR_SUMTYPE_NOSUPP Luke Howard 2021-09-21 18:09:25 +10:00
  • 85756bd228 krb5: make keyed checksums mandatory where possible Luke Howard 2021-09-17 11:03:35 +10:00
  • 7fbe7be675 roken: check strdup succeeds in roken_gethostby_setup() Luke Howard 2021-09-20 17:58:19 +10:00
  • 6df8be5091 krb5: rework PAC validation loop Isaac Boukris 2021-09-19 15:16:58 +03:00
  • b295167208 krb5: allow NULL parameter to krb5_pac_free() Isaac Boukris 2021-09-19 15:04:14 +03:00
  • 2acc4508d9 krb5: fix test_pac format string Luke Howard 2021-09-19 14:01:04 +10:00
  • 6c339fd5a5 krb5: add pac ticket-signature unit tests Isaac Boukris 2021-08-24 02:28:22 +03:00
  • 2ffaba9401 kdc: sign ticket using Windows PAC Isaac Boukris 2021-08-13 12:44:37 +03:00
  • bb1d8f2a8c kdc: remove KRB5SignedPath, to be replaced with PAC Isaac Boukris 2020-12-28 22:07:10 +02:00
  • 544515931b tests: default verify_pac to true in test_ap-req Isaac Boukris 2021-07-14 17:09:06 +03:00
  • f4fcf8767c tests: fix a typo in test_ap_req Isaac Boukris 2021-07-14 15:23:11 +03:00
  • 152e28fc40 tests: add PAC test for CVE-2020-17049 (bronze bit) Isaac Boukris 2021-07-13 14:03:30 +03:00
  • 1ae7c61ef7 tests: add S4U2Proxy test with foreign client Isaac Boukris 2021-08-13 14:22:43 +03:00
  • 7645f3c086 tests: add S4U2Proxy tests with TGS evidence ticket Isaac Boukris 2019-06-09 22:51:55 +00:00
  • b2f9bb67d7 krb5: specify krb5_enomem() calling convention Luke Howard 2021-09-16 14:59:25 +10:00
  • 2f57f31cd7 roken: Improve test-getuserinfo Nicolas Williams 2021-09-15 16:05:30 -05:00
  • 0e8323ccee roken: Do not pass NULL to getpwnam_r() Nicolas Williams 2021-09-15 10:41:32 -05:00
  • 5702bd5b77 asn1: Also decode ProxyCertInfo Nicolas Williams 2021-09-15 10:46:03 -05:00
  • 7dce1b6111 kdc: don't leak sec_context_token on checksum fail Luke Howard 2021-09-13 19:51:58 +10:00
  • 3ac48a8dfd krb5: KRB5_KRBHST_TKTBRIDGEAP Luke Howard 2021-08-10 19:18:36 +10:00
  • 0ed4d90a7c kdc: validate KDC-REQ-BODY invariance in GSS preauth Luke Howard 2021-09-13 16:17:18 +10:00
  • 207bfc066d krb5: add unkeyed SHA-2 checksum types Luke Howard 2021-09-13 17:07:13 +10:00
  • ebfd48e40a kdc: avoid re-encoding KDC-REQ-BODY Luke Howard 2021-09-13 13:50:45 +10:00
  • 908ef18c9f Revert "krb5: zero nonce before encoding for GSS preauth" Luke Howard 2021-09-13 13:39:58 +10:00
  • c7bd01c62a yyerror: update to POSIX standard heitbaum 2021-09-10 00:28:16 +10:00
  • 3afd037fa3 appveyor: Fix build heitbaum 2021-09-10 07:49:21 +10:00
  • be9f26e064 doc: use top-level Wiki URL Luke Howard 2021-09-08 12:25:37 +10:00
  • 686e7905c7 doc: update build instructions URL Luke Howard 2021-09-08 12:22:25 +10:00
  • 34b374b5e4 krb5: zero nonce before encoding for GSS preauth Luke Howard 2021-09-07 14:31:12 +10:00
  • be2c28cc34 Check CLANG_FORMAT is executable. Robert Crowston 2021-08-18 15:18:01 +01:00
  • 9b46d6436f Only #include <malloc.h> if it is available. Robert Crowston 2021-08-20 16:02:38 +01:00
  • c3a5f20041 krb5: update krb5.conf(5) with RFC8009 enctypes Luke Howard 2021-09-06 13:31:03 +10:00
  • fc9f9b322a gss: implement gss_krb5_ccache_name() Luke Howard 2021-09-06 13:22:53 +10:00
  • 971648b71e kdc: correct logic error in altsecid_gss_preauth_authorizer Luke Howard 2021-08-31 11:06:32 +00:00
  • 01ef38b743 kdc: add sample GSS preauth authorization plugin Luke Howard 2021-08-31 07:58:07 +00:00
  • 7818f44659 gss_preauth: Fix build race Nicolas Williams 2021-08-29 13:50:39 -05:00
  • f43dbb1d25 gss_preauth: fix header dependency Luke Howard 2021-08-28 16:35:05 +10:00
  • f551ae3d82 gss_preauth: remove gss_preauth.h Luke Howard 2021-08-27 19:51:32 +10:00
  • ed1ef5d776 asn1: correctly check gmtime_s() return value Luke Howard 2021-08-27 16:08:54 +10:00
  • 774f50b28b gss: move GSS pre-auth helpers to convenience lib Luke Howard 2021-08-27 14:20:01 +10:00
  • 773802aecf kdc: fix _kdc_set_e_text argument in previous commit Luke Howard 2021-08-27 15:11:54 +10:00
  • 892a1ffcaa kdc: KRB5KDC_ERR_{C,S}_PRINCIPAL_UNKNOWN if missing field Luke Howard 2021-08-27 11:44:21 +10:00
  • 0417114794 kdc: validate sname in TGS-REQ Luke Howard 2021-08-27 11:42:48 +10:00
  • a5378daa6c Revert "gss: Fix leak of output_token in GSS PA" Nicolas Williams 2021-08-26 01:06:33 -05:00
  • e6283e2d3f hx509: For times before 2050 use UTCTime (fix pasto) Nicolas Williams 2021-08-25 22:49:14 -05:00
  • 041907d517 gss: Fix leak of output_token in GSS PA Nicolas Williams 2021-08-25 22:53:33 -05:00
  • 6f21611755 Avoid -Werror=address by skipping pointless _mg_buffer_zero() Andrew Bartlett 2021-08-26 11:22:46 +12:00
  • 3f7972e6be hx509: Use preferred attribute string types Nicolas Williams 2021-08-25 17:00:12 -05:00
  • f425e116b5 hx509: For times before 2050 use UTCTime Nicolas Williams 2021-08-25 16:48:10 -05:00
  • edf259dac9 asn1: Update comment in rfc2459.asn1 Nicolas Williams 2021-08-25 15:42:24 -05:00
  • 75449e1071 gss: Fix build for GSS preauth helpers Nicolas Williams 2021-08-25 15:41:35 -05:00
  • 76624dd4eb krb5: export krb5_set_log_dest() Luke Howard 2021-08-17 12:42:43 +10:00
  • b3511c145c gss: check for NULL before calling dlclose() Luke Howard 2021-08-19 10:39:58 +00:00
  • a56c3ad819 krb5: fix prototype in pa_gss_finish() Luke Howard 2021-08-18 08:17:04 +10:00
  • 1cdc9d5f3c krb5: export krb5_init_creds_step() Luke Howard 2021-08-16 22:41:52 +10:00
  • 576ce5d663 kdc: remove unused label in _kdc_gss_mk_pa_reply() Luke Howard 2021-08-15 20:55:31 +10:00
  • 5fb3cc998e kdc: check gcp != NULL Luke Howard 2021-08-15 16:29:21 +10:00
  • 386b8d328a kdc: refactor/improve error handling in GSS pa Luke Howard 2021-08-15 16:06:08 +10:00
  • a2538aeb38 kdc: fix leak in previous commit Luke Howard 2021-08-15 15:51:05 +10:00
  • df9e74b292 kdc: allow GSS error tokens in PA reply Luke Howard 2021-08-15 15:39:58 +10:00
  • 432fe0ad56 krb5: treat KRB5_NT_SRV_HST and KRB5_NT_SRV_INST identically Luke Howard 2021-08-15 15:03:19 +10:00