c1e7cda8e8
add --logfile option, use htons() on port number
Love Hörnquist Åstrand
2006-09-19 10:20:50 +00:00
99a2e32cad
Log port in connection message.
Love Hörnquist Åstrand
2006-09-19 10:20:08 +00:00
62e15d7f6b
Add documentation for -e, require encryption.
Love Hörnquist Åstrand
2006-09-19 08:27:40 +00:00
b6e0a49796
Add require_encryption.
Love Hörnquist Åstrand
2006-09-19 08:26:50 +00:00
4adf47957d
Allow encryption to be required, wait to the client to turn it on, if failes, refuse the connection.
Love Hörnquist Åstrand
2006-09-19 08:26:21 +00:00
ead5f1b7b6
If encryption is required, don't allow it to be turned off.
Love Hörnquist Åstrand
2006-09-19 08:25:20 +00:00
fbfc689300
Make pk-init turned on by default.
Love Hörnquist Åstrand
2006-09-19 05:36:53 +00:00
63572569a2
x
Love Hörnquist Åstrand
2006-09-19 05:18:25 +00:00
7e16fd5b87
x
Love Hörnquist Åstrand
2006-09-18 19:07:40 +00:00
2ae2ee05a3
Build lib/hx509/{hx509-protos.h,hx509-private.h}.
Love Hörnquist Åstrand
2006-09-18 19:07:27 +00:00
2e9ce6d405
Add (c)
Love Hörnquist Åstrand
2006-09-18 18:06:21 +00:00
105c3d84b6
x
Love Hörnquist Åstrand
2006-09-18 17:59:56 +00:00
3a023829eb
Test constrained delegation impersonation.
Love Hörnquist Åstrand
2006-09-18 17:59:41 +00:00
c1c7757afe
Add tool for printing tickets.
Love Hörnquist Åstrand
2006-09-18 17:36:06 +00:00
cafd935d88
Check the adtkt in the constrained delegation case too.
Love Hörnquist Åstrand
2006-09-18 17:30:19 +00:00
467d6b124c
x
Love Hörnquist Åstrand
2006-09-16 18:29:50 +00:00
960ba25de3
Change the password on krbtgt a couple of times to have a non boring kvno.
Love Hörnquist Åstrand
2006-09-16 18:29:38 +00:00
961332d213
x
Love Hörnquist Åstrand
2006-09-16 17:33:53 +00:00
6438583810
Add samba_SOCKET_WRAPPER fragment
Love Hörnquist Åstrand
2006-09-16 17:31:39 +00:00
a10e7216d6
(sigterm): don't _exit, let loop() catch the signal instead.
Love Hörnquist Åstrand
2006-09-16 17:28:05 +00:00
094d84a5ca
x
Love Hörnquist Åstrand
2006-09-16 09:28:15 +00:00
64bcdf0b5d
Fixes from Björn Sandell.
Love Hörnquist Åstrand
2006-09-16 09:27:28 +00:00
364e63f12a
Add commeted out test that exponent is > 3
Love Hörnquist Åstrand
2006-09-15 14:09:28 +00:00
e18663839d
x
Love Hörnquist Åstrand
2006-09-15 06:18:14 +00:00
185e193235
Add "kafs" option.
Love Hörnquist Åstrand
2006-09-15 06:17:50 +00:00
1b8fc81fde
yutaka test certs
Love Hörnquist Åstrand
2006-09-15 06:07:55 +00:00
8f46285916
Add test for yutaka certs.
Love Hörnquist Åstrand
2006-09-15 06:00:11 +00:00
6168bc80da
x
Love Hörnquist Åstrand
2006-09-15 05:59:46 +00:00
41e00c0c70
Add a strict rfc3280 verification flag. rfc3280 requires certificates to have KeyUsage.keyCertSign if they are to be used for signing of certificates, but the step in the verifiation is optional.
Love Hörnquist Åstrand
2006-09-15 05:59:35 +00:00
697eae9c9d
Improve printing and error reporting.
Love Hörnquist Åstrand
2006-09-15 05:50:17 +00:00
d6ac5d5275
test bleichenbacher from eay
Love Hörnquist Åstrand
2006-09-12 22:04:42 +00:00
24ff7295c8
Make common function for all getarg_strings and hx509_certs_append commonly used.
Love Hörnquist Åstrand
2006-09-12 20:08:42 +00:00
62d57dc40e
x
Love Hörnquist Åstrand
2006-09-12 19:52:00 +00:00
34ce1baf38
HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT is a negative flag, treat it was such.
Love Hörnquist Åstrand
2006-09-12 19:22:53 +00:00
08b43ec9ea
x
Love Hörnquist Åstrand
2006-09-12 18:25:46 +00:00
ee9b01aa50
By using full function calling conversion (*func) we avoid problem when close(fd) is overridden using a macro.
Love Hörnquist Åstrand
2006-09-12 18:12:37 +00:00
1eaf2446ed
Make compile again.
Love Hörnquist Åstrand
2006-09-12 17:35:33 +00:00
fc6f056629
Add socket-wrapper test
Love Hörnquist Åstrand
2006-09-12 17:33:07 +00:00
44c73244c3
By using full function calling conversion (*func) we avoid problem when close(fd) is overridden using a macro.
Love Hörnquist Åstrand
2006-09-12 17:32:10 +00:00
ce1b1b08af
Signing outgoing tickets.
Love Hörnquist Åstrand
2006-09-11 13:39:48 +00:00
2db346fb7d
Add signing and checking of tickets to s4u2self works securely.
Love Hörnquist Åstrand
2006-09-11 13:39:13 +00:00
d2e95a2867
x
Love Hörnquist Åstrand
2006-09-11 13:38:29 +00:00
3993e250af
Add KRB5SignedPath and friends.
Love Hörnquist Åstrand
2006-09-11 13:38:20 +00:00
8d6e197003
Add keyusage for KRB5SignedPath.
Love Hörnquist Åstrand
2006-09-11 13:32:57 +00:00
c2a3bce503
Add KRB5SignedPath and friends.
Love Hörnquist Åstrand
2006-09-11 13:28:59 +00:00
c9f98b46b1
x
Love Hörnquist Åstrand
2006-09-11 07:09:00 +00:00
7c40efd741
x
Love Hörnquist Åstrand
2006-09-11 06:43:11 +00:00
a688982129
Use the new add_GeneralNames function.
Love Hörnquist Åstrand
2006-09-11 06:43:00 +00:00
a368903335
Add new sequence generation for GeneralNames.
Love Hörnquist Åstrand
2006-09-11 06:40:54 +00:00
b226d0acf5
Adapt to new signature of hx509_cms_unenvelope.
Love Hörnquist Åstrand
2006-09-11 06:38:36 +00:00
15a66286ab
Add HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT.
Love Hörnquist Åstrand
2006-09-11 06:35:53 +00:00
9358faef60
Allow passing in encryptedContent and flag. Add new flag HX509_CMS_UE_DONT_REQUIRE_KU_ENCIPHERMENT.
Love Hörnquist Åstrand
2006-09-11 06:31:34 +00:00
b82929db43
x
Love Hörnquist Åstrand
2006-09-09 13:39:44 +00:00
0fbe98fc9c
(pk_verify_host): set errorstrings in a sensable way
Love Hörnquist Åstrand
2006-09-09 13:39:24 +00:00
5675de7426
x
Love Hörnquist Åstrand
2006-09-08 09:54:12 +00:00
dd04abbea7
cast void * to char * when using it for %s formating in printf.
Love Hörnquist Åstrand
2006-09-08 09:54:01 +00:00
2acf7df729
New function _hx509_Name_to_string.
Love Hörnquist Åstrand
2006-09-08 09:52:39 +00:00
b67169a918
x
Love Hörnquist Åstrand
2006-09-07 22:02:15 +00:00
d23cf3f57d
Prevent a font generation warning, from Jason McIntyre.
Love Hörnquist Åstrand
2006-09-07 22:01:43 +00:00
0e9f9c8b5f
x
Love Hörnquist Åstrand
2006-09-07 12:20:54 +00:00
6914282b1d
(CMSVersion): rename versions from v0 to CMSVersion_v0, ...
Love Hörnquist Åstrand
2006-09-07 12:20:42 +00:00
dcfd1554d2
x
Love Hörnquist Åstrand
2006-09-07 10:58:26 +00:00
39ca3ae4a5
Sprinkle error messages.
Love Hörnquist Åstrand
2006-09-07 10:58:17 +00:00
3a6a84147b
x
Love Hörnquist Åstrand
2006-09-07 10:44:31 +00:00
dbd04c392e
Sprinkle even more error messages.
Love Hörnquist Åstrand
2006-09-07 10:43:48 +00:00
bb0a57b254
Sprinkle some more error strings.
Love Hörnquist Åstrand
2006-09-07 09:22:07 +00:00
6e2407cfb9
(find_CMSIdentifier): only free string when we allocated one.
Love Hörnquist Åstrand
2006-09-07 09:11:30 +00:00
a45b9ccd18
x
Love Hörnquist Åstrand
2006-09-07 09:07:26 +00:00
2fc4f25c93
Don't build most of the pkcs11 module if there are no dlopen().
Love Hörnquist Åstrand
2006-09-07 09:07:15 +00:00
ea514adfd7
Comment about the DIR module.
Love Hörnquist Åstrand
2006-09-07 08:56:48 +00:00
34b0d0c2ec
x
Love Hörnquist Åstrand
2006-09-07 08:09:42 +00:00
a554fa893b
Reverse 1.5, not needed.
Love Hörnquist Åstrand
2006-09-07 08:09:21 +00:00
2b00422f5e
x
Love Hörnquist Åstrand
2006-09-06 21:50:35 +00:00
d7b6342d34
(hx509_cms_unenvelope): try to save the error string from find_CMSIdentifier so we have one more bit of information what went wrong.
Love Hörnquist Åstrand
2006-09-06 21:50:18 +00:00
2d40fa34d7
x
Love Hörnquist Åstrand
2006-09-06 19:12:13 +00:00
746ee7473a
(krb5_init_ets): Add the hx errortable
Love Hörnquist Åstrand
2006-09-06 19:11:32 +00:00
b2c273d1fd
Include hx509_err.h.
Love Hörnquist Åstrand
2006-09-06 19:11:02 +00:00
aa7b92c27f
x
Love Hörnquist Åstrand
2006-09-06 18:53:56 +00:00
c360ec2e50
(_krb5_pk_verify_sign): catch the error string from the hx509 lib
Love Hörnquist Åstrand
2006-09-06 18:53:39 +00:00
9bf4e18d6d
More pretty printing, make verify_signed return the error string from the library.
Love Hörnquist Åstrand
2006-09-06 18:48:51 +00:00
f8b51d6727
Try returning what certificates failed to parse or be found.
Love Hörnquist Åstrand
2006-09-06 18:47:55 +00:00
36d0c4e85a
(p11_list_keys): fetch CKA_LABEL and use it to set the friendlyname for the certificate.
Love Hörnquist Åstrand
2006-09-06 09:26:43 +00:00
30a95d7add
x
Love Hörnquist Åstrand
2006-09-05 21:38:57 +00:00
f62a5620c6
check that there are no extra bytes in the checksum and that the parameters are NULL or the NULL-type. All to avoid having excess data that can be used to fake the signature.
Love Hörnquist Åstrand
2006-09-05 21:38:44 +00:00
3d82dd78b7
x
Love Hörnquist Åstrand
2006-09-05 21:25:05 +00:00
b69e61c398
Check for Daniel Bleichenbacher an attack on PKCS #1 v1.5 signatures.
Love Hörnquist Åstrand
2006-09-05 21:24:48 +00:00
434b2f2b12
x
Love Hörnquist Åstrand
2006-09-05 20:55:26 +00:00
a738dfe90c
print keyusage
Love Hörnquist Åstrand
2006-09-05 20:55:03 +00:00
dc5e51aaf2
add hx509_cert_keyusage_print, simplify oid printing
Love Hörnquist Åstrand
2006-09-05 20:53:34 +00:00
0efe7f3455
add _hx509_cert_get_keyusage
Love Hörnquist Åstrand
2006-09-05 20:52:35 +00:00
cf9a110826
keep one session around for the whole life of the keyset
Love Hörnquist Åstrand
2006-09-05 20:51:30 +00:00
c6b0e4b61b
tests more selection
Love Hörnquist Åstrand
2006-09-05 19:58:11 +00:00
6f0843cebf
improve pretty printing in print and query
Love Hörnquist Åstrand
2006-09-05 19:48:44 +00:00
caa0fe8295
add selection on KU and printing to query
Love Hörnquist Åstrand
2006-09-05 19:35:13 +00:00
35287059cf
Add cms test for digitalSignature and keyEncipherment certs.
Love Hörnquist Åstrand
2006-09-05 19:14:55 +00:00
83b8d2b65d
x
Love Hörnquist Åstrand
2006-09-05 18:55:10 +00:00
a1e502b177
(no): Add serialNumber
Love Hörnquist Åstrand
2006-09-05 18:54:55 +00:00
81e480b985
x
Love Hörnquist Åstrand
2006-09-05 17:36:06 +00:00
Love Hörnquist Åstrand