Commit Graph

Select branches

Hide Pull Requests

kadmin-get-printf-debugging

master

sd-notify

systemd-support

git2svn-syncpoint-master

switch-from-svn-to-git

Mono Color

• e26ef8b690 First revision of the digest (CHAP so far) code. Love Hörnquist Åstrand 2006-08-24 08:53:55 +00:00
• dfcd435953 (krb5_kdc_default_config): default to all bits set to zero. Love Hörnquist Åstrand 2006-08-24 08:52:53 +00:00
• 2efd79caef (configure): Add enable_digest, default off Love Hörnquist Åstrand 2006-08-24 08:51:40 +00:00
• 7ae6f1fbd6 (krb5_kdc_configuration): Add enable_digest Love Hörnquist Åstrand 2006-08-24 08:51:15 +00:00
• 1bdc073a65 Include <digest_asn1.h>. Love Hörnquist Åstrand 2006-08-24 08:46:48 +00:00
• c84978ea6d (krb5_kerberos_enctypes): new function, returns the list of Kerberos encryption types sorted in order of most preferred to least preferred encryption type. Love Hörnquist Åstrand 2006-08-24 08:43:15 +00:00
• 3ffb120454 (_kdc_get_preferred_key): new function, Use the order list of preferred encryption types and sort the available keys and return the most preferred key. Love Hörnquist Åstrand 2006-08-24 08:40:56 +00:00
• fb086a0312 Adapt to the new sigature of _kdc_find_keys(). Love Hörnquist Åstrand 2006-08-24 08:33:53 +00:00
• c97d034ed3 Handle session key etype separately from the tgt etype, now the krbtgt can be a aes-only key without the need to support not-as-good etypes for the krbtgt. Love Hörnquist Åstrand 2006-08-24 08:33:09 +00:00
• 599d3cf216 Change _kdc_db_fetch() to return the database pointer too if needed by the consumer. Love Hörnquist Åstrand 2006-08-23 11:45:16 +00:00
• 03f49a749f Add --kerberos-realm, add client request command. Love Hörnquist Åstrand 2006-08-23 11:36:41 +00:00
• 37129f204b Use the krb5_digest api. Return useful errorstring on no-existant command. Add client request command. Love Hörnquist Åstrand 2006-08-23 11:36:19 +00:00
• 17f00ca951 Add digest glue. Love Hörnquist Åstrand 2006-08-23 11:31:14 +00:00
• b68aa0068d (krb5_digest_set_authentication_user): use krb5_principal Love Hörnquist Åstrand 2006-08-23 11:30:38 +00:00
• c45391adce Add digest support to the client side. Love Hörnquist Åstrand 2006-08-23 11:25:48 +00:00
• eb9c693880 Add digest.c to libkrb5.so Love Hörnquist Åstrand 2006-08-23 11:25:05 +00:00
• aeb27f8bbe Add some missing fields needed for digest. Love Hörnquist Åstrand 2006-08-23 11:24:24 +00:00
• d102ff65ec add test for chap Love Hörnquist Åstrand 2006-08-22 14:33:14 +00:00
• 34db0b7e88 save the passwords Love Hörnquist Åstrand 2006-08-22 14:32:46 +00:00
• 4897675c5c x Love Hörnquist Åstrand 2006-08-21 12:06:53 +00:00
• 49ea5b409d Remove empty lines for picky awks Love Hörnquist Åstrand 2006-08-21 12:05:48 +00:00
• 258668b591 add realm to server-init Love Hörnquist Åstrand 2006-08-21 10:15:45 +00:00
• c2a13c1cd3 Tweak to make consisten and more easier to use. Love Hörnquist Åstrand 2006-08-21 09:21:21 +00:00
• bd969fac52 (krb5_rd_rep): free krb5_ap_rep_enc_part on error and set return pointer to NULL (krb5_free_ap_rep_enc_part): permit freeing of NULL Love Hörnquist Åstrand 2006-08-21 09:19:22 +00:00
• 324d6e3209 unbreak tagging, add identifier. Love Hörnquist Åstrand 2006-08-18 12:56:12 +00:00
• 31a81a1f96 use the secret digestkey, not the public session key Love Hörnquist Åstrand 2006-08-18 11:24:37 +00:00
• 59e7b22985 Fill in more how this is supposed to work. Love Hörnquist Åstrand 2006-08-18 11:23:50 +00:00
• 4afabfdf3a x Love Hörnquist Åstrand 2006-08-18 10:48:46 +00:00
• c37191e06e Frontend for remote digest service in KDC Love Hörnquist Åstrand 2006-08-18 10:44:40 +00:00
• 3b766317e8 Document krb5_{ret,store}_stringnl functions. Love Hörnquist Åstrand 2006-08-18 08:41:09 +00:00
• 2d2f459f74 Add krb5_{ret,store}_stringnl functions, stores/retrieves a \n terminated string. Love Hörnquist Åstrand 2006-08-18 08:39:13 +00:00
• 3d8e85ad37 Default to address-less tickets. Love Hörnquist Åstrand 2006-08-18 08:36:55 +00:00
• 0679c60ddd (krb5_get_init_creds_opt_get_error): clear error string on error. Love Hörnquist Åstrand 2006-08-18 08:36:02 +00:00
• 343cb164c8 If seteuid() failes, break out of the function. Prompted by MIT advisory. Love Hörnquist Åstrand 2006-08-08 21:50:40 +00:00
• 847a99a0ec Check return values from setuid, prompted by MIT advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. Love Hörnquist Åstrand 2006-08-08 21:43:58 +00:00
• cd67e721c3 x Love Hörnquist Åstrand 2006-08-08 21:31:30 +00:00
• b42ab99857 Check for seteuid failure, prompted by MIT advisory. Love Hörnquist Åstrand 2006-08-08 21:31:02 +00:00
• fd6204f302 x Love Hörnquist Åstrand 2006-08-08 21:09:34 +00:00
• f1e2dae0f6 Check return values from seteuid, prompted by MIT advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. Love Hörnquist Åstrand 2006-08-08 21:08:46 +00:00
• 7160948ea6 Add comment by seteuid call isn't not needed. Love Hörnquist Åstrand 2006-08-08 21:06:11 +00:00
• 7154d3b11d Check return values from seteuid, prompted by MIT advisory. Thanks to Tom Yu at MIT, and Michael Calmer and Marcus Meissner at SUSE. Either of CVE-2006-3083 or CVE-2006-3084. Love Hörnquist Åstrand 2006-08-08 21:03:26 +00:00
• 702b7b61f4 rename command to supported-mechanisms Love Hörnquist Åstrand 2006-07-22 14:54:05 +00:00
• 7b226efc09 rename command to supported-mechanisms Love Hörnquist Åstrand 2006-07-22 14:48:58 +00:00
• f60c032c64 x Love Hörnquist Åstrand 2006-07-22 02:37:29 +00:00
• d88a0c2607 Make gss objects depend on the slc built gss-commands.h Love Hörnquist Åstrand 2006-07-22 02:37:08 +00:00
• feb36e2e72 Add the slc file gss-commands.in to gss program Love Hörnquist Åstrand 2006-07-21 09:06:52 +00:00
• 5a4d04ed30 remove aes-192 Love Hörnquist Åstrand 2006-07-20 21:37:17 +00:00
• 0cc87e8758 Remove more CMS bits. Love Hörnquist Åstrand 2006-07-20 21:37:16 +00:00
• 45445f0304 make chap work too (needed for eap-md5) Love Hörnquist Åstrand 2006-07-20 13:33:43 +00:00
• 36a68f2522 x Love Hörnquist Åstrand 2006-07-20 11:23:25 +00:00
• 80e3f2716a Remove CMS symmetric encryption support. Add DigestProtocol. Love Hörnquist Åstrand 2006-07-20 11:23:07 +00:00
• a51123b032 DigestProtocol Love Hörnquist Åstrand 2006-07-20 11:22:36 +00:00
• af73b8f85f x Love Hörnquist Åstrand 2006-07-20 10:58:02 +00:00
• fdcc12bca6 Remove CMS symmetric encryption support. Love Hörnquist Åstrand 2006-07-20 10:57:44 +00:00
• ab33ecb1ab Remove CMS symmetric encryption support. Love Hörnquist Åstrand 2006-07-20 10:48:26 +00:00
• 3a7f18784a Avoid calling sl_command w/o command name. Love Hörnquist Åstrand 2006-07-20 10:27:50 +00:00
• e976877e0c more name testing Love Hörnquist Åstrand 2006-07-20 05:13:25 +00:00
• 908ffa6950 test names Love Hörnquist Åstrand 2006-07-20 05:02:14 +00:00
• 2524317450 add slc commands for gss Love Hörnquist Åstrand 2006-07-20 04:26:05 +00:00
• 43c4d28c5a use slc Love Hörnquist Åstrand 2006-07-20 04:25:45 +00:00
• 6fc08c2f0a Remove dup prototype of _gsskrb5_init() Love Hörnquist Åstrand 2006-07-20 03:53:31 +00:00
• 700548d8f3 x Love Hörnquist Åstrand 2006-07-20 02:31:16 +00:00
• e99cae2284 Add test_cfx Love Hörnquist Åstrand 2006-07-20 02:30:53 +00:00
• 492e9f9da2 add GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X Love Hörnquist Åstrand 2006-07-20 02:30:07 +00:00
• a2ea91c906 catch GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X Love Hörnquist Åstrand 2006-07-20 02:29:13 +00:00
• 24397fd675 reimplement gsskrb5_register_acceptor_identity Love Hörnquist Åstrand 2006-07-20 02:28:37 +00:00
• e177561ec2 implement gsskrb5_register_acceptor_identity Love Hörnquist Åstrand 2006-07-20 02:18:08 +00:00
• 400ccc768d add GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X Love Hörnquist Åstrand 2006-07-20 02:17:00 +00:00
• bccfb8cbf4 call _gss_load_mech Love Hörnquist Åstrand 2006-07-20 02:04:00 +00:00
• 00e06e0965 (gss_inquire_cred): call _gss_load_mech Love Hörnquist Åstrand 2006-07-20 02:03:18 +00:00
• c8823f15de Make _gss_load_mech() atomic and run only once, this have the side effect that _gss_mechs and _gss_mech_oids is only initialized once, so if just the users of these two global variables calls _gss_load_mech() first, it will act as a barrier and make sure the variables are never changed and we don't need to lock them. Love Hörnquist Åstrand 2006-07-20 02:01:56 +00:00
• dceb8d0ad3 no need to mark functions extern. Love Hörnquist Åstrand 2006-07-20 01:48:25 +00:00
• 9b06a35e57 no need to mark _gss_find_mn extern. Love Hörnquist Åstrand 2006-07-20 01:47:51 +00:00
• c54d474c55 x Love Hörnquist Åstrand 2006-07-20 01:41:22 +00:00
• 610f467aca Redo the wrap length calculations. Love Hörnquist Åstrand 2006-07-19 14:17:05 +00:00
• 430246f106 Expose the wrap length calculations in cfx for external testing. Love Hörnquist Åstrand 2006-07-19 14:16:33 +00:00
• 8938caad35 test max_wrap_size in cfx.c Love Hörnquist Åstrand 2006-07-19 14:15:07 +00:00
• 401ac054a8 Handle more error codes. Love Hörnquist Åstrand 2006-07-19 11:02:33 +00:00
• 0171fbdfdb x Love Hörnquist Åstrand 2006-07-14 02:31:56 +00:00
• c86020bf6d (format_field): optionally print issuer and anchor. Love Hörnquist Åstrand 2006-07-14 02:31:30 +00:00
• cbd3b00c19 x Love Hörnquist Åstrand 2006-07-13 18:38:20 +00:00
• 615106f750 (_kdc_pk_check_client): make it not crash when there are no acl Love Hörnquist Åstrand 2006-07-13 18:37:58 +00:00
• fea203a708 (_kdc_pk_check_client): use the acl in the kerberos database Love Hörnquist Åstrand 2006-07-13 18:32:45 +00:00
• c0c59a96f2 Rename HDB-Ext-PKINIT-certificate to HDB-Ext-PKINIT-hash. Add trust anchor to HDB-Ext-PKINIT-acl. Love Hörnquist Åstrand 2006-07-13 18:22:22 +00:00
• ae8b26789f rename asn1_HDB_Ext_PKINIT_certificate to asn1_HDB_Ext_PKINIT_hash Love Hörnquist Åstrand 2006-07-13 18:20:31 +00:00
• 5575d427b3 Add hdb_entry_get_pkinit_hash(). Love Hörnquist Åstrand 2006-07-13 18:18:50 +00:00
• 2cdda8a767 (_gsskrb5_accept_sec_context): use GSS_C_NO_NAME Love Hörnquist Åstrand 2006-07-10 18:28:22 +00:00
• c2de386016 x Love Hörnquist Åstrand 2006-07-10 17:03:52 +00:00
• ecd86630af x Love Hörnquist Åstrand 2006-07-10 14:48:05 +00:00
• 5ea0612ca9 If --password-file gets STDIN, read the password from the standard input. Love Hörnquist Åstrand 2006-07-10 14:47:45 +00:00
• 095abbfd38 Document --password-file=STDIN. Love Hörnquist Åstrand 2006-07-10 14:46:58 +00:00
• 35097afefd x Love Hörnquist Åstrand 2006-07-10 14:29:10 +00:00
• 16de57a5b4 Remove duplicate to. Love Hörnquist Åstrand 2006-07-10 14:28:01 +00:00
• 1656b1d9b2 switch order of headerfiles Love Hörnquist Åstrand 2006-07-07 22:21:56 +00:00
• 49f58ef90d Include <krb5-types.h> and "mechqueue.h" Love Hörnquist Åstrand 2006-07-07 15:37:44 +00:00
• 6b8a8dcea1 Add SLIST macros Love Hörnquist Åstrand 2006-07-07 15:36:10 +00:00
• 71d3172ea3 Don't free return values on success. Love Hörnquist Åstrand 2006-07-07 01:48:30 +00:00
• 48e418072e (_gsskrb5_inquire_cred): When cred provided is the default cred, acquire the acceptor cred and initator cred in two diffrent steps and then query them for the information, this way, the code wont fail if there are no keytab, but there is a credential cache. Love Hörnquist Åstrand 2006-07-06 22:37:19 +00:00
• 5a56af8c79 move the check if we found any cred where it matter for both cases (default cred and provided cred) Love Hörnquist Åstrand 2006-07-06 22:34:05 +00:00
• 323e9bf254 The variable `mechanisms´ might be NULL, use a diffrent counter if we manged to inquire the underlaying creds or not Love Hörnquist Åstrand 2006-07-06 22:32:28 +00:00