oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • eb293680a8 gss: fix regression in non-8003 checksums Luke Howard 2021-12-07 10:41:40 +11:00
  • 6f7c6a7f67 krb5: Fix out-of-tree SQLite3 ccache perms issue Nicolas Williams 2021-11-30 11:30:14 -06:00
  • a025788a37 krb5: Make test_cc run keyctl new_session Nicolas Williams 2021-11-30 00:54:20 -06:00
  • 90db9b96a4 krb5: Make test_cc not step on user ccaches Nicolas Williams 2021-11-30 00:53:45 -06:00
  • 6918322c79 krb5: Fix FILE ccache my_basename() bug Nicolas Williams 2021-11-30 00:52:35 -06:00
  • bacc484b2a krb5: Fix umask issue with SQLite3 Nicolas Williams 2021-11-30 00:58:31 -06:00
  • aeac1186c8 sqlite: Be thread-safe on Windows too Nicolas Williams 2021-11-30 00:55:11 -06:00
  • 250eee7acf sqlite: Use 0600 Nicolas Williams 2021-11-30 00:58:15 -06:00
  • beae9c3c43 roken: Use ptsname_r() if we have it Nicolas Williams 2021-11-29 17:32:37 -06:00
  • ed6f3f1786 autoconf: Remove unused tests Nicolas Williams 2021-11-29 17:31:58 -06:00
  • c84384c544 krb5: Fix doxygen comments Nicolas Williams 2021-11-30 00:56:13 -06:00
  • 63034f36ae base: Fix doxygen comments Nicolas Williams 2021-11-30 00:56:05 -06:00
  • 8a54096266 hx509: revert UTF-8 change to hx509 test data Luke Howard 2021-11-30 12:12:47 +11:00
  • 2f0c985b47 Revert "KCM wrong size memcmp" Romain Fihue 2021-11-29 15:53:17 +01:00
  • 7686028718 Use UTF-8 in KTH copyright notice Andrew Bartlett 2021-11-29 14:25:02 +13:00
  • 5f63215d0d Always perform == or != operation on cmp function result Nicolas Williams 2021-11-14 23:52:50 -06:00
  • 02200d55ea Address GCC Bug 95189 memcmp wrongly stripped like strcmp Jeffrey Altman 2021-11-24 09:21:36 -05:00
  • 8123ffc3f2 _gssapi_unwrap_iov_arcfour remove duplicate code block Jeffrey Altman 2021-11-24 09:36:29 -05:00
  • 8ed36cee5c kdc: Fix ‘header_key’ may be used uninitialized in this function Andrew Bartlett 2021-11-24 17:23:09 +13:00
  • 232c936ea3 asn1: Work around missing ENOTSUP (WIN32) Nicolas Williams 2021-11-23 18:11:48 -06:00
  • 92e5a4b7e5 Revert "asn1: use roken for generated source files" Nicolas Williams 2021-11-23 17:59:17 -06:00
  • 6cfbde4d86 plugin interface functions must specify calling convention Jeffrey Altman 2021-11-18 09:16:45 -05:00
  • 357a38fc7f lib/wind: find_normalize read past end of array Jeffrey Altman 2021-11-17 20:00:29 -05:00
  • 8ed48bc54d gss-token: Fix exit code Nicolas Williams 2021-11-17 16:44:13 -06:00
  • 6415a2032e Fix #696 - Find python as part of the configure process instead of hard coding it. Quanah Gibson-Mount 2020-04-28 20:16:40 +00:00
  • d269c30b2b lib/asn1: all exported functions must use ASN1CALL convention Jeffrey Altman 2021-11-16 17:21:57 -05:00
  • e27e056b45 asn1: use roken for generated source files Jeffrey Altman 2021-11-16 10:23:42 -05:00
  • 26df35d5f0 hdb: Fix test_namespace crash Nicolas Williams 2021-11-14 16:08:27 -06:00
  • 52e5cba08b Fix tests/check-kdc.in (fix 6d1e3c3d5) Nicolas Williams 2021-11-14 17:50:15 -06:00
  • 526317e80e Initialize local variable in kimpersonate to avoid crash in krb5_free_principal() Eric Hawicz 2021-11-12 16:38:22 -05:00
  • 2f31063e97 spnego: Minor style cleanup Nicolas Williams 2021-11-11 22:41:05 -06:00
  • 7a19658c1f spnego: Fix NULL deref Nicolas Williams 2021-11-11 22:38:46 -06:00
  • 6cbe35ad5d kadm5: Fix crash in principal creation Nicolas Williams 2021-10-30 00:42:02 -05:00
  • 66dabe7d39 hdb: Fix bug in hdb_clear_extension() Nicolas Williams 2021-10-30 00:41:15 -05:00
  • 831a5f9db3 hdb: Fix crash when expected KR is missing Nicolas Williams 2021-10-30 00:40:32 -05:00
  • 2a9b57cdad kadmin: Add command aliases to man page Nicolas Williams 2021-10-30 15:21:34 -05:00
  • 5d462795ce Add stub for gss_acquire_cred_impersonate_name(). Robert Crowston 2021-10-14 22:49:14 +01:00
  • 6d1e3c3d5b Fix spelling/grammar in various PKINIT messages Robert Crowston 2021-10-15 00:01:16 +01:00
  • a7f0b14f59 kdc: Fix check-pkinit UPN test misquoting Nicolas Williams 2021-10-15 13:59:07 -05:00
  • a8bd9b8c72 hdb: update HDB_F_SYNTHETIC_OK description Luke Howard 2021-10-15 11:12:06 +11:00
  • 341848a27b base: Fix leak on ENOMEM Nicolas Williams 2021-10-10 21:35:48 -05:00
  • 7672ad31db kdc: Fix leak and loss of kdc_check_flags() reason Nicolas Williams 2021-10-10 21:36:28 -05:00
  • 7e17db9f04 kdc: Fix leak on TGS referral Nicolas Williams 2021-10-10 21:18:51 -05:00
  • 54581d2d52 krb5: Fix PAC signature leak affecting KDC Nicolas Williams 2021-10-10 21:55:59 -05:00
  • 403a445f5b krb5: Document TGS HDB entry alias referral feature Nicolas Williams 2021-10-08 02:23:44 -05:00
  • 4e7c0fd129 kdc: Test referrals via HDB entry aliases Nicolas Williams 2021-10-08 02:02:17 -05:00
  • ba98690a0a kadmin: Add add_alias, del_alias Nicolas Williams 2021-10-06 21:59:43 -05:00
  • decd8f4102 hdb: Support referrals via aliases Nicolas Williams 2021-10-06 22:06:46 -05:00
  • a703bd1212 hdb: Deleting aliases corrupts iprop log Nicolas Williams 2021-10-08 18:09:24 -05:00
  • 8671858178 kadm5: Fix KRB5_TL_LAST_PWD_CHANGE handling Nicolas Williams 2021-10-08 02:01:29 -05:00
  • fb298a023b kadm5: Teach perform_tl_data() about aliases Nicolas Williams 2021-10-08 02:00:53 -05:00
  • 838431d95e krb5: Fix krb5.conf.5 man page bug Nicolas Williams 2021-10-08 02:23:26 -05:00
  • 06e6113960 gss: _gss_spnego_set_sec_context_option return Luke Howard 2021-10-11 14:57:09 +11:00
  • 7f8bb85cf5 tests: fix recent test from using system klist Isaac Boukris 2021-10-07 15:36:14 +03:00
  • 3e466caf10 krb5: skip cache check in S4U2Proxy requests Isaac Boukris 2021-09-28 02:55:00 +03:00
  • 85a5e5fb30 gss_preauth: remove protocol changes section from README Luke Howard 2021-09-24 07:38:10 +10:00
  • e21e2b8d14 tests: ticket acquired by AS cannot be used as evidence Isaac Boukris 2021-09-23 15:07:03 +03:00
  • d0e6ab43bc tests: check PAC client name in the non-canon case Isaac Boukris 2021-09-23 14:51:19 +03:00
  • fe71574be3 doc: add draft-perez-krb-wg-gss-preauth-03.txt Luke Howard 2021-09-23 19:16:22 +10:00
  • e7863e2af9 kdc: correctly generate PAC TGS signature Luke Howard 2021-09-23 17:51:51 +10:00
  • fab07c4274 kdc: move _kdc_verify_checksum() to misc.c Luke Howard 2021-09-23 17:41:43 +10:00
  • 3b0856cab2 kdc: use ticket client name when signing PAC Luke Howard 2021-09-23 14:39:35 +10:00
  • 071b95e683 roken: fix theoretical leak introduced in 7fbe7be6 Luke Howard 2021-09-23 10:32:45 +10:00
  • 8fc67658a6 various: squash MSVC uninitialized variable warnings (C4701) Luke Howard 2021-09-13 23:32:09 +10:00
  • 18a7562fa4 asn1: initialize L in ASN1_MALLOC_ENCODE Luke Howard 2021-09-14 00:25:10 +10:00
  • cba3f9a563 krb5: return KRB5KRB_AP_ERR_INAPP_CKSUM if PAC checksum fails Luke Howard 2021-09-17 13:57:57 +10:00
  • fd3f463152 kdc: map KRB5_PROG_SUMTYPE_NOSUPP to KRB5KDC_ERR_SUMTYPE_NOSUPP Luke Howard 2021-09-21 18:09:25 +10:00
  • 85756bd228 krb5: make keyed checksums mandatory where possible Luke Howard 2021-09-17 11:03:35 +10:00
  • 7fbe7be675 roken: check strdup succeeds in roken_gethostby_setup() Luke Howard 2021-09-20 17:58:19 +10:00
  • 6df8be5091 krb5: rework PAC validation loop Isaac Boukris 2021-09-19 15:16:58 +03:00
  • b295167208 krb5: allow NULL parameter to krb5_pac_free() Isaac Boukris 2021-09-19 15:04:14 +03:00
  • 2acc4508d9 krb5: fix test_pac format string Luke Howard 2021-09-19 14:01:04 +10:00
  • 6c339fd5a5 krb5: add pac ticket-signature unit tests Isaac Boukris 2021-08-24 02:28:22 +03:00
  • 2ffaba9401 kdc: sign ticket using Windows PAC Isaac Boukris 2021-08-13 12:44:37 +03:00
  • bb1d8f2a8c kdc: remove KRB5SignedPath, to be replaced with PAC Isaac Boukris 2020-12-28 22:07:10 +02:00
  • 544515931b tests: default verify_pac to true in test_ap-req Isaac Boukris 2021-07-14 17:09:06 +03:00
  • f4fcf8767c tests: fix a typo in test_ap_req Isaac Boukris 2021-07-14 15:23:11 +03:00
  • 152e28fc40 tests: add PAC test for CVE-2020-17049 (bronze bit) Isaac Boukris 2021-07-13 14:03:30 +03:00
  • 1ae7c61ef7 tests: add S4U2Proxy test with foreign client Isaac Boukris 2021-08-13 14:22:43 +03:00
  • 7645f3c086 tests: add S4U2Proxy tests with TGS evidence ticket Isaac Boukris 2019-06-09 22:51:55 +00:00
  • b2f9bb67d7 krb5: specify krb5_enomem() calling convention Luke Howard 2021-09-16 14:59:25 +10:00
  • 2f57f31cd7 roken: Improve test-getuserinfo Nicolas Williams 2021-09-15 16:05:30 -05:00
  • 0e8323ccee roken: Do not pass NULL to getpwnam_r() Nicolas Williams 2021-09-15 10:41:32 -05:00
  • 5702bd5b77 asn1: Also decode ProxyCertInfo Nicolas Williams 2021-09-15 10:46:03 -05:00
  • 7dce1b6111 kdc: don't leak sec_context_token on checksum fail Luke Howard 2021-09-13 19:51:58 +10:00
  • 3ac48a8dfd krb5: KRB5_KRBHST_TKTBRIDGEAP Luke Howard 2021-08-10 19:18:36 +10:00
  • 0ed4d90a7c kdc: validate KDC-REQ-BODY invariance in GSS preauth Luke Howard 2021-09-13 16:17:18 +10:00
  • 207bfc066d krb5: add unkeyed SHA-2 checksum types Luke Howard 2021-09-13 17:07:13 +10:00
  • ebfd48e40a kdc: avoid re-encoding KDC-REQ-BODY Luke Howard 2021-09-13 13:50:45 +10:00
  • 908ef18c9f Revert "krb5: zero nonce before encoding for GSS preauth" Luke Howard 2021-09-13 13:39:58 +10:00
  • c7bd01c62a yyerror: update to POSIX standard heitbaum 2021-09-10 00:28:16 +10:00
  • 3afd037fa3 appveyor: Fix build heitbaum 2021-09-10 07:49:21 +10:00
  • be9f26e064 doc: use top-level Wiki URL Luke Howard 2021-09-08 12:25:37 +10:00
  • 686e7905c7 doc: update build instructions URL Luke Howard 2021-09-08 12:22:25 +10:00
  • 34b374b5e4 krb5: zero nonce before encoding for GSS preauth Luke Howard 2021-09-07 14:31:12 +10:00
  • be2c28cc34 Check CLANG_FORMAT is executable. Robert Crowston 2021-08-18 15:18:01 +01:00
  • 9b46d6436f Only #include <malloc.h> if it is available. Robert Crowston 2021-08-20 16:02:38 +01:00
  • c3a5f20041 krb5: update krb5.conf(5) with RFC8009 enctypes Luke Howard 2021-09-06 13:31:03 +10:00
  • fc9f9b322a gss: implement gss_krb5_ccache_name() Luke Howard 2021-09-06 13:22:53 +10:00
  • 971648b71e kdc: correct logic error in altsecid_gss_preauth_authorizer Luke Howard 2021-08-31 11:06:32 +00:00