a2eac30736
Add gssapi_krb5_clear_status, gssapi_krb5_set_status for handling error messages.
Love Hörnquist Åstrand
2005-10-12 07:23:03 +00:00
5bf49e3df3
Don't install krb5.moduli for now.
Love Hörnquist Åstrand
2005-10-09 09:33:13 +00:00
66baee8800
(_krb5_krbhost_info_move): new function (_krb5_free_krbhst_info): expose to internal use
Love Hörnquist Åstrand
2005-10-08 15:40:50 +00:00
740f6b5deb
add Q for group 14
Love Hörnquist Åstrand
2005-10-08 15:39:42 +00:00
57bcc0c4e3
x
Love Hörnquist Åstrand
2005-10-08 15:35:16 +00:00
ffa6f55bd4
Prepare to pass down a krb5_krbhst_info into the pre-auth mechs
Love Hörnquist Åstrand
2005-10-08 15:34:53 +00:00
6b484c39a5
Inline short functions, share more code, rename COMPAT_27 to COMPAT_IETF, pass down a krb5_krbhst_info for verification of KDC info, and general cleaning up.
Love Hörnquist Åstrand
2005-10-08 15:32:14 +00:00
be13646074
Remove pk-init-19 support.
Love Hörnquist Åstrand
2005-10-08 08:49:40 +00:00
6f745de7ff
HDB extensions
Love Hörnquist Åstrand
2005-10-07 13:13:37 +00:00
0f0b587308
x
Love Hörnquist Åstrand
2005-10-07 12:20:27 +00:00
c3c4927a70
Install krb5.moduli in sysconfdir.
Love Hörnquist Åstrand
2005-10-07 12:20:11 +00:00
92c70eb57b
Describe format.
Love Hörnquist Åstrand
2005-10-07 12:19:10 +00:00
d392e84793
moduli file
Love Hörnquist Åstrand
2005-10-07 12:17:49 +00:00
3c93988850
rename moduli file to SYSCONFDIR "/krb5.moduli"
Love Hörnquist Åstrand
2005-10-07 12:08:02 +00:00
2ba37a88dd
Add forward declaration for krb5_dh_moduli. Add define for MODULI_FILE.
Love Hörnquist Åstrand
2005-10-07 11:44:49 +00:00
f961f7f538
Fix comment
Love Hörnquist Åstrand
2005-10-07 11:02:15 +00:00
1ef128fbff
Removing PK-INIT-19 support.
Love Hörnquist Åstrand
2005-10-07 11:00:05 +00:00
0915d6890b
(_krb5_dh_group_ok): return DH group name on success. (krb5_get_init_creds_opt_set_pkinit): use moduli file if it exists
Love Hörnquist Åstrand
2005-10-07 10:40:52 +00:00
b1fffa7079
Save DH group name and print it on success.
Love Hörnquist Åstrand
2005-10-07 10:40:00 +00:00
ff2f0da2df
(_krb5_dh_group_ok): if q is zero, ignore it.
Love Hörnquist Åstrand
2005-10-07 08:59:27 +00:00
776512783d
Check dh group parameters from client.
Love Hörnquist Åstrand
2005-10-07 08:57:51 +00:00
0fa6eefd9f
x
Love Hörnquist Åstrand
2005-10-07 08:56:15 +00:00
fcc233ae04
x
Love Hörnquist Åstrand
2005-10-07 08:55:50 +00:00
e3eff997f9
x
Love Hörnquist Åstrand
2005-10-07 08:55:28 +00:00
b5c8c913bc
x
Love Hörnquist Åstrand
2005-10-07 08:54:59 +00:00
a705696f64
Match error code with pk-init-27.
Love Hörnquist Åstrand
2005-10-07 08:53:50 +00:00
29bab5c5f9
Update error codes. Add name to group. Change return value of _krb5_dh_group_ok.
Love Hörnquist Åstrand
2005-10-07 08:53:15 +00:00
71b2f65b0d
Provide forward declartion of krb5_dh_moduli.
Love Hörnquist Åstrand
2005-10-07 06:27:14 +00:00
178e4c0087
Add support for reading a moduli-file for DH parameters.
Love Hörnquist Åstrand
2005-10-07 04:37:28 +00:00
7f2116e65f
Add tests for parse and print functions for heim_integer.
Love Hörnquist Åstrand
2005-10-07 03:49:57 +00:00
7c785284bd
Add parse and print functions for heim_integer.
Love Hörnquist Åstrand
2005-10-07 03:49:16 +00:00
5b3597703d
Document --list-caches
Love Hörnquist Åstrand
2005-10-06 19:59:16 +00:00
737b532df0
Change short flag of --list-caches to -l (-v is already used).
Love Hörnquist Åstrand
2005-10-06 19:56:38 +00:00
ce87d34e7c
x
Love Hörnquist Åstrand
2005-10-04 09:02:34 +00:00
1e22f60639
Validate that issuerAltName and subjectAltName isn't empty.
Love Hörnquist Åstrand
2005-10-04 08:59:54 +00:00
af4ec70bf2
x
Love Hörnquist Åstrand
2005-10-03 14:25:17 +00:00
c6df2af5e9
RFC 1510 was obsoleted by 4120.
Love Hörnquist Åstrand
2005-10-03 14:24:36 +00:00
1b5f2b7362
(init_ccapi): return kerberos errors, callers expect it (acc_get_cache_first): don't leak memory or abort on malloc failure
Love Hörnquist Åstrand
2005-10-03 08:44:18 +00:00
fcad6caa4c
x
Love Hörnquist Åstrand
2005-10-02 14:38:40 +00:00
183b07583a
Update text about Kerberos RFC's.
Love Hörnquist Åstrand
2005-10-02 14:38:04 +00:00
addf150924
Mac OS X 10.4 needs a runtime check if we are going to use the syscall, there is no cpp define to use to check the version. Every after 10.0 (darwin 8.0) uses the /dev/ version of the pioctl.
Love Hörnquist Åstrand
2005-10-02 03:17:06 +00:00
9cfdb7f017
Maybe include <sys/sysctl.h>.
Love Hörnquist Åstrand
2005-10-02 03:14:47 +00:00
2a6e781bff
x
Love Hörnquist Åstrand
2005-10-01 03:41:33 +00:00
cd2ce0c2a6
Add option --list-caches that lists the avaible caches and their status.
Love Hörnquist Åstrand
2005-10-01 03:39:59 +00:00
02a6d6bf99
Return KRB5_CC_NOSUPP for ccErrServerUnavailable.
Love Hörnquist Åstrand
2005-10-01 03:37:12 +00:00
a1ed69cd38
x
Love Hörnquist Åstrand
2005-10-01 02:56:32 +00:00
c9f13ad9b3
Support the new MacOS X 10.4 ioctl interface that is a device node. Patched from Tomas Olson <tol@it.su.se>.
Love Hörnquist Åstrand
2005-10-01 02:55:55 +00:00
5be5faa722
Use all DES keys, not just des-cbc-md5, verify that they all are the same.
Love Hörnquist Åstrand
2005-09-30 11:20:53 +00:00
5cfc8bd58c
Implement the cache iteration functions.
Love Hörnquist Åstrand
2005-09-30 11:16:04 +00:00
5ddc2e0774
Implement the cache iteration functions.
Love Hörnquist Åstrand
2005-09-30 10:10:09 +00:00
5eb65a941e
Test the new cache iteration functions.
Love Hörnquist Åstrand
2005-09-30 10:08:01 +00:00
e0a769c950
Add cache iteration funcations. Add internal allocation function for the memory of a krb5_ccache, and use it.
Love Hörnquist Åstrand
2005-09-30 10:07:26 +00:00
f8dce1d55e
x
Love Hörnquist Åstrand
2005-09-28 03:07:19 +00:00
aa37b056a2
Check for <stdint.h> and uintptr_t
Love Hörnquist Åstrand
2005-09-28 03:06:36 +00:00
38c5dbe857
Move rk_UNCONST to roken.h.in since it might use uintptr_t depending on avaibility.
Love Hörnquist Åstrand
2005-09-28 03:05:58 +00:00
2440d579fb
Include <stdint.h> if it exists. If avaiable, use uintptr_t to define rk_UNCONST.
Love Hörnquist Åstrand
2005-09-28 03:04:54 +00:00
754eec0f53
Remove leftovers, remove extra space.
Love Hörnquist Åstrand
2005-09-26 05:38:55 +00:00
388b0ffca4
More verbose PK-INIT logging.
Love Hörnquist Åstrand
2005-09-25 15:23:21 +00:00
61b1ea80de
The public DH key is encoded as an INTEGER in subjectPublicKey. Don't verify OID's for now.
Love Hörnquist Åstrand
2005-09-25 15:18:14 +00:00
70a6c9a2e4
Support cached DH variable (still need to store it though), don't check the oid of the DH signedData for now.
Love Hörnquist Åstrand
2005-09-25 15:14:31 +00:00
8191484ee6
Wrap DH public key in a ASN.1 INTEGER wrapping.
Love Hörnquist Åstrand
2005-09-23 05:47:13 +00:00
3f70dd507f
x
Love Hörnquist Åstrand
2005-09-23 05:30:50 +00:00
a6a2a09c88
(gen_files_rfc2459) += asn1_DHPublicKey.x
Love Hörnquist Åstrand
2005-09-23 05:29:29 +00:00
3b929ad31f
Add DHPublicKey, and INTEGER to for storing the DH public key in the SubjectPublicKeyInfo.subjectPublicKey BIT STRING.
Love Hörnquist Åstrand
2005-09-23 05:27:57 +00:00
f0bf8a5c1e
(krb5_rd_cred): try both the session key and the sender subkey. Both RFC1510 and RFC4120 say that you have to use the session key, Heimdal uses subkey.
Love Hörnquist Åstrand
2005-09-23 03:37:57 +00:00
57dfd2209e
(libroken_la_SOURCES) += dumpdata.c
Love Hörnquist Åstrand
2005-09-23 00:02:50 +00:00
e0cb46351f
Add rk_dumpdata.
Love Hörnquist Åstrand
2005-09-22 23:52:24 +00:00
47be0b2203
Add rk_dumpdata() that write a chunk of data into a file for later processing by some other tool (like asn1_print).
Love Hörnquist Åstrand
2005-09-22 23:51:35 +00:00
f498bc66ae
Implement correct DH for -27, now working with client.
Love Hörnquist Åstrand
2005-09-22 13:41:01 +00:00
defb6d5697
Don't check oid's too closely, they change in Windows Vista.
Love Hörnquist Åstrand
2005-09-22 04:18:05 +00:00
28d0ef8d96
Move DH support from -19 to -27.
Love Hörnquist Åstrand
2005-09-21 00:40:32 +00:00
c957c952ca
x
Love Hörnquist Åstrand
2005-09-21 00:31:45 +00:00
2c7a8d4dca
TSequenceOf/TSetOf: Increase the length of the array after successful decoding the next element, so that the array don't contain heap-data.
Love Hörnquist Åstrand
2005-09-21 00:30:37 +00:00
c850268273
Disable sending -19, fix parsing -27 of the protocol.
Love Hörnquist Åstrand
2005-09-20 23:21:36 +00:00
0b55d28880
Remove double free, now pk-init works again.
Love Hörnquist Åstrand
2005-09-20 22:18:24 +00:00
e6aa3d7e6b
Ignore __i686.get_pc_thunk.
Love Hörnquist Åstrand
2005-09-20 20:41:04 +00:00
39b04f72d8
Support PK-INIT-27 DH (and remove -19)
Love Hörnquist Åstrand
2005-09-20 19:10:29 +00:00
fa4a72a52b
(pk_verify_chain_standard): set cert to NULL to make sure its not freed.
Love Hörnquist Åstrand
2005-09-20 19:06:40 +00:00
ce7c2af147
(krb5_DES_string_to_key): If the opaque length it set to 1, and content is 0x01, use the afs3 string-to-key.
Love Hörnquist Åstrand
2005-09-19 22:13:54 +00:00
d0af14e4fe
(make_etype_info2_entry): When its a afs3-salted key, use send the opaque, length 1 (with content set to 0x01) in ETYPE-INFO2-ENTRY.
Love Hörnquist Åstrand
2005-09-19 22:01:04 +00:00
9ea6ec2caa
Remove signedness warnings.
Love Hörnquist Åstrand
2005-09-19 20:23:05 +00:00
baee68592b
x
Love Hörnquist Åstrand
2005-09-19 16:42:21 +00:00
0640ce0c14
x
Love Hörnquist Åstrand
2005-09-19 14:21:22 +00:00
f6d60e2846
x
Love Hörnquist Åstrand
2005-09-15 21:59:09 +00:00
f22d629100
Use libtool's default values for building shared/static libaries, ie remove AC_ENABLE_SHARED(no), solves building problems users have on Mac OS X.
Love Hörnquist Åstrand
2005-09-15 21:58:45 +00:00
c30c8e2e42
x
Love Hörnquist Åstrand
2005-09-14 15:55:20 +00:00
ae8b9cd3fb
Cast to unsigned char to avoid warning.
Love Hörnquist Åstrand
2005-09-14 15:54:27 +00:00
f47adcff7d
Register pkcs11 module.
Love Hörnquist Åstrand
2005-09-14 15:53:53 +00:00
Love Hörnquist Åstrand