oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • f0e00bfd8d (krb5_verify_ap_req2): krb5_free_ticket free the ticket now, rewrite error handling to handle that Love Hörnquist Åstrand 2003-11-09 01:28:01 +00:00
  • bc935dd347 x Love Hörnquist Åstrand 2003-11-09 01:22:46 +00:00
  • 711b17e252 (gss_delete_sec_context): don't free ticket, krb5_free_ticket does that now Love Hörnquist Åstrand 2003-11-09 01:17:13 +00:00
  • 20a96e4876 (process): don't free ticket, krb5_free_ticket does that now Love Hörnquist Åstrand 2003-11-09 01:12:09 +00:00
  • 4e48b5550c (tgs_rep2): don't free ticket, krb5_free_ticket does that now Love Hörnquist Åstrand 2003-11-09 00:58:03 +00:00
  • 3d146065c3 (krb5_free_ticket): free the ticket itself to match mit behavior, pointed out by Derrick Brashear Love Hörnquist Åstrand 2003-11-09 00:53:12 +00:00
  • 52330937a3 krb5_free_ticket free the whole ticket Love Hörnquist Åstrand 2003-11-09 00:48:40 +00:00
  • ceffd3f0a4 add [appdefaults]kinit/pkinit-ca-dir Love Hörnquist Åstrand 2003-11-08 19:23:51 +00:00
  • cb698a314c x Love Hörnquist Åstrand 2003-11-08 09:45:17 +00:00
  • c8d290d46d add krb5_padata_add Love Hörnquist Åstrand 2003-11-08 09:36:35 +00:00
  • 5e15b4e031 krb5_context_data.pkinit_win2k_compatible Love Hörnquist Åstrand 2003-11-08 09:34:54 +00:00
  • 8260bb511d add pkinit.c Love Hörnquist Åstrand 2003-11-08 09:32:47 +00:00
  • c7a2d2d775 x Love Hörnquist Åstrand 2003-11-08 08:59:30 +00:00
  • 237ff82b29 add pkinit support Love Hörnquist Åstrand 2003-11-08 08:56:38 +00:00
  • 61cd5b101e add support for pkinit Love Hörnquist Åstrand 2003-11-08 08:52:07 +00:00
  • bb6a4a2b80 rename krb5_pk_init_openssl_ctx to krb5_pk_init_ctx fix win2k error handling Love Hörnquist Åstrand 2003-11-08 08:49:02 +00:00
  • acc61addac make compile again Love Hörnquist Åstrand 2003-11-08 08:46:58 +00:00
  • f955c2a095 add the opaque krb5_pk_init_ctx to _krb5_get_init_creds_opt_private Love Hörnquist Åstrand 2003-11-08 08:42:03 +00:00
  • 0c7a0277a1 PKINIT patch from Daniel Kouril and Petr Holub, I removed the dependency on valicert asn1 parser, remove smartcard and globus support (for now). Work to be done on this: DH support, Globus support, Smartcard support, windows support (MS implements -09 of the draft), verify that it conforms the new draft Love Hörnquist Åstrand 2003-11-08 08:32:11 +00:00
  • d56cb05fe8 x Love Hörnquist Åstrand 2003-11-07 23:19:30 +00:00
  • c066dfa9e4 spelling, partly from jmc <jmc@prioris.mini.pw.edu.pl> Love Hörnquist Åstrand 2003-11-07 23:18:02 +00:00
  • ce15bb75c3 x Love Hörnquist Åstrand 2003-11-07 23:14:07 +00:00
  • 9ecc605816 x Love Hörnquist Åstrand 2003-11-07 07:45:26 +00:00
  • 48a9c79e8f (copy_oid): copy all components Love Hörnquist Åstrand 2003-11-07 07:39:43 +00:00
  • 113cf794d6 x Love Hörnquist Åstrand 2003-11-06 01:34:19 +00:00
  • bb7c2ec23c checksum the header last in MIC token, update to -03 From: Luke Howard <lukeh@padl.com> Love Hörnquist Åstrand 2003-11-06 01:27:50 +00:00
  • 24bcc161e3 x Love Hörnquist Åstrand 2003-10-29 23:12:02 +00:00
  • c12de88181 x Johan Danielsson 2003-10-27 11:16:21 +00:00
  • 7448fcfe7c document capaths section Johan Danielsson 2003-10-27 11:14:55 +00:00
  • 5bfcbbf79b x Johan Danielsson 2003-10-22 18:48:54 +00:00
  • ed1bc5a928 make sure that the server realm and the krbtgt second component are identical; get rpath from the capaths section Johan Danielsson 2003-10-22 18:48:20 +00:00
  • 3cedc78b77 document recent changes Johan Danielsson 2003-10-22 18:45:56 +00:00
  • 1461770557 change logic for when to check transited policy to a tri-state model involving per principal flags (to be implemented) Johan Danielsson 2003-10-22 18:22:24 +00:00
  • 3ddd0c11e7 change enforce_transited_policy to a tri-state variable Johan Danielsson 2003-10-22 18:19:11 +00:00
  • da5f054d77 x Love Hörnquist Åstrand 2003-10-22 06:08:38 +00:00
  • 731fab1b47 (krb5_domain_x500_encode): always zero out encoding to make sure it have a defined value on failure Love Hörnquist Åstrand 2003-10-22 06:04:35 +00:00
  • 2e4e601571 x Love Hörnquist Åstrand 2003-10-21 23:08:50 +00:00
  • 4cd19e3fe3 (krb5_domain_x500_encode): if num_realms == 0, set encoding and return (avoids malloc(0)), check return value for malloc Love Hörnquist Åstrand 2003-10-21 23:06:50 +00:00
  • f052cd93b0 spelling, From: Tracy Di Marco White Love Hörnquist Åstrand 2003-10-21 21:34:32 +00:00
  • fbf5812618 x Johan Danielsson 2003-10-21 16:58:00 +00:00
  • fb3910cc5a (fix_transited_encoding): always print cross-realm information Johan Danielsson 2003-10-21 16:56:32 +00:00
  • ff498fb097 x Love Hörnquist Åstrand 2003-10-21 14:53:17 +00:00
  • d18d7cea84 (fix_transited_encoding): set transited type Love Hörnquist Åstrand 2003-10-21 14:53:02 +00:00
  • a49cebb033 fix capaths example Johan Danielsson 2003-10-21 13:32:45 +00:00
  • d3c94dd68e ize->ise Johan Danielsson 2003-10-21 13:27:48 +00:00
  • da0880581b [capaths] section Johan Danielsson 2003-10-21 11:59:16 +00:00
  • f56c8320eb x Johan Danielsson 2003-10-21 11:57:37 +00:00
  • 74f0967ff7 document enforce-transited-policy Johan Danielsson 2003-10-21 11:22:52 +00:00
  • 357e4592b9 always check transited policy if flag set either globally or on principal Johan Danielsson 2003-10-21 11:16:43 +00:00
  • 8505970b33 add flag to always check transited policy Johan Danielsson 2003-10-21 11:10:44 +00:00
  • cf7d2c2fb1 add flag to enforce transited policy Johan Danielsson 2003-10-21 11:09:59 +00:00
  • ca242c590b x Love Hörnquist Åstrand 2003-10-21 10:16:59 +00:00
  • b446b9833f (krb5_domain_x500_decode): set *num_realms to zero not num_realms Love Hörnquist Åstrand 2003-10-21 10:16:39 +00:00
  • d4a13c5877 x Love Hörnquist Åstrand 2003-10-21 08:04:13 +00:00
  • 378fc043da add --no-transit-check Love Hörnquist Åstrand 2003-10-21 08:03:36 +00:00
  • ef9f43076b x Love Hörnquist Åstrand 2003-10-21 06:24:58 +00:00
  • 1193f2ca59 describe Transit policy Love Hörnquist Åstrand 2003-10-21 06:21:03 +00:00
  • ae0a37f393 x Johan Danielsson 2003-10-20 16:45:38 +00:00
  • 5d138af639 (fix_transited_encoding): also verify with policy, unless asked not to Johan Danielsson 2003-10-20 16:45:28 +00:00
  • 88e4f61f85 (krb5_decrypt_ticket): try to verify transited realms, unless the transited-policy-checked flag is set Johan Danielsson 2003-10-20 16:43:30 +00:00
  • df034198d5 (krb5_domain_x500_decode): handle zero length tr data; (krb5_check_transited): new function that does more useful stuff Johan Danielsson 2003-10-20 16:41:27 +00:00
  • e7a40f2d44 get capath info from [capaths] section Johan Danielsson 2003-10-20 16:40:14 +00:00
  • 7bfff16231 krb5_princ_realm -> krb5_principal_get_realm Johan Danielsson 2003-10-20 16:38:53 +00:00
  • 744bd74233 krb5_princ_realm -> krb5_principal_get_realm Johan Danielsson 2003-10-20 16:14:02 +00:00
  • beba4ef8f9 x Johan Danielsson 2003-10-16 09:06:54 +00:00
  • 8ad04cfa43 Sleep forever waiting for lock. Previous method doesn't work well with a large number of clients accessing the cache at the same time, and there is no simple way to add a timeout to the lock. Johan Danielsson 2003-10-16 09:06:39 +00:00
  • 76e1e376c4 count IP v4/v6 requests now that my kdc supports v6 Love Hörnquist Åstrand 2003-10-14 15:25:34 +00:00
  • 175541b3c3 x Johan Danielsson 2003-10-14 12:32:54 +00:00
  • 3a36f7c6db mkstemp formats must end in exactly six X's Johan Danielsson 2003-10-14 12:32:39 +00:00
  • aa2d4b02ae get branch from CVS/Tag Johan Danielsson 2003-10-14 12:08:10 +00:00
  • 9c33463fd1 handle requests to forward non-forwardable ticket and HTTP requests Love Hörnquist Åstrand 2003-10-14 11:21:43 +00:00
  • dfbc07b034 instead of the cryptic "Request:" use "HTTP request:" Love Hörnquist Åstrand 2003-10-14 11:02:33 +00:00
  • 2ded4d8b29 x Love Hörnquist Åstrand 2003-10-13 14:21:14 +00:00
  • 29fbd6bdbd old pk-cross foo Johan Danielsson 2003-10-13 14:20:33 +00:00
  • 2aaa9a193e x Love Hörnquist Åstrand 2003-10-13 13:33:52 +00:00
  • 002f25a217 print the error value krb5_init_context failed with Love Hörnquist Åstrand 2003-10-13 13:33:40 +00:00
  • 45f0c7d705 x Love Hörnquist Åstrand 2003-10-13 13:21:16 +00:00
  • c5bd98ca49 (krb5_config_parse_file_debug): punt if there is binding before a section declaration. Bug found by Arkadiusz Miskiewicz <arekm@pld-linux.org> Love Hörnquist Åstrand 2003-10-13 13:20:46 +00:00
  • 3d11618b33 move automake options to configure.in, and depend on automake 1.7 Johan Danielsson 2003-10-13 13:14:48 +00:00
  • 2ba1b2759a x Johan Danielsson 2003-10-13 13:03:17 +00:00
  • 41d0b9d1bd (erase_file): revert a change in previous; if the ccache is a symlink, kdestroy should remove it Johan Danielsson 2003-10-13 13:03:12 +00:00
  • dcc546f00e x Johan Danielsson 2003-10-13 12:21:38 +00:00
  • 14bfec3d54 implement locking Johan Danielsson 2003-10-13 12:21:15 +00:00
  • 0cad850aac (print_tickets): bail out if krb5_cc_next_cred returns error other than KRB5_CC_END Johan Danielsson 2003-10-12 15:57:42 +00:00
  • a5cffb7aa7 x Johan Danielsson 2003-10-10 15:52:30 +00:00
  • 0ea5fcd9db (pop_init): change call to authentication function, from a ?: construct (which toubles some versions of gcc) to if; from Björn Grönvall Johan Danielsson 2003-10-10 15:52:18 +00:00
  • da037fa13e x Love Hörnquist Åstrand 2003-10-10 01:10:01 +00:00
  • d804698297 test program for verifying password quality function Love Hörnquist Åstrand 2003-10-10 01:09:10 +00:00
  • 56b5ee6031 x Love Hörnquist Åstrand 2003-10-07 07:49:03 +00:00
  • 0c7a5a4563 add some help function that is common between ENC_TS and SAM2 free the etype{,2}-infos on failure move the pa counter into krb5_get_init_creds_ctx Love Hörnquist Åstrand 2003-10-07 07:48:51 +00:00
  • e31cf630fd x Love Hörnquist Åstrand 2003-10-07 04:09:43 +00:00
  • 535b4f1e94 If its a MEMORY cc, make a copy. We need to do this since now gss_release_cred will destroy the cred. This should be really be solved a better way. Love Hörnquist Åstrand 2003-10-07 04:08:57 +00:00
  • 9b8678e016 x Love Hörnquist Åstrand 2003-10-07 01:02:14 +00:00
  • ced74c3564 (gss_release_cred): if its a mcc, destroy it rather the just release it Found by: "Zi-Bin Yang" <zbyang@decru.com> Love Hörnquist Åstrand 2003-10-07 00:51:46 +00:00
  • 7c51fd6e95 (acquire_initiator_cred): use kret instead of ret where appropriate Love Hörnquist Åstrand 2003-10-07 00:37:04 +00:00
  • d4baa1906c spelling Love Hörnquist Åstrand 2003-10-06 21:02:15 +00:00
  • ed4fb3aa84 x Love Hörnquist Åstrand 2003-10-06 20:47:15 +00:00
  • 0da0d41d6a (do_getticket): if times data is shorter then 8 byte, request is mailformed. Love Hörnquist Åstrand 2003-10-06 20:39:28 +00:00
  • 4ba454b93f (do_authenticate): if request length is less then 8, its a bad request and fail. Pointed out by Marco Foglia <marco@foglia.org> Love Hörnquist Åstrand 2003-10-06 20:22:07 +00:00
  • 911c773668 add flag --warn-mit-syntax that warns for mit syntax is used and just ignore the mit syntax when its used Love Hörnquist Åstrand 2003-10-06 19:27:35 +00:00