oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • 30bf21401c gss: fix copy/paste error in gss_destroy_cred() Luke Howard 2020-04-11 10:02:09 +10:00
  • 7055365f47 Expand tokens in gss cred store "ccache" value Nicolas Williams 2020-03-18 13:37:13 -05:00
  • 31a73c3c27 List FILE collection even when KRB5CCNAME is a sub Nicolas Williams 2020-03-18 00:43:01 -05:00
  • cc6a3f337b hcrypto: Fix Makefile build race Nicolas Williams 2020-03-17 19:46:37 -05:00
  • 8f3b5e0862 krb5: Use sqlite3_close(), not v2 Nicolas Williams 2020-03-17 19:45:51 -05:00
  • a8874a62bb krb5: Fix kinit harder Nicolas Williams 2020-03-13 21:36:00 -05:00
  • 4c736cbeec krb5: Allow rename of empty FILE ccaches Nicolas Williams 2020-03-14 11:25:46 -05:00
  • d725f28384 gss: Sometimes set KRB5CCNAME when not overwriting Nicolas Williams 2020-03-13 18:43:00 -05:00
  • 93d638a486 gss: Fix default cache preference Nicolas Williams 2020-03-13 18:14:17 -05:00
  • 327d7e7b43 Fix Appveyor Windows build Nicolas Williams 2020-03-12 22:58:13 -05:00
  • 312f353b98 gss: Prefer the default ccache when user_realm Nicolas Williams 2020-03-12 17:58:53 -05:00
  • 02db43a1ae kinit: Prefer the default ccache when user_realm Nicolas Williams 2020-03-12 17:57:16 -05:00
  • 7dae771eef kinit: Add --cache-default-for flag (fix check-cc) Nicolas Williams 2020-03-12 11:46:47 -05:00
  • 64d5f86ec3 Fix warnings (some bugs, some spurious) Nicolas Williams 2020-03-12 00:42:33 -05:00
  • f3e6c4ffd4 krb5: Make FILE ccache type a collection type! Nicolas Williams 2020-03-11 13:42:30 -05:00
  • f70ccfa967 krb5: Restore FILE as the default ccache type Nicolas Williams 2020-03-11 13:42:03 -05:00
  • 3a1f700cef gsskrb5: Add unique ccache k/v for cred store Nicolas Williams 2020-03-11 13:40:35 -05:00
  • bc5070d36f krb5: Add krb5_set_config() for test_cc Nicolas Williams 2020-03-11 13:40:02 -05:00
  • 86bb80d7cf Revert cccol changes to kinit Nicolas Williams 2020-03-12 10:57:25 -05:00
  • 713aa7961a kdc: kx509.c fix build failures Jeffrey Altman 2020-03-08 10:28:37 -04:00
  • bcb5ed28fb kdc/kx509.c: clean up krb5_get_error_message strings used for mk_error_resp Daria Phoebe Brashear 2020-01-10 13:12:57 -05:00
  • c295233648 lib/base log_file should free filename in all cases Daria Phoebe Brashear 2020-03-05 18:58:41 -05:00
  • 59d132f825 hdb: don't use lock_file name after free in open_lock_file Daria Phoebe Brashear 2020-01-12 23:53:02 -05:00
  • efba1c21e9 lib/kadm5 kadm5_c_randkey_principal allow keyblock cleanup on error Daria Phoebe Brashear 2020-01-10 13:08:43 -05:00
  • c2a7041402 krb5_mk_ncred: clean enc_krb_cred_part before use Daria Phoebe Brashear 2020-01-10 12:58:09 -05:00
  • bfcc7a90ed kdc kx509: avoid double free of cprinc and s in check_authz Daria Phoebe Brashear 2020-01-10 12:51:20 -05:00
  • c6b891556e krb5: Init mutex of anon MEMORY ccaches Nicolas Williams 2020-03-04 14:11:42 -06:00
  • 7bf4d76e75 krb5: Improve cccol sub naming; add gss_store_cred_into2() Nicolas Williams 2020-01-22 19:18:14 -06:00
  • a7359d6898 roken: Add mkdtemp() Nicolas Williams 2020-01-24 00:24:52 -06:00
  • 77619f245d roken: Add base32 Nicolas Williams 2020-01-13 19:46:13 -06:00
  • 5ab1a2b7a6 appveyor: Minor improvements for debugging Nicolas Williams 2020-03-02 10:52:39 -06:00
  • 3c0f59b658 hdb: Fix memory leak in hdb_generate_key_set() Nicolas Williams 2020-02-29 21:32:26 -06:00
  • ea90ca8666 Move some infra bits of lib/krb5/ to lib/base/ (2) Nicolas Williams 2020-02-24 18:50:01 -06:00
  • b2823cbd74 Move some infra bits of lib/krb5/ to lib/base/ (1) Nicolas Williams 2020-02-25 23:25:51 -06:00
  • e8de24f236 gss: initialize mech output parameters in mechglue Luke Howard 2020-03-02 17:10:11 +11:00
  • 41cb135b30 gss: plug leak in test_negoex_mech Luke Howard 2020-03-02 17:15:33 +11:00
  • aaf4cf89a5 gss: initialize output params in test_negoex_mech Luke Howard 2020-03-02 17:08:31 +11:00
  • 839b073fac tgs-req: strip forwardable and proxiable if the server is disallowed Isaac Boukris 2020-01-18 14:47:02 +01:00
  • 921d528d8b gss: add mechanism-force-mechListMIC hook to SPNEGO Luke Howard 2020-02-04 16:39:34 +11:00
  • 5d1a33f780 gss: don't explicitly reorder krb5 to front of spnego Luke Howard 2019-12-29 20:45:03 +11:00
  • 161f846d76 gss: harmonize negState with RFC 4178 Luke Howard 2020-01-14 13:06:51 +11:00
  • 3e69aacbe2 gss: harmonize SPNEGO with [MS-SPNG] Luke Howard 2020-01-01 11:25:16 +11:00
  • 044c1c6b63 gss: don't generate mechListMIC in SPNEGO if it is safe to omit it Luke Howard 2020-01-01 22:32:46 +11:00
  • 4fb6a6adc9 gss: port NegoEx implementation from MIT Luke Howard 2019-12-30 13:34:10 +11:00
  • ae5c60286a gss: remove SPNEGO name wrappers Luke Howard 2020-01-02 16:30:42 +11:00
  • e80248ed36 gss: add some missing GM_USE_MG_CRED checks Luke Howard 2019-12-28 16:35:04 +11:00
  • 340cc3f092 gss: make krb5 default GSS mech earlier in path Luke Howard 2019-12-27 00:15:13 +11:00
  • e69c2a8111 gss: expose gss_destroy_cred() Luke Howard 2019-12-29 00:15:49 +11:00
  • 8478dd1c88 gss: merge Apple name helper APIs Luke Howard 2019-12-28 16:34:35 +11:00
  • 6af3ea9099 gss: merge enhanced Apple mechglue logging Luke Howard 2019-12-28 16:45:47 +11:00
  • 31af9ba703 gss: use tail queue instead of singly linked list in mechglue Luke Howard 2019-12-28 16:30:55 +11:00
  • d7138cfbe7 base: make heimqueue.h a shared header Luke Howard 2019-12-26 21:41:29 +11:00
  • 64d5d138a9 gss: mechanism optional interfaces Luke Howard 2019-12-29 00:17:26 +11:00
  • 920cfc5584 gss: use _gss_ntlm_set_keys() in gss_init_sec_context() Luke Howard 2019-12-27 23:11:00 +11:00
  • c510e6d474 gss: don't provide domain to nsi_probe() in NTLM Luke Howard 2019-12-27 20:47:24 +11:00
  • bf14eb29df gss: NTLM nsi_probe returns a krb5, not gss error Luke Howard 2019-12-27 20:31:45 +11:00
  • fd572363a5 gss: register GSS_KRB5_S error table Luke Howard 2019-12-29 17:44:26 +11:00
  • 7b8fa4758c Windows: Fix type cast warning. Rod Widdowson 2020-01-29 10:31:15 +00:00
  • cc7610b77c Update README.md Jeffrey Altman 2020-01-10 15:00:16 -05:00
  • 1cbbca8dcf bx509: Add /, /health for load balancer checking Nicolas Williams 2020-01-10 11:39:56 -06:00
  • e7ad9da3cc bx509: Do not clobber library error info Nicolas Williams 2020-01-10 11:34:33 -06:00
  • 62c0261cff kdc: add test_token_validator -a option Nicolas Williams 2020-01-10 11:32:59 -06:00
  • 8430acfe95 kdc: implement test_kdc_ca -a option Nicolas Williams 2020-01-10 11:30:56 -06:00
  • 8ef971786b bx509: Fix CSR authorizer IPC plugin bug Nicolas Williams 2020-01-10 11:29:21 -06:00
  • 2b92d938ae Add bx509d.8 man page Nicolas Williams 2020-01-03 00:12:43 -06:00
  • 027941b858 Document Heimdal's PKIX, kx509, bx509 Nicolas Williams 2020-01-01 13:43:10 -06:00
  • 8fd3cc84eb kdc: link test_token_validator against libgssapi Luke Howard 2020-01-01 19:15:59 +11:00
  • 1a3716a132 krb5: Do not write start_realm ccconfig twice Nicolas Williams 2019-12-30 20:45:40 -06:00
  • d2542d8261 bx509: Make test work with older curl versions Nicolas Williams 2019-12-26 16:37:28 -06:00
  • 1482309565 iprop: Use test port for testing Nicolas Williams 2019-12-20 16:52:00 -06:00
  • bc9054d4b5 hx509: Better handle OpenSSL diffs in test_req Nicolas Williams 2019-12-20 16:14:00 -06:00
  • a79714da93 kdc: Fix build race Nicolas Williams 2019-12-20 16:05:03 -06:00
  • 4d96132cef bx509: Tolerate older microhttpd versions Nicolas Williams 2019-12-20 15:59:21 -06:00
  • 9a41785682 bx509: Fix cjwt_token_validator build Nicolas Williams 2019-12-20 15:58:44 -06:00
  • ee0a288f92 bx509: Work around microhttpd bug Nicolas Williams 2019-12-20 15:54:27 -06:00
  • 73a9c95b7b hx509: Avoid double-free on CSR parse error Nicolas Williams 2019-12-20 15:50:22 -06:00
  • 5c7a8f63c7 Fix Windows build Nicolas Williams 2019-12-11 19:41:22 -06:00
  • 1d5062b167 kdc: Modernize kx509 logging too Nicolas Williams 2019-12-11 11:44:26 -06:00
  • 608c2876d4 kdc: Fix audit_addkv() typos and reason handling Nicolas Williams 2019-12-10 21:17:23 -06:00
  • 9063d92dbb krb5: Fix fcc_open() leak on double-init, and msg Nicolas Williams 2019-12-10 20:55:48 -06:00
  • 18df68d6e9 bx509: Add proper logging Nicolas Williams 2019-12-10 17:24:09 -06:00
  • 58848fce7b kdc: Add missing exports Nicolas Williams 2019-12-10 17:23:46 -06:00
  • 5c25450e50 Revert docs changes for bx509 for now Nicolas Williams 2019-12-10 14:10:53 -06:00
  • 77b480d2a0 CVE-2019-14870: Validate client attributes in protocol-transition Isaac Boukris 2019-11-07 00:05:05 +01:00
  • 013210d1eb CVE-2019-14870: Apply forwardable policy in protocol-transition Isaac Boukris 2019-11-05 02:37:30 +01:00
  • 51415eaaae CVE-2019-14870: Always lookup impersonate client in DB Isaac Boukris 2019-11-05 02:35:35 +01:00
  • 733140553a kdc: Fix leaks Nicolas Williams 2019-12-09 21:39:30 -06:00
  • d1a2652090 bx509: CSRF protection for /bnegotiate Nicolas Williams 2019-12-05 19:52:47 -06:00
  • 0a0a27ccec kdc: bx509: Do not vend issuer private keys Nicolas Williams 2019-12-06 17:34:04 -06:00
  • e515745996 hx509: private key exclusion options Nicolas Williams 2019-12-06 17:11:01 -06:00
  • 3c0d1258ce hx509: Fix unauthorized feature accounting Nicolas Williams 2019-12-09 18:09:58 -06:00
  • d021710efc gss: Fix leak in gss_add_cred_from() Nicolas Williams 2019-12-06 22:05:21 -06:00
  • 7102f2be9e krb5: Fix leak in PKINIT client Nicolas Williams 2019-12-06 22:05:02 -06:00
  • 90a59a064b krb5: Fix fcc_open() FD leak Nicolas Williams 2019-12-06 23:06:57 -06:00
  • d4a319d57d gss: fix gss-token accept bug Nicolas Williams 2019-12-06 17:09:15 -06:00
  • dd762e53d1 kadmin: Improve ext_keytab usage Nicolas Williams 2019-12-06 18:31:45 -06:00
  • a17a6bcc54 hcrypto: support BCRYPT_HASH_REUSABLE_FLAG Luke Howard 2019-11-13 15:56:55 +11:00
  • 3daef8a5fd roken: Windows version support helpers Luke Howard 2019-11-13 15:56:22 +11:00
  • 61452235ad bx509: do not test bx509d if not built Nicolas Williams 2019-12-05 17:37:19 -06:00
  • b5c158d9f7 Fix tests/can and tests/kdc Nicolas Williams 2019-12-05 17:22:47 -06:00