oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • 621c68abea Improve krb5_cc_remove_cred() test Nicolas Williams 2019-09-09 19:28:44 -05:00
  • e163bfd81b Make ccache init atomic Nicolas Williams 2019-09-06 18:15:20 -05:00
  • ec84667763 Fix krb5_cc_move() issues Nicolas Williams 2019-09-09 19:19:53 -05:00
  • cf16e60f3b Fix off by one in KEYRING krcc_remove_cred() Nicolas Williams 2019-09-09 19:19:18 -05:00
  • 96d1e80bda roken: add mkostemp() Nicolas Williams 2019-09-06 16:40:55 -05:00
  • f31cdc30b2 roken: add rk_memmem() Nicolas Williams 2019-08-11 17:13:11 -05:00
  • d3ef0ee743 kdc: fix leaks Nicolas Williams 2019-07-05 16:59:40 -05:00
  • 75b5c94a62 kdc: fix invalid free at exit time Nicolas Williams 2019-07-05 13:02:45 -05:00
  • 5e270a8914 Fix missing error checking in lib/krb5/pkinit.c Nicolas Williams 2019-07-04 23:40:52 -05:00
  • 44677c01ae hxtool print: fix output device bugs Nicolas Williams 2019-07-05 20:37:17 -05:00
  • 63ccdca137 hx509: _hx509_certs_keys_free() should not require gate Nicolas Williams 2019-08-05 11:29:27 -05:00
  • d13f89cb11 hx509: expose hx509_request_parse*() Nicolas Williams 2019-07-15 23:11:12 -05:00
  • 87eb05df6a hx509: always verify CSR signature Nicolas Williams 2019-07-15 01:55:33 -05:00
  • f2776ce841 hx509: make hx509_get_error_string(NULL, ...) work Nicolas Williams 2019-07-12 13:38:22 -05:00
  • eaebb892b8 hx509: hx509_context_free(&null_var) should work Nicolas Williams 2019-07-12 13:37:26 -05:00
  • 41fcafd20c hx509: add hx509_certs_destroy() Nicolas Williams 2019-07-11 21:31:41 -05:00
  • e4b35ba13f hx509: create files with safe mode_t Nicolas Williams 2019-07-04 20:13:27 -05:00
  • 5a0d85e423 hx509: Add PKCS#8 private key format option Nicolas Williams 2019-07-04 17:57:18 -05:00
  • 63116100a8 hx509: do not crash on missing FILE: name Nicolas Williams 2019-07-03 20:09:13 -05:00
  • cc8a5c59a8 hxtool: add generate-key command Nicolas Williams 2019-07-01 22:46:12 -05:00
  • 049d817c66 Fix hx509_ca_tbs_free() segfault Nicolas Williams 2019-06-30 19:49:11 -05:00
  • a2db5caebf Add note about racy tests Nicolas Williams 2019-06-26 22:55:46 -05:00
  • 859c587dc2 Add more hxtool EKU options, and KeyUsage too Nicolas Williams 2019-06-23 14:31:13 -05:00
  • 005ba36b83 hxtool request-create: fix --key argument handling Nicolas Williams 2019-06-22 17:57:28 -05:00
  • 252487dfe4 hx509: support reading private keys from PEM files Nicolas Williams 2019-07-01 21:38:27 -05:00
  • 8d232aa87d hx509: export hx509_parse_private_key (Windows) Nicolas Williams 2019-07-11 21:31:17 -05:00
  • 1ee136ce40 autoconf: look for unlinkat() Nicolas Williams 2019-08-16 17:21:57 -05:00
  • 34728ce79e rk_base64_encode(): set errno in all error cases Nicolas Williams 2019-08-12 17:55:40 -05:00
  • 1ae941af9b roken_detach_prep() should return fd Nicolas Williams 2019-08-14 17:37:31 -05:00
  • 5859bc3bdf kadmin: add --hdb / -H argument Nicolas Williams 2019-08-21 14:35:30 -05:00
  • 338d47120b Fix Appveyor Windows build Nicolas Williams 2019-10-03 13:01:44 -05:00
  • 989422e0fc Install kuserok-plugin.h and update docs Viktor Dukhovni 2019-09-26 20:18:00 -04:00
  • c9b5a4df90 Use roken_get_loginname() when we want getlogin_r() Nicolas Williams 2019-09-25 17:58:37 -05:00
  • d02277b45f List token expansions in krb5.conf.5 Nicolas Williams 2019-09-25 17:54:36 -05:00
  • 0fdda02b61 Add loginname, ruid, and LOCALSTATEDIR expansions Nicolas Williams 2019-09-25 17:50:46 -05:00
  • 141289f14b roken: add roken_get_loginname() Nicolas Williams 2019-09-25 17:49:56 -05:00
  • 366b787917 We provide a "derived key" mechanism to allow wildcard princs Roland C. Dowdeswell 2019-06-12 18:33:10 +01:00
  • d6337ebdce Export krb5_crypto_prfplus() from libkrb5 Roland C. Dowdeswell 2019-06-12 18:32:53 +01:00
  • 20557e2255 Don't send diffs to slaves with not yet know version Viktor Dukhovni 2019-09-16 18:17:09 -04:00
  • 7680c92047 Don't stutter in send_diffs Viktor Dukhovni 2019-09-14 22:30:52 -04:00
  • 2709f28a1b Make gss_store_cred*() work Nicolas Williams 2019-07-25 20:18:22 -05:00
  • fae8df3839 Optional backwards-compatible anon-pkinit behaviour Viktor Dukhovni 2019-07-14 23:02:57 -04:00
  • f40d393c83 tests/kdc/check-authz still fails Nicolas Williams 2019-07-09 15:46:14 -05:00
  • 4edcbd6597 Fix Travis after_failure Nicolas Williams 2019-07-09 15:45:22 -05:00
  • 9c51900238 Declare kdc log functions to be printf-like Nicolas Williams 2019-06-24 11:45:22 -05:00
  • 7fc90ce1c8 Remove references to Kerberos v4 from kdc/kdc.8 Nicolas Williams 2019-07-06 14:40:22 -05:00
  • 32bc4083c4 libhx509: export some missing symbols Nicolas Williams 2019-06-18 11:14:35 -05:00
  • dd226b6f9a Token "username" should be multi-platform Nicolas Williams 2019-06-22 17:55:37 -05:00
  • 8bc5d5af10 hcrypto: fix off-by-one set-bit counting Nicolas Williams 2019-07-05 13:02:24 -05:00
  • 51aed5d820 krb5_data_copy() should use memcpy() Nicolas Williams 2019-07-05 15:30:27 -05:00
  • 889617883d Make note in test_cc of how to keyctl new_session Nicolas Williams 2019-06-22 23:57:11 -05:00
  • 1af64c5de5 Do not use real $HOME in tests/kdc/check-authz Nicolas Williams 2019-07-09 12:26:04 -05:00
  • f2bd714e69 Fix build for out-of-source objdir Roland C. Dowdeswell 2019-06-21 15:12:22 +01:00
  • 9aa573c9ce kdc: no error if req is fwdable on non-fwdable princ Roland C. Dowdeswell 2019-06-21 14:02:22 +01:00
  • fcd57af8e1 Implement KRB5_TRACE using existing logging framework Roland C. Dowdeswell 2019-06-11 21:02:05 +01:00
  • 15ae5f06a9 Update SECURITY.md Jeffrey Altman 2019-06-09 13:29:07 -04:00
  • 4a4971a496 Create SECURITY.md Jeffrey Altman 2019-06-07 22:55:32 -04:00
  • 7d8a72dbe6 .gitignore Jeffrey Altman 2019-06-07 22:12:54 -04:00
  • 4519757881 .gitignore Jeffrey Altman 2019-06-07 22:09:59 -04:00
  • 4921975b62 Create GitHub issue templates Jeffrey Altman 2019-06-07 22:08:39 -04:00
  • 63b3f4cb37 Create CODE_OF_CONDUCT.md Jeffrey Altman 2019-06-07 22:03:05 -04:00
  • 4331f4c7d4 kdc: history of request_anonymous vs cname-in-addl-tkt confusion Jeffrey Altman 2019-06-03 10:07:41 -04:00
  • cdd0b70d37 kdc: don't misidentify constrained delegation requests as anonymous Luke Howard 2019-06-03 14:36:36 +10:00
  • 27c6cf7a9f kdc: refactor anonymous checks in KDC Luke Howard 2019-06-03 12:33:28 +10:00
  • 7381a280c8 kdc: check for cname-in-addl-tkt flag in constrained delegation Luke Howard 2019-06-03 11:55:54 +10:00
  • cf940e15f4 krb5: rename constrained-delegatiom to cname-in-addl-tkt Luke Howard 2019-06-02 14:44:11 +10:00
  • ea7615ade3 Do not set anonymous flag in S4U2Proxy request Isaac Boukris 2019-06-01 13:38:04 +00:00
  • 290d7e75f2 Fixes #536 - Note that this can cause unexpected behavior with certain backends Quanah Gibson-Mount 2019-05-31 00:05:56 +00:00
  • 9de4da0dcc Fixes #532 - Note that all does not include get-keys Quanah Gibson-Mount 2019-05-31 00:00:31 +00:00
  • 68f74fbaf1 Fixes #550 - Note that encrypt is the default option Quanah Gibson-Mount 2019-05-30 23:56:03 +00:00
  • 4371af9e75 Fixes issue#535 - verify-password-quality Quanah Gibson-Mount 2019-05-30 23:51:37 +00:00
  • dc46b1f82d solaris: Define _STDC_C11_BCI for memset_s prototype Jeffrey Altman 2019-05-23 19:00:30 -04:00
  • e143639400 Windows: Windows CRT doesn't support %k as format for strftime Rod Widdowson 2019-03-25 13:01:51 +00:00
  • eacfcd5ce1 kuser: use anon_pkinit_realm instead of anon-pkinit-realm Luke Howard 2019-05-22 14:42:55 +10:00
  • 3138c1836c kuser: plug leak in kinit anonymous PKINIT renew Luke Howard 2019-05-22 14:04:22 +10:00
  • b276d139ef lib/krb5: add plugin headers to Makefiles Jeffrey Altman 2019-02-07 11:04:36 -05:00
  • 434b34d71c lib/krb5: prevent build failures of krb5_plugin_common on Windows Jeffrey Altman 2019-02-07 23:04:16 -05:00
  • ac6fa4cadc lib/krb5: prepare to make common plugins public Jeffrey Altman 2019-02-07 10:45:53 -05:00
  • df78c88cc0 lib/krb5: common_plugin_ftable_desc funcs KRB5_LIB_CALL Jeffrey Altman 2019-02-07 09:46:07 -05:00
  • 32fe791c2e lib/krb5: common plugin only fallback if load_fn() fails Jeffrey Altman 2019-02-08 15:08:12 -05:00
  • cc2070dbc8 lib/krb5: fix krb5_get_instance_func_t prototype Jeffrey Altman 2019-02-07 23:03:24 -05:00
  • 22cf04fdaf lib/krb5: krb5.h missing KRB5_LIB_CALL definition Jeffrey Altman 2019-02-07 23:02:03 -05:00
  • d89b5cb966 kuser: allow kinit to renew anonymous PKINIT tickets Luke Howard 2019-05-21 15:18:16 +10:00
  • a7bb4504f2 klist: display all known flags when listing tickets Luke Howard 2019-05-09 16:15:08 +10:00
  • fd209c5dca krb5: set PKINIT_BTMM flag per Apple implementation Luke Howard 2019-05-07 13:54:10 +10:00
  • 8350f34a05 krb5: don't require krbtgt otherName match for Win2K Luke Howard 2019-05-15 10:44:55 +10:00
  • c634146b14 kdc: use actual client princ for KRB5SignedPath Luke Howard 2019-05-06 17:45:09 +10:00
  • b7fe0fb85a kdc: allow checksum of PA-FOR-USER to be HMAC_MD5 Isaac Boukris 2018-11-12 20:08:06 +02:00
  • 014e318d6b krb5: check KDC supports anonymous if requested Luke Howard 2019-05-18 13:55:36 +10:00
  • 5c70e5015e hcrypto-pkcs11: check mechanism flags Luke Howard 2019-05-18 14:16:37 +10:00
  • dc791c8fcf krb5: remove duplicate KRB5_ANON_MATCH_xxx defines Luke Howard 2019-05-18 13:57:43 +10:00
  • a1276c54aa krb5_sendto_kdc: Windows no KDC reachable error Jeffrey Altman 2019-05-16 09:27:42 -04:00
  • bdcd7d2f3d krb5_principal_is_anonymous Jeffrey Altman 2019-05-15 04:02:47 -04:00
  • c3e2c048c3 tests: generate test_template_asn1-template.c for testing Daria Phoebe Brashear 2019-05-15 13:25:11 -04:00
  • 38c797e1ae krb5: always confirm PA-PKINIT-KX for anon PKINIT Luke Howard 2019-05-07 13:15:15 +10:00
  • c6257cc2c8 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum Isaac Boukris 2019-05-14 09:03:18 -04:00
  • 8740528b24 Windows-compatible sentinel socket type and value Viktor Dukhovni 2019-05-14 15:33:36 -04:00
  • d497d7e4a7 krb5_sendto_kdc: failover for multiple AAAA/A RRs on one domain Roland C. Dowdeswell 2019-05-10 19:13:26 +01:00
  • 5ca229e0d9 krb5: krb5_get_init_creds_opt_set_pkinit flag names Luke Howard 2019-05-06 11:29:04 +10:00
  • bcc90f1b87 krb5: _krb5_principal_is_anonymous() helper API Luke Howard 2019-05-04 16:10:13 +10:00