oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • 9a41785682 bx509: Fix cjwt_token_validator build Nicolas Williams 2019-12-20 15:58:44 -06:00
  • ee0a288f92 bx509: Work around microhttpd bug Nicolas Williams 2019-12-20 15:54:27 -06:00
  • 73a9c95b7b hx509: Avoid double-free on CSR parse error Nicolas Williams 2019-12-20 15:50:22 -06:00
  • 5c7a8f63c7 Fix Windows build Nicolas Williams 2019-12-11 19:41:22 -06:00
  • 1d5062b167 kdc: Modernize kx509 logging too Nicolas Williams 2019-12-11 11:44:26 -06:00
  • 608c2876d4 kdc: Fix audit_addkv() typos and reason handling Nicolas Williams 2019-12-10 21:17:23 -06:00
  • 9063d92dbb krb5: Fix fcc_open() leak on double-init, and msg Nicolas Williams 2019-12-10 20:55:48 -06:00
  • 18df68d6e9 bx509: Add proper logging Nicolas Williams 2019-12-10 17:24:09 -06:00
  • 58848fce7b kdc: Add missing exports Nicolas Williams 2019-12-10 17:23:46 -06:00
  • 5c25450e50 Revert docs changes for bx509 for now Nicolas Williams 2019-12-10 14:10:53 -06:00
  • 77b480d2a0 CVE-2019-14870: Validate client attributes in protocol-transition Isaac Boukris 2019-11-07 00:05:05 +01:00
  • 013210d1eb CVE-2019-14870: Apply forwardable policy in protocol-transition Isaac Boukris 2019-11-05 02:37:30 +01:00
  • 51415eaaae CVE-2019-14870: Always lookup impersonate client in DB Isaac Boukris 2019-11-05 02:35:35 +01:00
  • 733140553a kdc: Fix leaks Nicolas Williams 2019-12-09 21:39:30 -06:00
  • d1a2652090 bx509: CSRF protection for /bnegotiate Nicolas Williams 2019-12-05 19:52:47 -06:00
  • 0a0a27ccec kdc: bx509: Do not vend issuer private keys Nicolas Williams 2019-12-06 17:34:04 -06:00
  • e515745996 hx509: private key exclusion options Nicolas Williams 2019-12-06 17:11:01 -06:00
  • 3c0d1258ce hx509: Fix unauthorized feature accounting Nicolas Williams 2019-12-09 18:09:58 -06:00
  • d021710efc gss: Fix leak in gss_add_cred_from() Nicolas Williams 2019-12-06 22:05:21 -06:00
  • 7102f2be9e krb5: Fix leak in PKINIT client Nicolas Williams 2019-12-06 22:05:02 -06:00
  • 90a59a064b krb5: Fix fcc_open() FD leak Nicolas Williams 2019-12-06 23:06:57 -06:00
  • d4a319d57d gss: fix gss-token accept bug Nicolas Williams 2019-12-06 17:09:15 -06:00
  • dd762e53d1 kadmin: Improve ext_keytab usage Nicolas Williams 2019-12-06 18:31:45 -06:00
  • a17a6bcc54 hcrypto: support BCRYPT_HASH_REUSABLE_FLAG Luke Howard 2019-11-13 15:56:55 +11:00
  • 3daef8a5fd roken: Windows version support helpers Luke Howard 2019-11-13 15:56:22 +11:00
  • 61452235ad bx509: do not test bx509d if not built Nicolas Williams 2019-12-05 17:37:19 -06:00
  • b5c158d9f7 Fix tests/can and tests/kdc Nicolas Williams 2019-12-05 17:22:47 -06:00
  • 52b8fae5e0 Fix Travis build moar Nicolas Williams 2019-12-05 15:34:09 -06:00
  • 6acb2e3f36 kdc: Fix JWK key rotation danger Nicolas Williams 2019-12-05 11:26:36 -06:00
  • bdff7835a2 kdc: Fix warnings: fix _kdc_audit_addkv() usage Nicolas Williams 2019-12-05 11:26:11 -06:00
  • 2d1454c686 Fix Travis build Nicolas Williams 2019-12-04 23:12:04 -06:00
  • 001e312ba5 Make krb5_cc_close(ctx, NULL) stop SEGV'ing. Roland C. Dowdeswell 2019-11-21 22:29:21 +00:00
  • 05e8517542 kdc/fast.c: fix leak in unusual error path. Roland C. Dowdeswell 2019-11-21 20:16:32 +00:00
  • 430e18c074 kdc/process.c: add tracing messages. Roland C. Dowdeswell 2019-11-21 15:33:49 +00:00
  • c76e30e90c Document that log level 7 is for tracing. Roland C. Dowdeswell 2019-11-21 15:27:09 +00:00
  • 6db323157f Reduce older log messages to level 4 and collect some errors. Roland C. Dowdeswell 2019-11-18 22:49:22 +00:00
  • 7d353d0557 Generate a single summary audit line for AS/TGS. Roland C. Dowdeswell 2019-11-18 21:34:35 +00:00
  • fb9a78223c We stop strnvisx(3)ing logs to FILE: by default. Roland C. Dowdeswell 2019-11-18 21:26:09 +00:00
  • 575c67806b Add bx509d Nicolas Williams 2019-10-09 20:18:01 -05:00
  • 4d4c7078cd kx509: Add desired_life to Kx509CSRPlus Nicolas Williams 2019-10-27 16:22:24 -05:00
  • a7a1d798c3 hx509: keep track of authorized CSR features Nicolas Williams 2019-11-18 23:18:57 -06:00
  • d519094117 hxtool: fix leak Nicolas Williams 2019-12-03 19:36:25 -06:00
  • 4f8577a988 hxtool: add cert type: https-negotiate-server Nicolas Williams 2019-12-03 00:13:08 -06:00
  • f9a0e8f076 roken: add rkbase64 noinst program Nicolas Williams 2019-12-02 22:33:25 -06:00
  • 982ba80b6e roken: fix leak in roken_detach_prep() Nicolas Williams 2019-12-03 19:07:34 -06:00
  • 8c5d2f7cc4 kuser/kx509.c: Fix add1_2chain. Roland C. Dowdeswell 2019-11-26 19:33:41 +00:00
  • 62d13ebf28 lib/krb5/kx509.c: fix memory leak in an error case. Roland C. Dowdeswell 2019-11-26 19:28:57 +00:00
  • 9265c1ce54 Fix windows build Roland C. Dowdeswell 2019-11-21 14:25:15 +00:00
  • 8ee86db261 Add enforce_ok_as_delegate setting Roland C. Dowdeswell 2019-11-20 21:19:57 +00:00
  • b5449e6c97 disable test_cc on Windows Roland C. Dowdeswell 2019-11-19 16:27:54 +00:00
  • 8b20d436d9 disable test-detach on Windows Roland C. Dowdeswell 2019-11-19 16:16:21 +00:00
  • 3b828e23e7 Don't build the docs on appveyor Roland C. Dowdeswell 2019-11-19 15:59:53 +00:00
  • 69dd82d33e Stop stuttering in libkrb5-exports.def.in Roland C. Dowdeswell 2019-11-19 16:40:54 +00:00
  • cd297eb462 Declare variables at the beginning of a block. Roland C. Dowdeswell 2019-11-19 13:10:52 +00:00
  • 01126367d3 w32-check-exported-symbols: Eliminate perl warning Roland C. Dowdeswell 2019-11-19 16:41:26 +00:00
  • 06f3507c77 Update .gitignore to catch more test remains Roland C. Dowdeswell 2019-11-19 16:09:23 +00:00
  • 4500a14f95 hx509: Show query expression parse errors Nicolas Williams 2019-11-07 21:47:54 -06:00
  • a40d4056bd asn1: Add der_find_or_parse_heim_oid() Nicolas Williams 2019-11-07 18:16:08 -06:00
  • 944eae82cf asn1: Remove alias of id-kp-clientAuth Nicolas Williams 2019-11-07 18:04:41 -06:00
  • c1841f2f67 gssapi: Import elric1's gss-token Nicolas Williams 2019-11-18 15:54:39 -06:00
  • 56c5f5909e roken: Add rkvis program for test scripts Nicolas Williams 2019-11-07 23:56:35 -06:00
  • 4981cfc420 roken: base64: set errno on decode errors Nicolas Williams 2019-11-18 15:53:45 -06:00
  • a8b749685c include <sys/exec_elf.h> if it's available. Roland C. Dowdeswell 2019-11-18 20:04:44 +00:00
  • ba5bb07495 krb5: disable automatic kx509 by default Nicolas Williams 2019-11-13 17:42:25 -06:00
  • 84ffa22c93 Add an "EFILE:" target for logging. Roland C. Dowdeswell 2019-11-07 23:25:50 +00:00
  • e44c680d8e Make logging path definitions subject to token expansion. Roland C. Dowdeswell 2019-11-07 22:30:05 +00:00
  • 0c869176f4 Define a token expansion for %{strftime:<string>}. Roland C. Dowdeswell 2019-11-07 22:29:14 +00:00
  • 3c7da79838 derived keys: ensure that princ is correct Roland C. Dowdeswell 2019-11-05 16:00:58 +00:00
  • a2650ef20b kx509: Fix uninitalized ret var use Nicolas Williams 2019-11-06 19:51:13 -06:00
  • fce3f16859 hx509: Add hx509_ca_tbs_get_name() Nicolas Williams 2019-11-06 11:08:00 -06:00
  • 12826c9586 Handle partial writes on non-blocking sockets Viktor Dukhovni 2019-11-06 20:27:58 -05:00
  • 9ca5d710f9 hx509: fix hx509_request_get_eku() Nicolas Williams 2019-11-04 14:10:30 -06:00
  • efb27f15ac Windows: update default timestamping service Jeffrey Altman 2019-11-02 21:14:00 -04:00
  • 0cc708ba36 kx509: add time-to-live for kx509 -t option Nicolas Williams 2019-10-10 15:17:04 -05:00
  • 94bf464f8d krb5: Add krb5_ticket_get_times() Nicolas Williams 2019-10-27 00:19:46 -05:00
  • 66cde3e580 hx509: Fix hx509_request_get_exts() Nicolas Williams 2019-10-24 23:15:18 -05:00
  • 35c91324ed hx509: Add hx509_get_instance() Nicolas Williams 2019-10-23 22:15:51 -05:00
  • 427751a204 hxtool: Add "acert" (assert cert contents) command Nicolas Williams 2019-10-28 18:17:09 -05:00
  • 6612090ba0 hx509: Export missing symbols Nicolas Williams 2019-10-28 18:16:38 -05:00
  • ddbc36d86b hx509: Store priv keys first in PEM stores Nicolas Williams 2019-10-10 14:37:37 -05:00
  • 7dc134e410 krb5: Move krb5_plugin_load_t typedef to header Nicolas Williams 2019-10-18 19:05:16 -05:00
  • ec858b3a46 ipc: Get socket dir via secure_getenv() Nicolas Williams 2019-10-22 22:53:18 -05:00
  • b54107ee2b asn1: Add more EKU OIDs from RFC7299, OpenSSL Nicolas Williams 2019-10-27 01:46:35 -05:00
  • ed1f900cfb asn1: Add some missing OIDs from RFC5280 Nicolas Williams 2019-10-23 18:03:50 -05:00
  • db35aeb5be asn1: Fix OID resolution bug Nicolas Williams 2019-10-23 18:04:28 -05:00
  • f717c7344b gss: Fix double-free in acquire_from Nicolas Williams 2019-10-30 21:00:30 -05:00
  • ba65039586 Lightly document derived key namespaces Roland C. Dowdeswell 2019-10-23 19:38:11 +01:00
  • 5bbe7c8dc6 Implement forwarding of leaf TGTs to selected realms. Viktor Dukhovni 2019-10-29 20:02:14 +00:00
  • d81118cc1f Implement krb5_mk_{1,n}cred Roland C. Dowdeswell 2019-10-29 19:10:40 +00:00
  • 2e0366b7a0 Teach make-proto.pl about #define \-continuation. Roland C. Dowdeswell 2019-10-29 19:56:45 +00:00
  • a86e1076a0 Ignore tags files and *_asn1_oid.x Roland C. Dowdeswell 2019-10-30 18:16:34 +00:00
  • 1522ec5171 _gsskrb5_acquire_cred_from leaks context Václav Chlumský 2019-10-29 13:04:12 +01:00
  • c7d4682aed Define log levels in docs and change default to 0-3. Roland C. Dowdeswell 2019-10-15 16:55:56 +01:00
  • aa5c525e71 Implement [kdc] derived_keys_maxdots Roland C. Dowdeswell 2019-10-17 16:30:24 +01:00
  • dfada0ccad kx509: Add CSR support Nicolas Williams 2019-07-15 23:27:30 -05:00
  • c838abdf1a ipc: fix warning Nicolas Williams 2019-10-09 20:22:29 -05:00
  • 6f9eb81243 krb5: copy AD from auth_context to Authenticator Nicolas Williams 2019-08-05 00:08:39 -05:00
  • 8af2d79d35 hx509: Add missing CSR extension request support Nicolas Williams 2019-07-16 14:51:59 -05:00
  • 6a7e7eace6 Add kx509 client and revamp kx509 service Nicolas Williams 2019-06-17 19:34:21 -05:00
  • 78cb995e6e krb5: add missing export Nicolas Williams 2019-10-08 12:46:21 -05:00