oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • d31dd9e00b hx509: make file store writes atomic Nicolas Williams 2019-10-08 16:53:56 -05:00
  • 098f6480e4 krb5: Fix spurious error (debug) msg in keytab Nicolas Williams 2019-10-07 21:15:27 -05:00
  • 89b076c543 hx509: match docs for hx509_certs_init() Nicolas Williams 2019-10-04 16:54:24 -05:00
  • fbacb5f5fe hx509: set errno in hx509_cert_init_data() Nicolas Williams 2019-10-04 16:54:00 -05:00
  • 25c493137d asn1: use --sequence=Certificates Nicolas Williams 2019-10-04 16:53:26 -05:00
  • 25dbe28291 hx509: SANs are critical if DN is empty Nicolas Williams 2019-10-04 11:50:12 -05:00
  • 038ed5ec31 hx509: check Name RDN attribute size bounds Nicolas Williams 2019-10-03 17:26:54 -05:00
  • cb2db14ed1 asn1: support DEFAULTed sequence fields Nicolas Williams 2019-10-07 21:07:25 -05:00
  • 330ced5b9e asn1: add missing symbols on Windows Nicolas Williams 2019-10-03 21:39:06 -05:00
  • d657528e91 asn1: work around OpenSSL conflict Nicolas Williams 2019-10-03 17:25:26 -05:00
  • 93e48f8fba hxtool: Add OID symbol resolution Nicolas Williams 2019-08-24 17:02:51 -05:00
  • 5465b2ddec libasn1: Add OID symbol resolution Nicolas Williams 2019-08-24 17:02:33 -05:00
  • 6471fcaa54 Move ASN.1 modules from lib/hx509 to lib/asn1 Nicolas Williams 2019-08-24 15:06:19 -05:00
  • 120619dbd0 asn1: use rfc2459.opt Nicolas Williams 2019-10-03 17:26:19 -05:00
  • 6f2b52bc97 Expose new Heimdal 8 KRB5_PLUGIN_COMMON_SPI_VERSION macro Viktor Dukhovni 2019-10-07 20:17:59 -04:00
  • d0211ef475 Refactor send_diffs making it progressive Viktor Dukhovni 2019-09-20 19:21:11 -04:00
  • 96fd393d29 Disable Nagle in iprop master and slave Viktor Dukhovni 2019-09-21 18:29:12 -04:00
  • 0334472ab5 ipropd-master: use async I/O Nicolas Williams 2019-09-17 01:26:25 -05:00
  • 9de1728850 ipropd-slave: don't send I_HAVE in response to AYT Nicolas Williams 2019-09-18 20:35:23 -05:00
  • c6d0793e63 Do not recover log in kadm5_get_principal() Nicolas Williams 2019-09-17 16:21:29 -05:00
  • afaaf3d89d Add krb5_cc_configured_default_name() Nicolas Williams 2019-07-10 00:51:49 -05:00
  • 375dd8897f klist: partial fix of -v --json Nicolas Williams 2019-06-30 20:44:05 -05:00
  • 697c6462cf klist: fix verbose printing of config entries Nicolas Williams 2019-06-30 20:43:30 -05:00
  • 941dfd95a3 pkinit: fix leak in client Nicolas Williams 2019-07-05 15:30:43 -05:00
  • 37b55e1fdb pkinit: fix memory leak in libkrb5 Nicolas Williams 2019-07-05 13:04:13 -05:00
  • 6deb2a6bae kdc: improve HTTP parsing Nicolas Williams 2019-08-11 17:14:51 -05:00
  • fe5c0a907c unparse_principal: reject embedded NULs Nicolas Williams 2019-09-10 21:35:08 -05:00
  • 621c68abea Improve krb5_cc_remove_cred() test Nicolas Williams 2019-09-09 19:28:44 -05:00
  • e163bfd81b Make ccache init atomic Nicolas Williams 2019-09-06 18:15:20 -05:00
  • ec84667763 Fix krb5_cc_move() issues Nicolas Williams 2019-09-09 19:19:53 -05:00
  • cf16e60f3b Fix off by one in KEYRING krcc_remove_cred() Nicolas Williams 2019-09-09 19:19:18 -05:00
  • 96d1e80bda roken: add mkostemp() Nicolas Williams 2019-09-06 16:40:55 -05:00
  • f31cdc30b2 roken: add rk_memmem() Nicolas Williams 2019-08-11 17:13:11 -05:00
  • d3ef0ee743 kdc: fix leaks Nicolas Williams 2019-07-05 16:59:40 -05:00
  • 75b5c94a62 kdc: fix invalid free at exit time Nicolas Williams 2019-07-05 13:02:45 -05:00
  • 5e270a8914 Fix missing error checking in lib/krb5/pkinit.c Nicolas Williams 2019-07-04 23:40:52 -05:00
  • 44677c01ae hxtool print: fix output device bugs Nicolas Williams 2019-07-05 20:37:17 -05:00
  • 63ccdca137 hx509: _hx509_certs_keys_free() should not require gate Nicolas Williams 2019-08-05 11:29:27 -05:00
  • d13f89cb11 hx509: expose hx509_request_parse*() Nicolas Williams 2019-07-15 23:11:12 -05:00
  • 87eb05df6a hx509: always verify CSR signature Nicolas Williams 2019-07-15 01:55:33 -05:00
  • f2776ce841 hx509: make hx509_get_error_string(NULL, ...) work Nicolas Williams 2019-07-12 13:38:22 -05:00
  • eaebb892b8 hx509: hx509_context_free(&null_var) should work Nicolas Williams 2019-07-12 13:37:26 -05:00
  • 41fcafd20c hx509: add hx509_certs_destroy() Nicolas Williams 2019-07-11 21:31:41 -05:00
  • e4b35ba13f hx509: create files with safe mode_t Nicolas Williams 2019-07-04 20:13:27 -05:00
  • 5a0d85e423 hx509: Add PKCS#8 private key format option Nicolas Williams 2019-07-04 17:57:18 -05:00
  • 63116100a8 hx509: do not crash on missing FILE: name Nicolas Williams 2019-07-03 20:09:13 -05:00
  • cc8a5c59a8 hxtool: add generate-key command Nicolas Williams 2019-07-01 22:46:12 -05:00
  • 049d817c66 Fix hx509_ca_tbs_free() segfault Nicolas Williams 2019-06-30 19:49:11 -05:00
  • a2db5caebf Add note about racy tests Nicolas Williams 2019-06-26 22:55:46 -05:00
  • 859c587dc2 Add more hxtool EKU options, and KeyUsage too Nicolas Williams 2019-06-23 14:31:13 -05:00
  • 005ba36b83 hxtool request-create: fix --key argument handling Nicolas Williams 2019-06-22 17:57:28 -05:00
  • 252487dfe4 hx509: support reading private keys from PEM files Nicolas Williams 2019-07-01 21:38:27 -05:00
  • 8d232aa87d hx509: export hx509_parse_private_key (Windows) Nicolas Williams 2019-07-11 21:31:17 -05:00
  • 1ee136ce40 autoconf: look for unlinkat() Nicolas Williams 2019-08-16 17:21:57 -05:00
  • 34728ce79e rk_base64_encode(): set errno in all error cases Nicolas Williams 2019-08-12 17:55:40 -05:00
  • 1ae941af9b roken_detach_prep() should return fd Nicolas Williams 2019-08-14 17:37:31 -05:00
  • 5859bc3bdf kadmin: add --hdb / -H argument Nicolas Williams 2019-08-21 14:35:30 -05:00
  • 338d47120b Fix Appveyor Windows build Nicolas Williams 2019-10-03 13:01:44 -05:00
  • 989422e0fc Install kuserok-plugin.h and update docs Viktor Dukhovni 2019-09-26 20:18:00 -04:00
  • c9b5a4df90 Use roken_get_loginname() when we want getlogin_r() Nicolas Williams 2019-09-25 17:58:37 -05:00
  • d02277b45f List token expansions in krb5.conf.5 Nicolas Williams 2019-09-25 17:54:36 -05:00
  • 0fdda02b61 Add loginname, ruid, and LOCALSTATEDIR expansions Nicolas Williams 2019-09-25 17:50:46 -05:00
  • 141289f14b roken: add roken_get_loginname() Nicolas Williams 2019-09-25 17:49:56 -05:00
  • 366b787917 We provide a "derived key" mechanism to allow wildcard princs Roland C. Dowdeswell 2019-06-12 18:33:10 +01:00
  • d6337ebdce Export krb5_crypto_prfplus() from libkrb5 Roland C. Dowdeswell 2019-06-12 18:32:53 +01:00
  • 20557e2255 Don't send diffs to slaves with not yet know version Viktor Dukhovni 2019-09-16 18:17:09 -04:00
  • 7680c92047 Don't stutter in send_diffs Viktor Dukhovni 2019-09-14 22:30:52 -04:00
  • 2709f28a1b Make gss_store_cred*() work Nicolas Williams 2019-07-25 20:18:22 -05:00
  • fae8df3839 Optional backwards-compatible anon-pkinit behaviour Viktor Dukhovni 2019-07-14 23:02:57 -04:00
  • f40d393c83 tests/kdc/check-authz still fails Nicolas Williams 2019-07-09 15:46:14 -05:00
  • 4edcbd6597 Fix Travis after_failure Nicolas Williams 2019-07-09 15:45:22 -05:00
  • 9c51900238 Declare kdc log functions to be printf-like Nicolas Williams 2019-06-24 11:45:22 -05:00
  • 7fc90ce1c8 Remove references to Kerberos v4 from kdc/kdc.8 Nicolas Williams 2019-07-06 14:40:22 -05:00
  • 32bc4083c4 libhx509: export some missing symbols Nicolas Williams 2019-06-18 11:14:35 -05:00
  • dd226b6f9a Token "username" should be multi-platform Nicolas Williams 2019-06-22 17:55:37 -05:00
  • 8bc5d5af10 hcrypto: fix off-by-one set-bit counting Nicolas Williams 2019-07-05 13:02:24 -05:00
  • 51aed5d820 krb5_data_copy() should use memcpy() Nicolas Williams 2019-07-05 15:30:27 -05:00
  • 889617883d Make note in test_cc of how to keyctl new_session Nicolas Williams 2019-06-22 23:57:11 -05:00
  • 1af64c5de5 Do not use real $HOME in tests/kdc/check-authz Nicolas Williams 2019-07-09 12:26:04 -05:00
  • f2bd714e69 Fix build for out-of-source objdir Roland C. Dowdeswell 2019-06-21 15:12:22 +01:00
  • 9aa573c9ce kdc: no error if req is fwdable on non-fwdable princ Roland C. Dowdeswell 2019-06-21 14:02:22 +01:00
  • fcd57af8e1 Implement KRB5_TRACE using existing logging framework Roland C. Dowdeswell 2019-06-11 21:02:05 +01:00
  • 15ae5f06a9 Update SECURITY.md Jeffrey Altman 2019-06-09 13:29:07 -04:00
  • 4a4971a496 Create SECURITY.md Jeffrey Altman 2019-06-07 22:55:32 -04:00
  • 7d8a72dbe6 .gitignore Jeffrey Altman 2019-06-07 22:12:54 -04:00
  • 4519757881 .gitignore Jeffrey Altman 2019-06-07 22:09:59 -04:00
  • 4921975b62 Create GitHub issue templates Jeffrey Altman 2019-06-07 22:08:39 -04:00
  • 63b3f4cb37 Create CODE_OF_CONDUCT.md Jeffrey Altman 2019-06-07 22:03:05 -04:00
  • 4331f4c7d4 kdc: history of request_anonymous vs cname-in-addl-tkt confusion Jeffrey Altman 2019-06-03 10:07:41 -04:00
  • cdd0b70d37 kdc: don't misidentify constrained delegation requests as anonymous Luke Howard 2019-06-03 14:36:36 +10:00
  • 27c6cf7a9f kdc: refactor anonymous checks in KDC Luke Howard 2019-06-03 12:33:28 +10:00
  • 7381a280c8 kdc: check for cname-in-addl-tkt flag in constrained delegation Luke Howard 2019-06-03 11:55:54 +10:00
  • cf940e15f4 krb5: rename constrained-delegatiom to cname-in-addl-tkt Luke Howard 2019-06-02 14:44:11 +10:00
  • ea7615ade3 Do not set anonymous flag in S4U2Proxy request Isaac Boukris 2019-06-01 13:38:04 +00:00
  • 290d7e75f2 Fixes #536 - Note that this can cause unexpected behavior with certain backends Quanah Gibson-Mount 2019-05-31 00:05:56 +00:00
  • 9de4da0dcc Fixes #532 - Note that all does not include get-keys Quanah Gibson-Mount 2019-05-31 00:00:31 +00:00
  • 68f74fbaf1 Fixes #550 - Note that encrypt is the default option Quanah Gibson-Mount 2019-05-30 23:56:03 +00:00
  • 4371af9e75 Fixes issue#535 - verify-password-quality Quanah Gibson-Mount 2019-05-30 23:51:37 +00:00
  • dc46b1f82d solaris: Define _STDC_C11_BCI for memset_s prototype Jeffrey Altman 2019-05-23 19:00:30 -04:00
  • e143639400 Windows: Windows CRT doesn't support %k as format for strftime Rod Widdowson 2019-03-25 13:01:51 +00:00