oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • eacfcd5ce1 kuser: use anon_pkinit_realm instead of anon-pkinit-realm Luke Howard 2019-05-22 14:42:55 +10:00
  • 3138c1836c kuser: plug leak in kinit anonymous PKINIT renew Luke Howard 2019-05-22 14:04:22 +10:00
  • b276d139ef lib/krb5: add plugin headers to Makefiles Jeffrey Altman 2019-02-07 11:04:36 -05:00
  • 434b34d71c lib/krb5: prevent build failures of krb5_plugin_common on Windows Jeffrey Altman 2019-02-07 23:04:16 -05:00
  • ac6fa4cadc lib/krb5: prepare to make common plugins public Jeffrey Altman 2019-02-07 10:45:53 -05:00
  • df78c88cc0 lib/krb5: common_plugin_ftable_desc funcs KRB5_LIB_CALL Jeffrey Altman 2019-02-07 09:46:07 -05:00
  • 32fe791c2e lib/krb5: common plugin only fallback if load_fn() fails Jeffrey Altman 2019-02-08 15:08:12 -05:00
  • cc2070dbc8 lib/krb5: fix krb5_get_instance_func_t prototype Jeffrey Altman 2019-02-07 23:03:24 -05:00
  • 22cf04fdaf lib/krb5: krb5.h missing KRB5_LIB_CALL definition Jeffrey Altman 2019-02-07 23:02:03 -05:00
  • d89b5cb966 kuser: allow kinit to renew anonymous PKINIT tickets Luke Howard 2019-05-21 15:18:16 +10:00
  • a7bb4504f2 klist: display all known flags when listing tickets Luke Howard 2019-05-09 16:15:08 +10:00
  • fd209c5dca krb5: set PKINIT_BTMM flag per Apple implementation Luke Howard 2019-05-07 13:54:10 +10:00
  • 8350f34a05 krb5: don't require krbtgt otherName match for Win2K Luke Howard 2019-05-15 10:44:55 +10:00
  • c634146b14 kdc: use actual client princ for KRB5SignedPath Luke Howard 2019-05-06 17:45:09 +10:00
  • b7fe0fb85a kdc: allow checksum of PA-FOR-USER to be HMAC_MD5 Isaac Boukris 2018-11-12 20:08:06 +02:00
  • 014e318d6b krb5: check KDC supports anonymous if requested Luke Howard 2019-05-18 13:55:36 +10:00
  • 5c70e5015e hcrypto-pkcs11: check mechanism flags Luke Howard 2019-05-18 14:16:37 +10:00
  • dc791c8fcf krb5: remove duplicate KRB5_ANON_MATCH_xxx defines Luke Howard 2019-05-18 13:57:43 +10:00
  • a1276c54aa krb5_sendto_kdc: Windows no KDC reachable error Jeffrey Altman 2019-05-16 09:27:42 -04:00
  • bdcd7d2f3d krb5_principal_is_anonymous Jeffrey Altman 2019-05-15 04:02:47 -04:00
  • c3e2c048c3 tests: generate test_template_asn1-template.c for testing Daria Phoebe Brashear 2019-05-15 13:25:11 -04:00
  • 38c797e1ae krb5: always confirm PA-PKINIT-KX for anon PKINIT Luke Howard 2019-05-07 13:15:15 +10:00
  • c6257cc2c8 CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum Isaac Boukris 2019-05-14 09:03:18 -04:00
  • 8740528b24 Windows-compatible sentinel socket type and value Viktor Dukhovni 2019-05-14 15:33:36 -04:00
  • d497d7e4a7 krb5_sendto_kdc: failover for multiple AAAA/A RRs on one domain Roland C. Dowdeswell 2019-05-10 19:13:26 +01:00
  • 5ca229e0d9 krb5: krb5_get_init_creds_opt_set_pkinit flag names Luke Howard 2019-05-06 11:29:04 +10:00
  • bcc90f1b87 krb5: _krb5_principal_is_anonymous() helper API Luke Howard 2019-05-04 16:10:13 +10:00
  • 4559618391 kuser: kgetcred support for anonymous service tickets Luke Howard 2019-05-03 16:05:09 +10:00
  • 55ee6c1282 krb5: support for anonymous TGS requests Luke Howard 2019-05-03 16:04:10 +10:00
  • af63541515 kdc: support for anonymous TGS-REQs Luke Howard 2019-05-03 12:59:10 +10:00
  • 3051db0d5d kuser: support authenticated anonymous AS-REQs in kinit Luke Howard 2019-05-03 14:45:58 +10:00
  • 63557427e0 kdc: allow anonymous AS requests with long-term keys Luke Howard 2019-05-02 17:05:25 +10:00
  • 5c8f48495e kdc: conform _kdc_make_anonymous_principalname() to RFC8062 Luke Howard 2019-05-02 17:02:32 +10:00
  • 7a7eb9de2f kdc: do not include PAC for anonymous AS requests Luke Howard 2019-05-02 16:57:51 +10:00
  • 2f013b0d48 kdc: fix compliance with RFC 8062 Section 4.1 Luke Howard 2019-05-01 16:32:44 +10:00
  • 1bc2eb33f9 krb5: fix spelling error in debug log Luke Howard 2019-05-01 16:19:30 +10:00
  • e60955e835 roken: getuserinfo WIN32 fix username string termination Jeffrey Altman 2019-05-02 13:42:01 -04:00
  • f1b27d77cd Windows: Make getaddrinfo-test work Rod Widdowson 2019-03-25 13:15:41 +00:00
  • aad5c71014 Fixes https://github.com/heimdal/heimdal/issues/533 Quanah Gibson-Mount 2019-03-22 22:27:33 +00:00
  • 2d193d380d For https://github.com/heimdal/heimdal/issues/392 Quanah Gibson-Mount 2019-03-22 22:19:28 +00:00
  • 98f904036c For https://github.com/heimdal/heimdal/issues/392 Quanah Gibson-Mount 2019-03-22 21:11:37 +00:00
  • c827cd48f6 Optimise stdio krb5_storage by tracking offset Roland C. Dowdeswell 2019-03-21 00:41:46 +00:00
  • 56a32a8dbd krb5_storage: normalise truncate behaviour w.r.t. file offset Roland C. Dowdeswell 2019-03-20 23:27:50 +00:00
  • b2332b9684 add a couple of tests to test_store.c for fd, stdio w.r.t. trunc Roland C. Dowdeswell 2019-03-21 00:35:11 +00:00
  • 43a34f6663 roken: tsearch use rk_UNCONST instead of __DECONST #307 Jeffrey Altman 2019-02-21 14:34:08 -05:00
  • f0d9289d86 roken: fix strtoll Jeffrey Altman 2019-01-22 00:02:57 -05:00
  • 9ce2683f2d roken: strtoull.c negation is a no-op on unsigned integer Jeffrey Altman 2019-01-21 22:28:02 -05:00
  • b10ad7eb57 roken: strtoll.c negation is a no-op on unsigned integer Jeffrey Altman 2019-01-21 22:25:19 -05:00
  • 3bbd8663b0 WIN32: fix roken build Jeffrey Altman 2019-01-21 22:04:06 -05:00
  • 18226819cd ASN.1 compiler: check write errors Nicolas Williams 2019-01-15 12:04:31 -06:00
  • a3a8c1e4a4 ASN.1: Support wider bit sets (fix #514) Nicolas Williams 2019-01-06 23:12:24 -06:00
  • 10164490b7 windows/installer: code sign all merge modules Jeffrey Altman 2019-01-14 05:52:59 -05:00
  • a205fe17c6 lib/kadm5: WIN32 fix callback calling conventions Jeffrey Altman 2019-01-13 20:25:44 -05:00
  • 387684aa93 WIN32: fix calling conventions for 32-bit builds Jeffrey Altman 2019-01-08 12:58:50 -05:00
  • dcfcdd00d8 lib/asn1: WIN32 suppress "unreferenced local variable" warning Jeffrey Altman 2019-01-08 11:38:01 -05:00
  • 63579e6eb1 packages/windows/sdk: include dlfcn.h Jeffrey Altman 2019-01-08 11:15:32 -05:00
  • 7d5b844538 lib/krb5: WIN32 disable warnings Jeffrey Altman 2019-01-08 11:11:14 -05:00
  • 9d3e206b76 lib/krb5: WIN32 _krb5_load_plugins wrong constness Jeffrey Altman 2019-01-08 11:09:15 -05:00
  • 9358747426 lib/gssapi/mech: gss_acquire_cred_from calling conventions Jeffrey Altman 2019-01-08 11:06:07 -05:00
  • 57c25d9828 kadm5: add chpass_with_key hook (#397) Luke Howard 2019-01-10 15:18:10 +11:00
  • 59ba12f832 kadm5: remove unused variable from sample_hook Luke Howard 2019-01-10 12:39:40 +11:00
  • 907b9ee6c4 Fix broken return from _krb5_erase_file on missing file. The return of lstat should be handled like the "open" if errno = ENOENT. Ake Sandgren 2019-01-09 11:08:58 +01:00
  • 717a399bbd Fix ktutil weak password for principal creation Nicolas Williams 2019-01-08 23:26:48 -06:00
  • c2b106def5 Fix wrong keepold default in kadmin and ktutil Nicolas Williams 2019-01-08 22:15:25 -06:00
  • 7808e898e5 Appveyor: fix SetEnv.cmd invocation Nicolas Williams 2019-01-07 11:55:40 -06:00
  • 5abb68c891 hdb: ensure Salt is zero'd in add_default_salts() Luke Howard 2019-01-07 18:07:53 +11:00
  • ff21a49cb0 krb5: change "version" to "instance" in plugin error message Luke Howard 2019-01-07 16:49:38 +11:00
  • de1f37a6aa kdc: omit default salt from PA-ETYPE-INFO[2] Luke Howard 2019-01-07 15:45:36 +11:00
  • a3fd75f368 hdb: generate default salts for entries missing them Luke Howard 2019-01-07 14:34:05 +11:00
  • 828ddecd61 kdc: get_pa_etype_info_both comply with RFC4120 Jeffrey Altman 2019-01-06 23:18:05 -05:00
  • 83d2951c0d gssapi: SPNEGO does not reset NTLM RC4 state (#509) Luke Howard 2019-01-05 18:38:42 +11:00
  • 9750f2d915 hdb: force canonicalization of enterprise principal names Luke Howard 2019-01-06 18:03:07 +11:00
  • 4ea5cc2eff kdc: only set HDB_F_GET_KRBTGT when requesting TGS principal Luke Howard 2019-01-06 17:54:58 +11:00
  • 0141e7a497 Revert "kdc: move more name canonicalization logic to KDC" Luke Howard 2019-01-06 17:43:18 +11:00
  • 79f84913c9 hdb: krb5_locl.h obviates need for forward declarations Luke Howard 2019-01-05 16:32:00 +11:00
  • 1b7e196e66 kdc: move more name canonicalization logic to KDC Luke Howard 2019-01-05 15:36:50 +11:00
  • c6232299c3 kdc: perform AS-REQ canonicalization in kdc Luke Howard 2019-01-05 14:59:15 +11:00
  • 6bb8eaca20 hdb: dereference principal aliases in all KDC lookups (#452) Luke Howard 2019-01-05 12:36:28 +11:00
  • c6d00f2502 Revert "KDC: Allow hdb to set the issued ticket's realm" Luke Howard 2019-01-05 13:28:13 +11:00
  • 2287c250b2 Revert "Revert "Fix tests/plugin/windc.c"" Luke Howard 2019-01-05 10:55:13 +11:00
  • ac544a6da6 kdc: export kdc_get_instance() for windc plugins Luke Howard 2019-01-05 10:48:04 +11:00
  • e776e6c5ed Revert "Fix tests/plugin/windc.c" Luke Howard 2019-01-05 10:47:42 +11:00
  • 99188ea797 Bump roken SONAME version (fix #279) Nicolas Williams 2019-01-03 22:40:29 -06:00
  • 26048694d7 One more Travis fix Nicolas Williams 2019-01-04 11:30:53 -06:00
  • 9b39978ddd Fix tests/plugin/windc.c Nicolas Williams 2019-01-04 11:26:28 -06:00
  • 7de958252c gssapi: add some Apple (c) notices for mechglue bugfix import Luke Howard 2019-01-04 21:30:10 +11:00
  • 99e98520ba Travis: only one core analysis command Nicolas Williams 2019-01-04 01:27:38 -06:00
  • 9a6436fe3c Fix Travis core analysis; do not cat config.log Nicolas Williams 2019-01-04 01:23:26 -06:00
  • 7fc79a393c gssapi: defensively initialize *out in gss_duplicate_cred() Luke Howard 2019-01-04 18:12:11 +11:00
  • 178588516d gssapi: refactor gss_duplicate_cred() Luke Howard 2019-01-04 18:07:41 +11:00
  • b025f20eb4 kadmin: kadmind_dispatch incompatible pointer warning Jeffrey Altman 2019-01-04 01:47:11 -05:00
  • 750cfc092c fix 00c590e4ff Jeffrey Altman 2019-01-04 01:41:06 -05:00
  • e23b0a39d3 gssapi: argument validation fixes gss_store_cred_into() Luke Howard 2019-01-04 17:31:28 +11:00
  • 9119136967 fix memory leaks Jeffrey Altman 2019-01-04 01:22:20 -05:00
  • 00c590e4ff fix null pointer dereference errors Jeffrey Altman 2019-01-04 01:02:59 -05:00
  • 735039dbdc gssapi: implement gss_set_neg_mechs() (#495) Luke Howard 2019-01-04 10:13:03 +11:00
  • dfaaf9c93f gssapi: honor acceptor credential in SPNEGO (#506) Luke Howard 2019-01-04 15:47:29 +11:00
  • d5536d4dd3 Fix wrong context bugs in kadmin randkey Nicolas Williams 2019-01-03 22:26:31 -06:00
  • e739c4d0c2 windc: update test windc plugin to use new load SPI Luke Howard 2019-01-04 15:17:20 +11:00
  • befe1b8f90 always load plugins with RTLD_LOCAL/RTLD_GROUP if available Luke Howard 2018-12-31 12:46:29 +11:00