oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Commit Graph

  • cd02c50be5 kdc: OpenSSL 3.0 support Nicolas Williams 2022-11-19 22:03:50 -06:00
  • 6336cf69d4 krb5: OpenSSL 3.0 support Nicolas Williams 2022-11-19 15:09:47 -06:00
  • 264f0bd1a2 hx509: OpenSSL 3.0 support Nicolas Williams 2022-11-18 23:31:51 -06:00
  • 0d5b238186 hx509: PKCS#12 missing error check Nicolas Williams 2022-11-20 00:30:13 -06:00
  • cce8ae9927 hx509: Pass PKCS#8 keys to lower layers Nicolas Williams 2022-11-19 23:43:27 -06:00
  • 2ddea96ba2 hcrypto: Use builtin 1DES/RC2/RC4 (OpenSSL 3) Nicolas Williams 2022-11-17 19:00:49 -06:00
  • 11846fcabb hcrypto: Fix EVP_CipherUpdate() bugs Nicolas Williams 2022-11-21 14:24:31 -06:00
  • 47e6c68de8 hcrypto: OpenSSL's EVP_Cipher() returns a length Nicolas Williams 2022-11-17 18:57:35 -06:00
  • 83cd1255f6 cf: Check for OpenSSL FIPS Nicolas Williams 2022-11-21 12:09:07 -06:00
  • ac8c1341fb cf: Check for OpenSSL 3.0 Nicolas Williams 2022-11-21 12:06:59 -06:00
  • aa3355e3bf hcrypto: Remove dead MD2 code Nicolas Williams 2022-11-17 12:56:20 -06:00
  • 8f9c2d115e lib/krb5: remove dead code from pk_verify_host() Stefan Metzmacher 2022-03-03 17:28:24 +01:00
  • 4baf76220c lib/krb5: remove unused krb5_krbhst_info argument of pk_verify_host() Stefan Metzmacher 2022-03-03 17:26:57 +01:00
  • 7b3b67be37 lib/krb5: remove unused krb5_krbhst_info argument of pk_rd_pa_reply_enckey() Stefan Metzmacher 2022-03-03 17:22:10 +01:00
  • 94443d4768 lib/krb5: remove unused krb5_krbhst_info argument of pk_rd_pa_reply_dh() Stefan Metzmacher 2022-03-03 17:17:52 +01:00
  • 600e126135 lib/krb5: remove unused krb5_krbhst_info argument from _krb5_pk_rd_pa_reply() Stefan Metzmacher 2022-03-03 17:12:18 +01:00
  • c5feb63c55 lib/krb5: remove unused krb5_krbhst_info argument of pa_step_f Stefan Metzmacher 2022-03-03 17:10:11 +01:00
  • 893522a79f lib/krb5: remove unused krb5_krbhst_info argument to pa_step() Stefan Metzmacher 2022-03-03 17:03:36 +01:00
  • 315592f018 lib/krb5: remove unused krb5_krbhst_info argument of process_pa_data_to_key() Stefan Metzmacher 2022-03-03 17:01:18 +01:00
  • a4fc4dcb6a lib/krb5: mark in argument of krb5_init_creds_step() as const Stefan Metzmacher 2022-03-03 18:03:17 +01:00
  • fd75c3e23c lib/krb5: let krb5_init_creds_step() return an out_realm Stefan Metzmacher 2022-03-03 18:02:35 +01:00
  • b0bc54c921 lib/krb5: let krb5_init_creds_step() return an allocated out buffer Stefan Metzmacher 2022-03-03 17:49:36 +01:00
  • 30c978f013 lib/krb5: fix krb5_init_creds_step() interaction with krb5_fast_anon_pkinit_step() Stefan Metzmacher 2022-03-03 17:45:02 +01:00
  • acaa62636f lib/krb5: krb5_init_creds_get() passes hostinfo=NULL to krb5_init_creds_step() Stefan Metzmacher 2022-03-03 16:48:08 +01:00
  • cfb32a638e Introduce macro for common plugin structure elements Joseph Sutton 2022-10-22 10:11:53 +13:00
  • 16179383fb asn1: note IMPLICIT CHOICE promoted to EXPLICIT Luke Howard 2022-11-14 17:27:06 +11:00
  • 5398425cd2 asn1: propagate default values to JSON Luke Howard 2022-11-14 12:02:26 +11:00
  • bc3d9c0115 asn1: JSON output open type IDs Luke Howard 2022-11-13 10:11:40 +11:00
  • 6a3604caf1 asn1: fix incorrect tag value for UT_UniversalString Luke Howard 2022-11-13 10:11:05 +11:00
  • c132e6ff49 lib/base: Avoid compiler warning about use-after-free on Fedora 36 Andrew Bartlett 2022-10-27 13:21:31 +13:00
  • 2c8be80a25 lib/base: Correct realloc() paramters, to allocate one more byte, not 1 byte Andrew Bartlett 2022-10-28 15:04:09 +13:00
  • 7b75136113 lib/krb5: add TGS-REQ PA-DATA e.g. FOR_USER also to the outer req Stefan Metzmacher 2022-03-07 23:28:12 +01:00
  • 422419ddde kdc: add missing enctype = p[i] assignments to _kdc_find_etype() Stefan Metzmacher 2022-01-27 17:42:28 +01:00
  • 05e589d247 kdc: Check generate_pac() return code Joseph Sutton 2022-06-16 15:26:07 +12:00
  • f4faaeaba3 heimdal: Fix the 32-bit build on FreeBSD Volker Lendecke 2022-07-22 18:38:21 +02:00
  • 603e673130 Windows: link against LIBHEIMBASE for json functionality Jeffrey Altman 2022-11-16 22:04:06 -05:00
  • 5e48ec6c88 lib/krb5: Remove __func__ compatibility workaround Joseph Sutton 2022-11-16 21:11:51 -05:00
  • 36cf07bc44 Windows: define __func__ in terms of __FUNCTION__ Jeffrey Altman 2022-11-16 21:09:52 -05:00
  • a9fca332da lib/asn1: free_type fix HEIM_FALLTHROUGH usage Jeffrey Altman 2022-11-16 11:18:36 -05:00
  • 9d1bfab988 lib/krb5: fix _krb5_get_int64 on 32-bit systems Stefan Metzmacher 2022-11-16 10:05:56 -05:00
  • efeab17c03 Update NEWS Nicolas Williams 2021-12-08 23:13:33 -06:00
  • 9c9dac2b16 asn1: CVE-2022-44640 invalid free in ASN.1 codec Nicolas Williams 2021-03-10 16:49:04 -06:00
  • 2a4210b7e9 gsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify_pad() Joseph Sutton 2022-10-12 13:57:33 +13:00
  • 22749e918f gsskrb5: CVE-2022-3437 Check for overflow in _gsskrb5_get_mech() Joseph Sutton 2022-10-10 20:33:09 +13:00
  • 6a48779651 gsskrb5: CVE-2022-3437 Check buffer length against overflow for DES{,3} unwrap Joseph Sutton 2022-08-15 16:54:23 +12:00
  • 4aca82c7d0 gsskrb5: CVE-2022-3437 Check the result of _gsskrb5_get_mech() Joseph Sutton 2022-08-15 16:53:55 +12:00
  • ce6d8bbdbb gsskrb5: CVE-2022-3437 Avoid undefined behaviour in _gssapi_verify_pad() Joseph Sutton 2022-08-15 16:53:45 +12:00
  • cc9af5194a gsskrb5: CVE-2022-3437 Don't pass NULL pointers to memcpy() in DES unwrap Joseph Sutton 2022-10-12 13:57:42 +13:00
  • e407e0ead6 gsskrb5: CVE-2022-3437 Use constant-time memcmp() in unwrap_des3() Joseph Sutton 2022-10-12 13:57:55 +13:00
  • e18b8f111f gsskrb5: CVE-2022-3437 Use constant-time memcmp() for arcfour unwrap Joseph Sutton 2022-10-12 13:57:13 +13:00
  • b90b219ab8 krb5: CVE-2022-42898 PAC parse integer overflows Joseph Sutton 2022-10-14 16:45:37 +13:00
  • f727a4bdfd bx509: Fix test moar Nicolas Williams 2022-11-01 17:57:03 -05:00
  • e50abd5aa0 cf: Disable broken-getaddrinfo test (fixes check-iprop on OS X) Nicolas Williams 2022-10-26 22:45:55 -05:00
  • 944c71020e cf: Disable BROKEN_REALLOC workaround Nicolas Williams 2022-10-25 21:51:01 -05:00
  • 00b065bc80 cf: Do not redefine realloc() when ASAN is used Nicolas Williams 2022-10-25 21:44:07 -05:00
  • 0f919e89ca base: -Wno-string-concatenation for test_base Nicolas Williams 2022-10-25 20:11:36 -05:00
  • 3a5e91eca2 hcrypto: Remove MD2 with prejudice Nicolas Williams 2022-10-25 22:20:45 -05:00
  • bad07f7738 gss: Fix UB Nicolas Williams 2022-10-26 01:53:47 -05:00
  • 8e9ad6eda2 krb5: Fix UB Nicolas Williams 2022-10-26 01:54:13 -05:00
  • 5b1c69b424 hcrypto: Fix UB Nicolas Williams 2022-10-26 01:54:02 -05:00
  • e4311f3a82 asn1: Fix UB and incorrect codec for unconstrained INTEGER values of -1 Nicolas Williams 2022-10-26 01:53:10 -05:00
  • 476d216f89 base: Fix UB Nicolas Williams 2022-10-25 23:24:43 -05:00
  • 07abfdb1a9 roken: Fix UB Nicolas Williams 2022-10-26 01:54:19 -05:00
  • 3e1befe633 bx509: Make test run with UBSAN Nicolas Williams 2022-11-01 16:08:48 -05:00
  • c87192e700 GHA: Make UBSAN build run Nicolas Williams 2022-11-01 10:23:47 -05:00
  • 553abd456f GHA: Add UBSAN build Nicolas Williams 2022-11-01 10:00:46 -05:00
  • ed40630174 sl: Fix exit(0) when incorrect usage Nicolas Williams 2022-10-11 21:03:14 -05:00
  • ea4b822af7 gss: Fix gss-token success exit code Nicolas Williams 2022-10-06 16:41:35 -05:00
  • 5ce580f5ad roken: Fix typo in lib/roken/Makefile.am Nicolas Williams 2022-10-06 16:42:05 -05:00
  • c015db46da windows: Do not make test in kadmin/ Nicolas Williams 2022-10-02 19:07:09 -05:00
  • ceec364ed4 ktutil: Add import command and other improvements Nicolas Williams 2022-10-01 17:57:54 -05:00
  • 69dc89b39a ktutil: Add list --json option Nicolas Williams 2022-10-01 11:53:23 -05:00
  • 6297b76362 klist: Real JSON output Nicolas Williams 2022-09-30 22:05:41 -05:00
  • f90f055659 iprop: Enable secondary KDC bootstrapping w/ PKINIT Nicolas Williams 2022-09-30 17:06:52 -05:00
  • 56c6120522 httpkadmind: Make more like bx509d internally Nicolas Williams 2022-08-22 22:38:03 -05:00
  • ae527bf97c bx509d: Add /get-tgts batch end-point Nicolas Williams 2022-08-10 18:08:03 -05:00
  • 323f4631a4 krb5: Do not clobber keytab entry timestamps Nicolas Williams 2022-10-01 17:49:39 -05:00
  • 1429814eda base: HEIM_JSON_F_TRY_DECODE_DATA cannot work Nicolas Williams 2022-10-01 17:53:11 -05:00
  • ed4b50720d base: Export type ID enum Nicolas Williams 2022-10-01 17:52:17 -05:00
  • 8364bdd8f3 base: Add JSON string non-ASCII escaping options Nicolas Williams 2022-10-02 22:43:20 -05:00
  • 03f06b9472 base: Prettier JSON output / options Nicolas Williams 2022-10-01 00:12:09 -05:00
  • c6a46f0c96 base: Implement JSON string escaping Nicolas Williams 2022-09-11 00:28:00 -05:00
  • 7ae4292986 lib/krb5: Fix leak in error path Joseph Sutton 2022-09-24 11:03:46 +12:00
  • c4216b17a8 kdc: add enable_fast option (enabled by default) Stefan Metzmacher 2022-03-08 16:11:39 +01:00
  • 348a03e48e Documentation changes for the Windows Build Rod Widdowson 2022-04-03 11:43:43 +01:00
  • cd3b6e5a41 hdb: fix ldap module build (missing 'is_file_based' and 'can_taste' initializers) Sergei Trofimovich 2022-07-01 07:56:53 +01:00
  • 8b0c7ec09a krb5: remove krb5-v4compat.h Jeffrey Altman 2022-09-22 20:54:34 -04:00
  • 97eaa6cd01 krb5: pkinit select_dh_group clarify 'bits' param is the minimum Jeffrey Altman 2022-09-16 17:00:20 -04:00
  • 1e67fd6c01 krb5: rfc3526-MODP-group14 incorrect bit size Jeffrey Altman 2022-09-16 16:31:39 -04:00
  • e7efa7783a gssapi: add dependency on gkrb5_err.h Sergei Trofimovich 2022-07-01 09:00:46 +01:00
  • 254e40294e doc: add dependency on vars.texi Sergei Trofimovich 2022-07-01 08:46:53 +01:00
  • eb8da07a7b hdb: add missing build dependency on "hdb-protos.h" Sergei Trofimovich 2022-07-01 00:03:17 +01:00
  • 88eb44fd8b ipc: mach_complete_[a]sync avoid 'ret' set but not used warning Jeffrey Altman 2022-09-16 13:59:35 -04:00
  • de7b452dcb kuser: kinit renew_func do not update expire if no new tickets Jeffrey Altman 2022-09-16 13:52:37 -04:00
  • 7b914bfb64 roken: getaddrinfo get_null return errors Jeffrey Altman 2022-09-16 13:48:55 -04:00
  • 76c110e1ef hx509: hx509_verify_path remove spurious fallthrough Daria Phoebe Brashear 2022-09-16 15:27:32 -04:00
  • 133f517482 rewrite fallthrough to HEIM_FALLTHROUGH to deal with new Apple SDKs Daria Phoebe Brashear 2022-09-16 09:57:24 -04:00
  • f6d26bce66 kadm5: Correctly set userAccountControl bits Joseph Sutton 2022-04-29 12:05:50 +12:00
  • f165d1e942 lib/krb5: Avoid undefined pointer arithmetic Joseph Sutton 2022-05-18 17:18:44 +12:00
  • f40ac787b1 hxtool: Allow ca command to generate subject key Nicolas Williams 2022-08-07 18:50:06 -05:00