f5daf6dd27
add krb5_get_init_creds_opt_set_process_last_req
Love Hörnquist Åstrand
2009-01-11 21:45:46 +00:00
dd466c586f
process the last request structures
Love Hörnquist Åstrand
2009-01-11 21:45:36 +00:00
e3f707ea2c
add ALGORITHM_BEST_BEFORE
Love Hörnquist Åstrand
2009-01-11 21:45:27 +00:00
f850b7ddfb
some more iprop
Love Hörnquist Åstrand
2009-01-11 21:45:17 +00:00
1544c472e5
add group krb5_auth
Love Hörnquist Åstrand
2009-01-11 21:45:08 +00:00
5112116a84
Allow inctx to be NULL.
Love Hörnquist Åstrand
2009-01-11 21:44:58 +00:00
6239532d9a
If no server given, interate over keytab to find a key that can decrypt the request. The resulting server principal is what in the keytab, the real service can be fetched from.
Love Hörnquist Åstrand
2009-01-11 21:44:48 +00:00
f0bfba4982
add --server-any
Love Hörnquist Åstrand
2009-01-11 21:44:38 +00:00
164f6c0a97
Check server aliases.
Love Hörnquist Åstrand
2009-01-11 21:44:29 +00:00
4b553afa07
Skip the leaf certificate HX509_VERIFY_CTX_F_NO_BEST_BEFORE_CHECK check for now
Love Hörnquist Åstrand
2009-01-11 21:44:19 +00:00
3ee9a138f6
add hx509_verify_ctx_f_allow_best_before_signature_algs
Love Hörnquist Åstrand
2009-01-11 21:44:10 +00:00
98d48f25d7
use _hx509_signature_best_before
Love Hörnquist Åstrand
2009-01-11 21:44:00 +00:00
8bd4ae305f
add _hx509_signature_best_before
Love Hörnquist Åstrand
2009-01-11 21:43:50 +00:00
86fc2691e6
fix signess warning
Love Hörnquist Åstrand
2009-01-11 21:43:40 +00:00
cffff0ea1f
fix signness
Love Hörnquist Åstrand
2009-01-11 21:43:30 +00:00
00debe0edd
update ->ptr on rebase, return -1 on failure
Love Hörnquist Åstrand
2009-01-11 21:43:21 +00:00
d3cef9ce45
plug memory leaks and other bugs
Love Hörnquist Åstrand
2009-01-11 21:43:11 +00:00
b49b5696f6
return Success instead of unknown error: 0
Love Hörnquist Åstrand
2009-01-11 21:43:02 +00:00
c25af51232
make paranoia check less paranoid
Love Hörnquist Åstrand
2009-01-11 21:42:52 +00:00
3223c11aab
verify verf header
Love Hörnquist Åstrand
2009-01-11 21:42:42 +00:00
8f80188c3f
cleanup
Love Hörnquist Åstrand
2009-01-11 21:42:32 +00:00
a2626628ea
plug memory leak
Love Hörnquist Åstrand
2009-01-11 21:42:23 +00:00
e3f856b566
remove debug log
Love Hörnquist Åstrand
2009-01-11 21:42:14 +00:00
8d16bb0b68
add support for add,get,delete,chrand for the MIT kadmin protocol
Love Hörnquist Åstrand
2009-01-11 21:42:02 +00:00
eb34718a0b
clean up krb5_store_data_xdr
Love Hörnquist Åstrand
2009-01-11 21:41:52 +00:00
3502a87a6c
doxygen, fix seeking on non file fds
Love Hörnquist Åstrand
2009-01-11 21:41:42 +00:00
026e807ad1
add TOO_BIG
Love Hörnquist Åstrand
2009-01-11 21:41:33 +00:00
b8896cc78c
add NOT_SEEKABLE
Love Hörnquist Åstrand
2009-01-11 21:41:23 +00:00
943942bfa4
check acl match for foo/*.example.org
Love Hörnquist Åstrand
2009-01-11 21:41:13 +00:00
b7632c038b
reindent
Love Hörnquist Åstrand
2008-12-18 04:59:47 +00:00
c6e9b9cabc
simplify
Love Hörnquist Åstrand
2008-12-18 04:59:34 +00:00
daa7c34ab3
turn off supportedCMSTypes for now, allow kdc not sending correct certs
Love Hörnquist Åstrand
2008-12-15 04:33:09 +00:00
28de60a9bc
stricter check that enctype matches checksum type when using keyed checksum
Love Hörnquist Åstrand
2008-12-15 04:32:59 +00:00
26abb7e637
option to turn off the KeyUsage check in CMS verify SignedData
Love Hörnquist Åstrand
2008-12-15 04:32:49 +00:00
5f2da72d8a
make der_get_octet_string_ber less restrictive
Love Hörnquist Åstrand
2008-12-15 04:32:39 +00:00
be7861f63b
implement kc_rsa_private_decrypt
Love Hörnquist Åstrand
2008-12-15 04:32:30 +00:00
2e8d2802c8
der_get_octet_string_ber meet reality and now works
Love Hörnquist Åstrand
2008-12-15 04:32:20 +00:00
74ca2a2f6c
add INDEF_OVERRUN, INDEF_UNDERRUN
Love Hörnquist Åstrand
2008-12-15 04:32:10 +00:00
131b3d34f5
add flag to hx509_cms_verify_signed
Love Hörnquist Åstrand
2008-12-15 04:32:00 +00:00
e893e7bd5b
Add HX509_CMS_EV_NO_KU_CHECK and HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH
Love Hörnquist Åstrand
2008-12-15 04:31:51 +00:00
61d49ed472
add options to skipping KeyUsage check
Love Hörnquist Åstrand
2008-12-15 04:31:41 +00:00
6d2fc59777
- Add switch to select friendly_name of the certificate. - Use HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH some CMS implementestions get the oid wrong when they do evelopeddata. - Use HX509_CMS_EV_NO_KU_CHECK since some clients send certs that are not enveloped certs.
Love Hörnquist Åstrand
2008-12-15 04:31:32 +00:00
0c4d8d3a16
Add switch to select friendly_name of the certificate.
Love Hörnquist Åstrand
2008-12-15 04:31:22 +00:00
f4aeb0d5cf
better error message
Love Hörnquist Åstrand
2008-12-15 04:31:12 +00:00
dc7cea0417
add flags to hx509_cms_verify_signed
Love Hörnquist Åstrand
2008-12-15 04:31:03 +00:00
ba69102e6b
add flags to hx509_cms_verify_signed
Love Hörnquist Åstrand
2008-12-15 04:30:52 +00:00
ff17f1e5a1
return of der_match_tag2
Love Hörnquist Åstrand
2008-12-15 04:30:42 +00:00
01dbb35475
turn on symbols for libasn1 and add check-ber for checking INDEF encoding with any
Love Hörnquist Åstrand
2008-12-15 04:30:32 +00:00
ea193b2f25
use new der_match_tag_and_length to parse the UT_EndOfContent tag
Love Hörnquist Åstrand
2008-12-15 04:30:22 +00:00
26d2cd604d
change prototype for der_match_tag_and_length to return the Der_type, add BER decoder for octet string
Love Hörnquist Åstrand
2008-12-15 04:30:12 +00:00
e9d32a0ac5
Use asn1 decoder now that it can handle CHOICE
Love Hörnquist Åstrand
2008-12-15 04:30:02 +00:00
be0a52e885
handle BER octet string, remove EoD tag before parsing content of a INDEF encoding to the greedy encodings in inside (like ANY) will swallow the EoD
Love Hörnquist Åstrand
2008-12-15 04:29:52 +00:00
323e8433db
handle ASN1_INDEFINITE
Love Hörnquist Åstrand
2008-12-15 04:29:42 +00:00
5da8d78b54
add [gs]_friendly_name
Love Hörnquist Åstrand
2008-12-15 04:29:32 +00:00
35425fff7d
print friendly name in klist output if it differs from principal
Love Hörnquist Åstrand
2008-12-15 04:29:23 +00:00
bf2976562a
print friendly name
Love Hörnquist Åstrand
2008-12-15 04:29:13 +00:00
0aef0e3e46
add krb5_cc_[gs]et_friendly_name, match MIT config name
Love Hörnquist Åstrand
2008-12-15 04:29:03 +00:00
f8a5a1a8a7
Allow DER encoding for CMS
Love Hörnquist Åstrand
2008-12-15 04:28:53 +00:00
49ff682fff
better error messages
Love Hörnquist Åstrand
2008-12-15 04:28:43 +00:00
8671326a06
Handle ASN1_INDEFINITE encoding
Love Hörnquist Åstrand
2008-12-15 04:28:33 +00:00
27f460b09a
use krb5_get_init_creds_password
Love Hörnquist Åstrand
2008-12-15 04:28:21 +00:00
eaa7e4e854
Deprecate old functions
Love Hörnquist Åstrand
2008-12-11 05:12:53 +00:00
731f131f32
Make heimdal smaller and deprecate old functions
Love Hörnquist Åstrand
2008-12-11 05:12:42 +00:00
85de455dde
support split processing of AS and add support for keytab/keyblock
Love Hörnquist Åstrand
2008-12-11 05:12:30 +00:00
ebdce5d97e
add krb5_init_creds_context
Love Hörnquist Åstrand
2008-12-11 05:12:19 +00:00
0e3029c722
clean up from others before trying to run this
Love Hörnquist Åstrand
2008-12-11 05:12:07 +00:00
fc27e9b239
x
Love Hörnquist Åstrand
2008-12-11 05:11:55 +00:00
8eb10d7b45
better doxygen for krb5_data_free
Love Hörnquist Åstrand
2008-12-11 05:11:45 +00:00
1399415ad2
regen
Love Hörnquist Åstrand
2008-12-11 05:11:34 +00:00
429e06d2ec
insert space to please parser
Love Hörnquist Åstrand
2008-12-11 05:11:24 +00:00
b63c408070
plug memory leak
Love Hörnquist Åstrand
2008-12-11 05:11:13 +00:00
60b4ec74d5
dont use leaks kill on non existant process
Love Hörnquist Åstrand
2008-12-11 05:11:02 +00:00
df0cc7d1b4
use leaks-kill.sh
Love Hörnquist Åstrand
2008-12-11 05:10:51 +00:00
be83e7b995
remove leaks-log
Love Hörnquist Åstrand
2008-12-11 05:10:40 +00:00
Love Hörnquist Åstrand