oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,937 Commits 3 Branches 2 Tags
10be6a75c4638569d6d564b1acb60f9ef2350550
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Nicolas Williams 10be6a75c4 spnego: Restrict when SANON gets negotiated 
There were cases where we weren't negotiating SANON where we should
have.  But we really don't want to overdo it.  In particular we really
never ever want a user with expired or absent Kerberos credentials (say)
to accidentally negotiate SANON as that will then lead to authorization
errors down the line, and those would be hard to diagnose as they would
be masking the real issue (expired or absent credentials).

So basically either the user passes GSS_C_ANON_FLAG or (and/or) they
call gss_set_neg_mechs() to explicitly request SANON.

Partly authored by me, partly authored by Claude with heavy human
guidance, and reviewed by me.
2026-01-18 16:08:40 -06:00
.github
GHA: Set core pattern on Linux
2026-01-07 16:20:46 -06:00
admin
ktutil: Avoid even doing arithmetic on res after realloc(res, ...).
2023-11-07 14:20:40 -06:00
appl
gssmask: Daemonize the Heimdal way to avoid need for sleeping in the test
2026-01-18 16:08:39 -06:00
cf
roken: Add getdelim()/getline()
2026-01-18 16:08:39 -06:00
doc
doc: Obsolete the Layman's Guide to ASN.1
2026-01-07 17:49:17 -06:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
windows: #define _Atomic
2026-01-18 16:08:39 -06:00
kadmin
kadmin: ext.c -Wcalloc-transposed args
2024-06-04 06:22:37 -04:00
kcm
kcm,kdc/config.c: detect too big max_request sizes (>= 64 MB)
2023-06-20 12:57:28 -05:00
kdc
kdc: Fix memory leak of encrypted preauthentication data
2025-10-09 12:33:43 -04:00
kpasswd
kpasswdd: Fix out-of-bounds read (#1058)
2023-01-04 01:36:02 -06:00
kuser
Add a test for potential DNS leaks via symbol interposition.
2024-01-08 10:22:02 -06:00
lib
spnego: Restrict when SANON gets negotiated
2026-01-18 16:08:40 -06:00
packages
hcrypto: Remove dead MD2 code
2022-11-17 19:20:08 -06:00
po
spelling fixes (underun prefered relase encyption confunder)
2024-06-16 23:28:43 -04:00
tests
ldap: Switch from bdb to mdb
2026-01-18 16:08:40 -06:00
tools
Improve coverage script a bit
2020-04-15 19:05:21 -05:00
windows
Documentation changes for the Windows Build
2022-09-24 20:21:09 +10:00
.gitignore
update .gitignore
2024-09-04 10:24:44 -04:00
.travis.yml
travis: Do not brew update [harder]
2021-03-27 01:08:56 -05:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
appveyor: Use VS 2019 image to get working msys2
2022-01-05 12:59:35 -06:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
Fix spelling
2024-06-16 23:30:48 -04:00
ChangeLog.2006
Fix spelling
2024-06-16 23:30:48 -04:00
ChangeLog.2007
Fix spelling
2024-06-16 23:30:48 -04:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2019-06-07 22:03:05 -04:00
configure.ac
cf: Add --with-mitdb=PATH option
2024-01-16 16:28:35 -06:00
krb5.conf
Update krb5.conf
2023-01-12 10:19:35 -06:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
cf: Add support for using Helgrind
2026-01-07 17:49:17 -06:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Update NEWS
2022-11-15 17:53:54 -06:00
NTMakefile
Don't build the docs on appveyor
2019-11-20 18:14:44 -05:00
README
Update README mailing lists and links
2020-06-26 11:29:15 -04:00
README.fast
krb5: note GSS-API can be used as PA plugin interface
2021-12-17 19:42:35 +11:00
README.md
Update badges at bottom of README.md
2022-02-12 15:00:59 -06:00
SECURITY.md
Update SECURITY.md
2019-06-09 13:43:47 -04:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

GitHub Build Workflow GitHub Build Workflow GitHub Build Workflow Appveyor-CI build (Windows) Coverage Status

Heimdal

Heimdal is an implementation of:

  • ASN.1/DER,
  • PKIX, and
  • Kerberos.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues.

For more information see the project homepage https://heimdal.software/heimdal/ or the mailing lists:

heimdal-announce@heimdal.software low-volume announcement heimdal-discuss@heimdal.software high-volume discussion

send mail to heimdal-announce-subscribe@heimdal.software and heimdal-discuss-subscribe@heimdal.software respectively to subscribe.

Build Status

GitHub Build Workflow GitHub Build Workflow GitHub Build Workflow Appveyor-CI build (Windows) Coverage Status

Reference in New Issue View Git Blame Copy Permalink
Description
Fork of https://github.com/heimdal/heimdal
Readme BSD-3-Clause 64 MiB
Languages
C 91.5%
Roff 3.2%
Shell 2.8%
Makefile 0.6%
M4 0.6%
Other 1.1%