oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,856 Commits 2 Branches 2 Tags
366b787917f1ba0d5b38b79d4626e83d8b1b8b93
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Roland C. Dowdeswell 366b787917 We provide a "derived key" mechanism to allow wildcard princs 
In order to support certain use cases, we implement a mechanism to
allow wildcard principals to be defined and for the KDC to issue
tickets for said principals by deriving a key for them from a
cluster master entry in the HDB.

The way that this works is we defined an entry of the form:

	WELLKNOWN/DERIVED-KEY/KRB5-CRYPTO-PRFPLUS/<hostname>@REALM

When reading from the Kerberos DB, if we can't find an entry for
what looks like a hostbased principal, then we will attempt to
search for a principal of the above form chopping name components
off the front as we search.

If we find an entry, then we derive keys for it by using
krb5_crypto_prfplus() with the entry's key and the principal name
of the request.
2019-09-18 21:20:47 +01:00
.github/ISSUE_TEMPLATE
Create GitHub issue templates
2019-06-07 22:08:39 -04:00
admin
Fix ktutil weak password for principal creation
2019-01-09 00:14:11 -06:00
appl
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
cf
solaris: Define _STDC_C11_BCI for memset_s prototype
2019-05-23 19:04:42 -04:00
doc
kadm5: move password quality checks out of daemons and into libkadm5
2018-12-26 11:04:05 -06:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
Windows: Windows CRT doesn't support %k as format for strftime
2019-05-22 09:47:59 -04:00
kadmin
Fixes #536 - Note that this can cause unexpected behavior with certain
2019-05-30 20:11:58 -04:00
kcm
Add missing initialization of kdc_offset in kcm
2018-12-14 17:05:37 -06:00
kdc
We provide a "derived key" mechanism to allow wildcard princs
2019-09-18 21:20:47 +01:00
kpasswd
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
kuser
Optional backwards-compatible anon-pkinit behaviour
2019-09-04 18:00:15 -04:00
lib
Export krb5_crypto_prfplus() from libkrb5
2019-09-18 21:20:47 +01:00
packages
windows/installer: code sign all merge modules
2019-01-14 06:12:36 -05:00
po
Fix subject verb agreement in error message...
2018-03-09 17:04:29 -05:00
tests
tests/kdc/check-authz still fails
2019-07-09 15:47:12 -05:00
tools
In krb5-config resolve rpath_flag at build-time
2017-03-10 19:23:31 -05:00
windows
Fix rk_mkdir() on WIN32
2018-12-25 22:11:19 -06:00
.gitignore
.gitignore
2019-06-07 22:12:54 -04:00
.travis.yml
Fix Travis after_failure
2019-07-09 15:47:12 -05:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
Appveyor: fix SetEnv.cmd invocation
2019-01-07 11:55:40 -06:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2006
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2007
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2019-06-07 22:03:05 -04:00
configure.ac
Fix build for out-of-source objdir
2019-06-21 11:32:03 -04:00
krb5.conf
Remove use of krb4 settings in example krb5.conf.
2014-04-28 00:56:18 +02:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
Make builds reproduceable (#336)
2017-09-29 12:37:30 -05:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Fix transit path validation CVE-2017-6594
2017-04-13 18:06:39 -05:00
NTMakefile
Appveyor: workaround perl texinfo
2016-01-21 12:43:31 -06:00
README
fixup installation documentation
2009-09-27 18:26:54 -07:00
README.fast
kdc bits
2011-07-24 22:45:55 -07:00
README.md
Add markdown README, build badges
2017-05-16 19:31:09 -05:00
SECURITY.md
Update SECURITY.md
2019-06-09 13:43:47 -04:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Heimdal

Heimdal is a Kerberos 5 implementation.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues or send e-mail to heimdal-bugs@h5l.org.

For more information see the project homepage https://www.h5l.org/ or the mailing lists:

Send e-mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.

Build Status

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Description
Fork of https://github.com/heimdal/heimdal
Readme Multiple Licenses 57 MiB
Languages
C 92.1%
Roff 2.8%
Shell 2.3%
Makefile 0.7%
M4 0.5%
Other 1.4%