oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,798 Commits 2 Branches 2 Tags
38c797e1ae9b9c8f99ae4aa2e73957679031fd2b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Luke Howard 38c797e1ae krb5: always confirm PA-PKINIT-KX for anon PKINIT 
RFC8062 Section 7 requires verification of the PA-PKINIT-KX key excahnge
when anonymous PKINIT is used.  Failure to do so can permit an active
attacker to become a man-in-the-middle.

Introduced by a1ef548600.  First tagged
release Heimdal 1.4.0.

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N (4.8)

Change-Id: I6cc1c0c24985936468af08693839ac6c3edda133
Signed-off-by: Jeffrey Altman <jaltman@auristor.com>
Approved-by: Jeffrey Altman <jaltman@auritor.com>
2019-05-14 15:52:24 -04:00
admin
Fix ktutil weak password for principal creation
2019-01-09 00:14:11 -06:00
appl
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
cf
WIN32: hint noreturn functions
2019-01-02 10:23:39 -06:00
doc
kadm5: move password quality checks out of daemons and into libkadm5
2018-12-26 11:04:05 -06:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
lib/hx509: declare and apply HX509_LIB_xxx macros
2019-01-02 10:23:39 -06:00
kadmin
Fix wrong keepold default in kadmin and ktutil
2019-01-09 00:14:11 -06:00
kcm
Add missing initialization of kdc_offset in kcm
2018-12-14 17:05:37 -06:00
kdc
CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum
2019-05-14 15:52:24 -04:00
kpasswd
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
kuser
krb5: krb5_get_init_creds_opt_set_pkinit flag names
2019-05-14 15:16:19 -04:00
lib
krb5: always confirm PA-PKINIT-KX for anon PKINIT
2019-05-14 15:52:24 -04:00
packages
windows/installer: code sign all merge modules
2019-01-14 06:12:36 -05:00
po
Fix subject verb agreement in error message...
2018-03-09 17:04:29 -05:00
tests
kuser: support authenticated anonymous AS-REQs in kinit
2019-05-14 15:16:19 -04:00
tools
In krb5-config resolve rpath_flag at build-time
2017-03-10 19:23:31 -05:00
windows
Fix rk_mkdir() on WIN32
2018-12-25 22:11:19 -06:00
.gitignore
Remove rk_getpw*_r() functions
2018-12-25 22:11:19 -06:00
.travis.yml
One more Travis fix
2019-01-04 11:30:53 -06:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
Appveyor: fix SetEnv.cmd invocation
2019-01-07 11:55:40 -06:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2006
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2007
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
configure.ac
Use roken_get_*() instead of getpwuuid()
2018-12-25 22:11:19 -06:00
krb5.conf
Remove use of krb4 settings in example krb5.conf.
2014-04-28 00:56:18 +02:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
Make builds reproduceable (#336)
2017-09-29 12:37:30 -05:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Fix transit path validation CVE-2017-6594
2017-04-13 18:06:39 -05:00
NTMakefile
Appveyor: workaround perl texinfo
2016-01-21 12:43:31 -06:00
README
fixup installation documentation
2009-09-27 18:26:54 -07:00
README.fast
kdc bits
2011-07-24 22:45:55 -07:00
README.md
Add markdown README, build badges
2017-05-16 19:31:09 -05:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Heimdal

Heimdal is a Kerberos 5 implementation.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues or send e-mail to heimdal-bugs@h5l.org.

For more information see the project homepage https://www.h5l.org/ or the mailing lists:

Send e-mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.

Build Status

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Description
Fork of https://github.com/heimdal/heimdal
Readme Multiple Licenses 57 MiB
Languages
C 92.1%
Roff 2.8%
Shell 2.3%
Makefile 0.7%
M4 0.5%
Other 1.4%