oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,953 Commits 2 Branches 2 Tags
472509fd46285504a6d1c7e161f205e85ed5c706
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Nicolas Williams 472509fd46 gsskrb5: Do not leak authenticator on retry 
We have a Heimdal special where when the acceptor sends back an error
token for clock skew or ticket-not-yet-valid errors then the acceptor
application will get GSS_S_CONTINUE_NEEDED from gss_accept_sec_context()
so that the initiator may retry with the same context.

But we were retaining the auth_context, which means that when the
initiator does send a new token, the acceptor leaks memory because
krb5_verify_ap_req2() doesn't clean up the auth_context on reuse.  The
end result is that we leak a lot in those cases.
2022-01-07 21:04:19 -06:00
.github
github: Use GitHub Actions
2021-04-20 12:01:54 -05:00
admin
Fix ktutil weak password for principal creation
2019-01-09 00:14:11 -06:00
appl
Always perform == or != operation on cmp function result
2021-11-24 22:30:44 -05:00
cf
cf: check libdb-6 for db_create
2022-01-03 18:09:08 +11:00
doc
doc: add draft-perez-krb-wg-gss-preauth-03.txt
2021-09-23 19:16:35 +10:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
Windows 10 SDK build fixes
2022-01-05 12:58:48 -06:00
kadmin
hdb: Namespace referrals
2022-01-02 21:40:17 +11:00
kcm
kcm: parse_bytes() returns ssize_t
2021-12-18 11:34:12 +11:00
kdc
kdc: KDC plugin API contract notes
2022-01-05 13:08:11 +11:00
kpasswd
kadm5: Use KADM5_PASS_Q_GENERIC
2021-12-16 10:40:01 +11:00
kuser
kinit: Use optimistic anon PKINIT armored FAST
2021-12-30 18:54:54 +11:00
lib
gsskrb5: Do not leak authenticator on retry
2022-01-07 21:04:19 -06:00
packages
Windows 10 SDK build fixes
2022-01-05 12:58:48 -06:00
po
Fix subject verb agreement in error message...
2018-03-09 17:04:29 -05:00
tests
gss: Add way to set authenticator authz-data
2022-01-08 10:38:01 +11:00
tools
Improve coverage script a bit
2020-04-15 19:05:21 -05:00
windows
gss: Too many compilers don't support 'restrict'
2022-01-05 18:03:39 -06:00
.gitignore
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00
.travis.yml
travis: Do not brew update [harder]
2021-03-27 01:08:56 -05:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
appveyor: Use VS 2019 image to get working msys2
2022-01-05 12:59:35 -06:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2006
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2007
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2019-06-07 22:03:05 -04:00
configure.ac
kdc: fix Windows build
2022-01-04 13:08:35 +11:00
krb5.conf
Remove use of krb4 settings in example krb5.conf.
2014-04-28 00:56:18 +02:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
Make builds reproduceable (#336)
2017-09-29 12:37:30 -05:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Fix transit path validation CVE-2017-6594
2017-04-13 18:06:39 -05:00
NTMakefile
Don't build the docs on appveyor
2019-11-20 18:14:44 -05:00
README
Update README mailing lists and links
2020-06-26 11:29:15 -04:00
README.fast
krb5: note GSS-API can be used as PA plugin interface
2021-12-17 19:42:35 +11:00
README.md
README: fix typo
2020-06-26 11:30:48 -04:00
SECURITY.md
Update SECURITY.md
2019-06-09 13:43:47 -04:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows) Coverage Status

Heimdal

Heimdal is an implementation of:

  • ASN.1/DER,
  • PKIX, and
  • Kerberos.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues.

For more information see the project homepage https://heimdal.software/heimdal/ or the mailing lists:

heimdal-announce@heimdal.software low-volume announcement heimdal-discuss@heimdal.software high-volume discussion

send mail to heimdal-announce-subscribe@heimdal.software and heimdal-discuss-subscribe@heimdal.software respectively to subscribe.

Build Status

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Reference in New Issue View Git Blame Copy Permalink
Description
Fork of https://github.com/heimdal/heimdal
Readme Multiple Licenses 57 MiB
Languages
C 92.1%
Roff 2.8%
Shell 2.3%
Makefile 0.7%
M4 0.5%
Other 1.4%