oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
77f33c1fde53fe437e9c3677c85a08ba47fc76c7
heimdal/lib/gssapi/mech
History
Nicolas Williams be708ca3cf gsskrb5: Add simple name attributes support 
This adds Kerberos mechanism support for:

 - composite principal name export/import
 - getting rudimentary name attributes from GSS names using
   gss_get_name_attribute():
    - all (raw) authorization data from the Ticket
    - all (raw) authorization data from the Authenticator
    - transit path
    - realm
    - component count
    - each component
 - gss_inquire_name()
 - gss_display_name_ext() (just for the hostbased service name type
                           though)

The test exercises almost all of the functionality, except for:

 - getting the PAC
 - getting authz-data from the Authenticator
 - getting the transit path

TBD (much) later:

 - amend test_context to do minimal name attribute checks as well
 - gss_set_name_attribute() (to request authz-data)
 - gss_delete_name_attribute()
 - getting specific authorization data elements via URN fragments (as
   opposed to all of them)
 - parsing the PAC, extracting SIDs (each one as a separate value)
 - some configurable local policy (?)
 - plugin interface for additional local policy
2022-01-01 23:30:15 -06:00
..
compat.h
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
context.c
Check some error returns from *asprintf()
2020-05-27 21:54:26 -04:00
context.h
gss_accept_sec_context: support reassembling split tokens.
2021-08-07 18:54:56 +10:00
cred.c
Properly implement neg_mechs & GM_USE_MG_CRED (fix)
2020-04-21 19:51:55 -05:00
cred.h
Properly implement neg_mechs & GM_USE_MG_CRED
2020-04-21 00:21:32 -05:00
doxygen.c
Fix some Doxygen warnings
2016-12-14 22:05:46 -06:00
gss_accept_sec_context.c
gss_accept_sec_context: support reassembling split tokens.
2021-08-07 18:54:56 +10:00
gss_acquire_cred_from.c
gss: treat empty cred store as GSS_C_NO_CRED_STORE
2021-08-05 15:53:18 +10:00
gss_acquire_cred_impersonate_name.c
Add stub for gss_acquire_cred_impersonate_name().
2021-10-19 20:45:40 +11:00
gss_acquire_cred_with_password.c
gssapi: credential store extensions (#451)
2019-01-03 14:38:39 -06:00
gss_acquire_cred.c
gssapi: credential store extensions (#451)
2019-01-03 14:38:39 -06:00
gss_add_cred_from.c
Properly implement neg_mechs & GM_USE_MG_CRED
2020-04-21 00:21:32 -05:00
gss_add_cred_with_password.c
gssapi: credential store extensions (#451)
2019-01-03 14:38:39 -06:00
gss_add_cred.c
gssapi: credential store extensions (#451)
2019-01-03 14:38:39 -06:00
gss_add_oid_set_member.c
gss: intern OID before adding to OID set
2020-04-21 00:13:50 -05:00
gss_aeap.c
gss: __gss_c_attr_stream_sizes_oid_desc declspec
2020-04-11 10:04:43 +10:00
gss_authorize_localname.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_buffer_set.c
Warning fixes from Christos Zoulas
2011-04-29 20:25:05 -07:00
gss_canonicalize_name.c
spnego: Also use mechglue names
2020-04-25 21:22:32 -05:00
gss_compare_name.c
gss: pass GSS_C_NO_OID name type through to mechanism
2022-01-02 16:28:20 +11:00
gss_context_time.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gss_create_empty_oid_set.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_cred.c
gss: cast HEIM_ERR_EOF to OM_uint32 before check (2)
2021-08-12 09:20:22 +10:00
gss_decapsulate_token.c
gss: fix gss_decapsulate_token() return codes
2020-04-17 11:11:43 +10:00
gss_delete_name_attribute.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_delete_sec_context.c
gss_accept_sec_context: support reassembling split tokens.
2021-08-07 18:54:56 +10:00
gss_destroy_cred.c
gss: fix copy/paste error in gss_destroy_cred()
2020-04-11 10:02:09 +10:00
gss_display_name_ext.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_display_name.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_display_status.c
gss: avoid string concatenation warning in error message init
2021-05-17 10:09:01 +10:00
gss_duplicate_cred.c
gss: use _gss_secure_release_buffer_[set]
2020-04-15 16:23:17 +10:00
gss_duplicate_name.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_duplicate_oid_set.c
Add gss_duplicate_oid_set()
2020-04-21 00:13:50 -05:00
gss_duplicate_oid.c
gss: intern OIDs (#447)
2018-12-18 23:28:38 -06:00
gss_encapsulate_token.c
remove trailing whitespace
2011-05-21 11:57:31 -07:00
gss_export_name_composite.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_export_name.c
gss: merge Apple name helper APIs
2020-02-04 17:28:35 +11:00
gss_export_sec_context.c
gss: add oid/buffer storage helpers to mechglue
2021-08-10 10:16:54 +10:00
gss_get_mic.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gss_get_name_attribute.c
gss: merge Apple name helper APIs
2020-02-04 17:28:35 +11:00
gss_get_neg_mechs.c
Properly implement neg_mechs & GM_USE_MG_CRED
2020-04-21 00:21:32 -05:00
gss_import_name.c
gsskrb5: Add simple name attributes support
2022-01-01 23:30:15 -06:00
gss_import_sec_context.c
gss: add oid/buffer storage helpers to mechglue
2021-08-10 10:16:54 +10:00
gss_indicate_mechs.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_init_sec_context.c
spnego: Also use mechglue names
2020-04-25 21:22:32 -05:00
gss_inquire_context.c
spnego: Also use mechglue names
2020-04-25 21:22:32 -05:00
gss_inquire_cred_by_mech.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_inquire_cred_by_oid.c
gss: fix typo regression in setting minor_status
2020-04-16 10:44:04 +10:00
gss_inquire_cred.c
gss: avoid overflow in gss_inquire_cred()
2021-08-06 12:23:50 +10:00
gss_inquire_mechs_for_name.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_inquire_name.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_inquire_names_for_mech.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_inquire_sec_context_by_oid.c
gssapi: remove non-mech status from _gss_mg_error() from Heimdal-520
2019-01-03 14:38:39 -06:00
gss_krb5.c
gss: implement gss_krb5_ccache_name()
2021-09-06 13:26:55 +10:00
gss_mech_switch.c
Add stub for gss_acquire_cred_impersonate_name().
2021-10-19 20:45:40 +11:00
gss_mo.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_names.c
spnego: Also use mechglue names
2020-04-25 21:22:32 -05:00
gss_oid_equal.c
remove trailing whitespace
2011-05-21 11:57:31 -07:00
gss_oid_to_str.c
gss: merge gss_name_to_oid and gss_mg_name_to_oid
2021-08-08 11:37:09 +10:00
gss_oid.c
gss: SAnon - the Simple Anonymous GSS-API mechanism
2020-04-25 23:19:30 -05:00
gss_pname_to_uid.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_process_context_token.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gss_pseudo_random.c
gssapi: remove non-mech status from _gss_mg_error() from Heimdal-520
2019-01-03 14:38:39 -06:00
gss_release_buffer.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_release_cred.c
gssapi: import mechglue allocation utility functions from Heimdal-520
2019-01-03 14:38:39 -06:00
gss_release_name.c
gssapi: import mechglue allocation utility functions from Heimdal-520
2019-01-03 14:38:39 -06:00
gss_release_oid_set.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_release_oid.c
gss: intern OIDs (#447)
2018-12-18 23:28:38 -06:00
gss_rfc4121.c
gss: GSS_KRB5_IMPORT_RFC4121_CONTEXT_X / _gss_mg_import_rfc4121_context()
2020-04-17 11:04:33 +10:00
gss_seal.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_set_cred_option.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_set_name_attribute.c
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
gss_set_neg_mechs.c
Properly implement neg_mechs & GM_USE_MG_CRED
2020-04-21 00:21:32 -05:00
gss_set_sec_context_option.c
gss: allow gss_set_sec_context_option() to allocate a context
2020-04-14 17:03:58 +10:00
gss_sign.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_store_cred_into.c
krb5: Improve cccol sub naming; add gss_store_cred_into2()
2020-03-02 17:48:04 -06:00
gss_store_cred.c
Use UTF-8 in KTH copyright notice
2021-11-29 12:50:26 +11:00
gss_test_oid_set_member.c
Warning fixes from Christos Zoulas
2011-04-29 20:25:05 -07:00
gss_unseal.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_unwrap.c
gssapi: import bugfixes from Apple Heimdal-520
2019-01-03 17:53:25 +11:00
gss_utils.c
gss: add oid/buffer storage helpers to mechglue
2021-08-10 10:16:54 +10:00
gss_verify_mic.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gss_verify.c
Fix calling conventions for Windows
2010-08-20 13:14:10 -04:00
gss_wrap_size_limit.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gss_wrap.c
First attempt s/\<const gss_.*_t/gss_const_.*_t/g
2013-06-02 15:30:58 -05:00
gssapi.asn1
asn1: X.681/682/683 magic handling of open types
2021-02-28 18:13:08 -06:00
gssspi_exchange_meta_data.c
gss: honor allocated_ctx in gss_{exchange,query}_meta_data
2020-04-16 17:22:37 +10:00
gssspi_query_mechanism_info.c
gss: port NegoEx implementation from MIT
2020-02-04 17:28:35 +11:00
gssspi_query_meta_data.c
gss: honor allocated_ctx in gss_{exchange,query}_meta_data
2020-04-16 17:22:37 +10:00
mech_locl.h
gss: port NegoEx implementation from MIT
2020-02-04 17:28:35 +11:00
mech_switch.h
gss: use tail queue instead of singly linked list in mechglue
2020-02-04 17:28:35 +11:00
mech.5
Misc fixes to man pages
2017-03-13 18:39:41 -04:00
name.h
gss: merge Apple name helper APIs
2020-02-04 17:28:35 +11:00
utils.h
gss: add oid/buffer storage helpers to mechglue
2021-08-10 10:16:54 +10:00