oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,097 Commits 2 Branches 2 Tags
7df0195c26634576f498f1b5da18c1b479001f1b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Luke Howard 7df0195c26 gss: fix downlevel Windows interop regression 
The recent changes to SPNEGO removed support for GSS_C_PEER_HAS_UPDATED_SPNEGO,
through which the Kerberos mechanism could indicate to SPNEGO that the peer did
not suffer from SPNEGO conformance bugs present in some versions of Windows.*

This patch restores this workaround, documented in [MS-SPNG] Appendix A <7>
Section 3.1.5.1. Whilst improving interoperability with these admittedly now
unsupported versions of Windows, it does introduce a risk that Kerberos with
pre-AES ciphers could be negotiated in lieu of a stronger and more preferred
mechanism.

Note: this patch inverts the mechanism interface from
GSS_C_PEER_HAS_UPDATED_SPNEGO to GSS_C_INQ_PEER_HAS_BUGGY_SPNEGO, so that new
mechanisms (which did not ship with these older versions of Windows) are not
required to implement it.

* Windows 2000, Windows 2003, and Windows XP
2020-04-13 10:26:38 +10:00
.github/ISSUE_TEMPLATE
Create GitHub issue templates
2019-06-07 22:08:39 -04:00
admin
Fix ktutil weak password for principal creation
2019-01-09 00:14:11 -06:00
appl
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
cf
roken: add mergesort_r()
2020-04-12 13:25:09 -05:00
doc
gss: port NegoEx implementation from MIT
2020-02-04 17:28:35 +11:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
Move some infra bits of lib/krb5/ to lib/base/ (2)
2020-03-02 10:56:13 -06:00
kadmin
kadmin: Improve ext_keytab usage
2019-12-06 18:32:15 -06:00
kcm
krb5: Improve cccol sub naming; add gss_store_cred_into2()
2020-03-02 17:48:04 -06:00
kdc
kdc: kx509.c fix build failures
2020-03-08 12:01:35 -04:00
kpasswd
roken_detach_prep() should return fd
2019-10-03 13:09:18 -05:00
kuser
krb5: Fix kinit harder
2020-03-17 19:13:16 -05:00
lib
gss: fix downlevel Windows interop regression
2020-04-13 10:26:38 +10:00
packages
windows/installer: code sign all merge modules
2019-01-14 06:12:36 -05:00
po
Fix subject verb agreement in error message...
2018-03-09 17:04:29 -05:00
tests
Expand tokens in gss cred store "ccache" value
2020-03-18 13:37:13 -05:00
tools
In krb5-config resolve rpath_flag at build-time
2017-03-10 19:23:31 -05:00
windows
Move some infra bits of lib/krb5/ to lib/base/ (2)
2020-03-02 10:56:13 -06:00
.gitignore
Update .gitignore to catch more test remains
2019-11-20 18:14:44 -05:00
.travis.yml
Add bx509d
2019-12-04 21:34:44 -06:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
appveyor: Minor improvements for debugging
2020-03-02 10:56:13 -06:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2006
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2007
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2019-06-07 22:03:05 -04:00
configure.ac
bx509: Tolerate older microhttpd versions
2019-12-20 15:59:21 -06:00
krb5.conf
Remove use of krb4 settings in example krb5.conf.
2014-04-28 00:56:18 +02:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
Make builds reproduceable (#336)
2017-09-29 12:37:30 -05:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Fix transit path validation CVE-2017-6594
2017-04-13 18:06:39 -05:00
NTMakefile
Don't build the docs on appveyor
2019-11-20 18:14:44 -05:00
README
Add bx509d
2019-12-04 21:34:44 -06:00
README.fast
kdc bits
2011-07-24 22:45:55 -07:00
README.md
Update README.md
2020-01-10 15:00:16 -05:00
SECURITY.md
Update SECURITY.md
2019-06-09 13:43:47 -04:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Heimdal

Heimdal is an implementation of:

  • ASN.1/DER,
  • PKIX, and
  • Kerberos.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues.

For more information see the project homepage https://heimdal.software/heimdal/.

Build Status

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Reference in New Issue View Git Blame Copy Permalink
Description
Fork of https://github.com/heimdal/heimdal
Readme Multiple Licenses 57 MiB
Languages
C 92.1%
Roff 2.8%
Shell 2.3%
Makefile 0.7%
M4 0.5%
Other 1.4%