oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,672 Commits 2 Branches 2 Tags
decd8f4102d68629f2a78ab96605990e4b90f25e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Nicolas Williams decd8f4102 hdb: Support referrals via aliases 
The TGS will issue referrals based on [domain_realm] mappings.

With this change the TGS will also issue referrals based on HDB entry
aliases.

The TGS needed no changes for this, only support in lib/hdb was missing.

All we had to do was return HDB_ERR_WRONG_REALM from hdb_fetch_kvno()
when the given principal is an alias and its canonical name's realm is
different from the alias'.

This feature is important because the KDC currently does not re-read
krb5.conf and must be restarted for changes to e.g., [domain_realm]
mappings to take effect.  As well, making krb5.conf changes to all the
KDCs for a realm would need to be arranged.  But with aliases in the
HDB, these problems go away.

Relatedly, we should really have an option to store the KDC's entire
configuration in the HDB...

Futures:

 - Add support for aliasing of entire namespaces via HDB aliases with
   WELLKNOWN namespace name forms.  This will round out domain-to-realm
   mapping configuration support via HDB.
2021-10-11 13:58:15 -05:00
.github
github: Use GitHub Actions
2021-04-20 12:01:54 -05:00
admin
Fix ktutil weak password for principal creation
2019-01-09 00:14:11 -06:00
appl
libhcrypto: UI_UTIL_FLAG_VERIFY_SILENT
2018-12-30 15:39:49 -06:00
cf
Check CLANG_FORMAT is executable.
2021-09-07 12:50:25 +10:00
doc
doc: add draft-perez-krb-wg-gss-preauth-03.txt
2021-09-23 19:16:35 +10:00
etc
add NTMakefile and windows directories
2011-07-17 12:16:59 -07:00
include
base: use heim_base_atomic_load in heimqueue.h
2020-07-14 09:35:14 +10:00
kadmin
kdc: support for GSS-API pre-authentication
2021-08-12 17:37:01 +10:00
kcm
kcm: Actually implement --socket-path option
2021-03-31 22:59:38 -05:00
kdc
kdc: correctly generate PAC TGS signature
2021-09-23 17:51:51 +10:00
kpasswd
roken_detach_prep() should return fd
2019-10-03 13:09:18 -05:00
kuser
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00
lib
hdb: Support referrals via aliases
2021-10-11 13:58:15 -05:00
packages
windows/installer: code sign all merge modules
2019-01-14 06:12:36 -05:00
po
Fix subject verb agreement in error message...
2018-03-09 17:04:29 -05:00
tests
tests: fix recent test from using system klist
2021-10-08 00:08:14 +11:00
tools
Improve coverage script a bit
2020-04-15 19:05:21 -05:00
windows
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00
.gitignore
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00
.travis.yml
travis: Do not brew update [harder]
2021-03-27 01:08:56 -05:00
acinclude.m4
use m4_define, over-quote string
2004-02-12 14:19:16 +00:00
appveyor.yml
appveyor: Fix build
2021-09-10 09:10:42 +10:00
autogen.sh
check for JSON perl module and if not found ask developer to install it
2014-08-22 21:17:16 -07:00
ChangeLog
We stop writing change logs, see the source code version control systems history log instead
2008-11-12 04:17:33 +00:00
ChangeLog.1998
changes upto 1998
2000-06-07 10:01:25 +00:00
ChangeLog.1999
move older stuff over to ChangeLog.1999
2000-11-17 01:27:17 +00:00
ChangeLog.2000
move older entries to ChangeLog.2000
2001-01-03 01:50:47 +00:00
ChangeLog.2001
changes from 2001
2002-08-21 13:29:08 +00:00
ChangeLog.2002
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2003
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2004
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2005
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2006
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
ChangeLog.2007
switch to utf8 encoding of all files
2008-09-13 08:53:55 +00:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2019-06-07 22:03:05 -04:00
configure.ac
kdc: add sample GSS preauth authorization plugin
2021-08-31 11:00:13 +00:00
krb5.conf
Remove use of krb4 settings in example krb5.conf.
2014-04-28 00:56:18 +02:00
LICENSE
update (c)
2014-08-23 19:14:10 -07:00
Makefile.am
Make builds reproduceable (#336)
2017-09-29 12:37:30 -05:00
Makefile.am.common
move check-local target to cf/Makefile.am.common
2002-05-19 18:35:37 +00:00
NEWS
Fix transit path validation CVE-2017-6594
2017-04-13 18:06:39 -05:00
NTMakefile
Don't build the docs on appveyor
2019-11-20 18:14:44 -05:00
README
Update README mailing lists and links
2020-06-26 11:29:15 -04:00
README.fast
kdc bits
2011-07-24 22:45:55 -07:00
README.md
README: fix typo
2020-06-26 11:30:48 -04:00
SECURITY.md
Update SECURITY.md
2019-06-09 13:43:47 -04:00
TODO
need to fix lib/krb5/expand_path_w32.c
2010-01-05 19:21:45 +01:00

README.md

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows) Coverage Status

Heimdal

Heimdal is an implementation of:

  • ASN.1/DER,
  • PKIX, and
  • Kerberos.

For information how to install see here.

There are man pages for most of the commands.

Bug reports and bugs are appreciated. Use GitHub issues.

For more information see the project homepage https://heimdal.software/heimdal/ or the mailing lists:

heimdal-announce@heimdal.software low-volume announcement heimdal-discuss@heimdal.software high-volume discussion

send mail to heimdal-announce-subscribe@heimdal.software and heimdal-discuss-subscribe@heimdal.software respectively to subscribe.

Build Status

Travis-CI build (Linux, OS X) Appveyor-CI build (Windows)

Reference in New Issue View Git Blame Copy Permalink
Description
Fork of https://github.com/heimdal/heimdal
Readme Multiple Licenses 57 MiB
Languages
C 92.1%
Roff 2.8%
Shell 2.3%
Makefile 0.7%
M4 0.5%
Other 1.4%