summaryrefslogtreecommitdiffstats
path: root/source4/heimdal/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:heimdal: import lorikeet-heimdal-201012010201 (commit ↵Andrew Bartlett2010-12-0167-2631/+2586
| | | | 81fe27bcc0148d410ca4617f8759b9df1a5e935c)
* heimdal: fix for w2000 from lhaAndrew Tridgell2010-12-011-2/+14
| | | | | Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Dec 1 00:59:59 CET 2010 on sn-devel-104
* s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERYAndrew Tridgell2010-11-171-1/+5
| | | | | | | | | this e_data field in a kerberos error packet tells windows to do clock skew recovery. See [MS-KILE] 2.2.1 KERB-ERROR-DATA Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* heimdal Extra files required for merge up to current heimdalAndrew Bartlett2010-11-1519-0/+4893
|
* heimdal regenate lex and yacc filesAndrew Bartlett2010-11-159-3475/+2672
|
* Add attribute macros for Heimdal to useAndrew Bartlett2010-11-151-0/+304
| | | | | | | | Heimdal uses HEIMDAL_NORETURN_ATTRIBUTE and HEIMDAL_PRINTF_ATTRIBUTE, and we need to provide a link between these and Samba's function attribute handling. Andrew Bartlett
* s4:heimdal: import lorikeet-heimdal-201011102149 (commit ↵Andrew Bartlett2010-11-1545-11202/+1344
| | | | 5734d03c20e104c8f45533d07f2a2cbbd3224f29)
* heimdal Don't dereference NULL in error verify_checksum error pathAndrew Bartlett2010-11-111-1/+1
| | | | | Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Nov 11 10:37:03 UTC 2010 on sn-devel-104
* heimdal: fixed a shadowed variable warning for error_messageAndrew Tridgell2010-11-081-23/+23
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* heimdal Add clock-skew handling to DCE-style GSSAPIAndrew Bartlett2010-11-081-39/+65
| | | | | | | | | | | The clock skew handling was previously only on properly wrapped GSSAPI, and was skipped for DCE-style. This allows the ASN.1 errors from the krb5_rd_req to suggest parsing as a kerberos error packet. Andrew Bartlett Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Nov 8 07:58:09 UTC 2010 on sn-devel-104
* heimdal Add handling for PAC signatures over all encryption typesAndrew Bartlett2010-11-022-24/+89
| | | | | | | | There are exceptions from the expected behaviour of 'checksum type matches key type' that we must deal with here, or else we can't serve DES-only servers. Andrew Bartlett
* s4-heimdal: lex_err_message() should not be staticAndrew Tridgell2010-10-301-2/+2
|
* s4-heimdal: fixed the use of error_message() in heimdalAndrew Tridgell2010-10-3012-47/+49
| | | | | | | | the lex code in heimdal had a function error_message() which conflicts with a function from the com_err library. This replaces it with lex_err_message() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* Add new files for sha512 supportAndrew Bartlett2010-10-031-0/+274
|
* s4:heimdal: import lorikeet-heimdal-201010022046 (commit ↵Andrew Bartlett2010-10-0319-106/+389
| | | | 1bea031b9404b14114b0272ecbe56e60c567af5c)
* s4:heimdal: import lorikeet-heimdal-201009250123 (commit ↵Matthieu Patou2010-10-03376-1634/+34086
| | | | | | | | | 42cabfb5b683dbcb97d583c397b897507689e382) I based this on Matthieu's import of lorikeet-heimdal, and then updated it to this commit. Andrew Bartlett
* heimdal: added verbose logging of hemimdal crypto errorsAndrew Bartlett2010-09-301-2/+15
|
* heimdal: fixed timegm UTC/GMT bugAndrew Tridgell2010-09-281-15/+6
| | | | | | | | | | | This was a wonderful bug! On some Fedora systems, but not on Ubuntu, there is a difference between UTC and GMT. Heimdal replaced timegm() with _der_timegm() which did not account for that difference (which is 24 seconds at the moment). This led to a mutual authentication failure. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* heimdal Use a seperate krb5_auth_context for the delegated credentialsAndrew Bartlett2010-09-283-1/+35
| | | | | | | If we re-use this context, we overwrite the timestamp while talking to the KDC and fail the mutual authentiation with the target server. Andrew Bartlett
* heimdal Fix DNS name qualification to not mangle IP addressesAndrew Bartlett2010-09-291-5/+23
| | | | | | | | | If the host running this code used IPv6 forms for IPv4 addreses then the check for '.' would not be sufficient to determine that this isn't a name we should mangle. Instead, check if it can be parsed as a numeric address first, and only then mangle. Andrew Bartlett
* heimdal Add an error code for use in the RODCAndrew Bartlett2010-09-291-0/+1
| | | | | | | | | | In this case, the whole request packet should be forwarded to a real KDC, with full secrets, as we don't have the password. This could also be used to implement 'play dead when the LDAP server is down'. Andrew Bartlett
* heimdal Add support for extracting a particular KVNO from the databaseAndrew Bartlett2010-09-292-2/+3
| | | | | | | | | This should allow master key rollover. (but the real reason is to allow multiple krbtgt accounts, as used by Active Directory to implement RODC support) Andrew Bartlett
* heimdal: avoid DNS search domain expansion Andrew Tridgell2010-09-271-1/+16
| | | | | | | | | When you have a domain search list in resolv.conf, and one of the DNS servers for a searched domain is uncontactable then we would timeout resolving DNS names. Avoid this by adding a '.' to the hostname if the hostname already has a '.' in it, which we assume to mean it is fully qualified.
* s4-heimdal: Fix typo in comment.Karolin Seeger2010-06-011-1/+1
| | | | Karolin
* s4:heimdal: remove unused heimdal/lib/hcrypto/evp-cc.cStefan Metzmacher2010-05-111-659/+0
| | | | metze
* s4-heimdal: Fix typo in comment.Karolin Seeger2010-04-131-1/+1
| | | | Karolin
* s4:heimdal Add hooks to check with the DB before we allow s4u2selfAndrew Bartlett2010-04-101-1/+6
| | | | | | | | This allows us to resolve multiple forms of a name, allowing for example machine$@REALM to get an S4U2Self ticket for host/machine@REALM. Andrew Bartlett
* s4-krb5: Fix typos in comment.Karolin Seeger2010-04-091-1/+1
| | | | Karolin
* s4:heimal Update generated files (cp from Heimdal)Andrew Bartlett2010-03-275-477/+459
|
* s4:heimdal: import lorikeet-heimdal-201003262338 (commit ↵Andrew Bartlett2010-03-2729-134/+365
| | | | f4e0dc17709829235f057e0e100d34802d3929ff)
* s4:heimdal New files and supporting logic for heimdal updateAndrew Bartlett2010-03-274-0/+1353
|
* s4:heimdal: import lorikeet-heimdal-201001120029 (commit ↵Andrew Bartlett2010-03-27210-1755/+3816
| | | | a5e675fed7c5db8a7370b77ed0bfa724196aa84d)
* kerberos - set the memory to "0"s before freeing the password to prevent ↵Matthias Dieter Wallnöfer2010-03-161-2/+6
| | | | security issues
* heimdal - remove unused variableMatthias Dieter Wallnöfer2010-03-161-1/+0
|
* heimdal - fix overlapped identifiers in the "krb5" libraryMatthias Dieter Wallnöfer2010-03-163-11/+11
|
* heimdal - free always "ctx->password" when it isn't needed anymoreMatthias Dieter Wallnöfer2010-03-161-1/+3
| | | | | "strdup" does always create a new object in the memory (through "malloc") which needs to be freed if it isn't used anymore.
* s4-heimdal: Fix typos in comment.Karolin Seeger2010-02-151-1/+1
| | | | Karolin
* s4:heimdal: regerenate filesStefan Metzmacher2010-02-089-173/+218
| | | | | | | Andrew using cp like in commit ca12e7bc8ff4a91f2044c0a60550fec902e97a78 is wrong as that removes #include "config.h" and breaks the build on AIX. metze
* heimdal: work around differences between GNU and XSI strerror_r()Andrew Tridgell2009-12-141-2/+10
| | | | | This is a fairly ugly workaround, but then again, strerror_r() is a very ugly mess.
* s4-heimdal: fixed a use-after-free heimdal bugAndrew Tridgell2009-12-081-0/+1
| | | | This caused samba4kinit to segfault on some systems
* krb5: Fix leaked hx509_context pointerKamen Mazdrashki2009-12-081-0/+4
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4:heimdal: import lorikeet-heimdal-200911170333 (commit ↵Andrew Bartlett2009-11-179-25/+8
| | | | | | | | | | b532c294d974cead40a1183c71be644c6ccc2832) This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
* s4:heimdal Import generated files from heimdal treeAndrew Bartlett2009-11-139-827/+1185
| | | | We should be able to rebuild these, but a cp is easier :-)
* s4:heimdal: import lorikeet-heimdal-200911122202 (commit ↵Andrew Bartlett2009-11-1350-484/+936
| | | | 9291fd2d101f3eecec550178634faa94ead3e9a1)
* s4:heimdal: import lorikeet-heimdal-200909210500 (commit ↵Andrew Bartlett2009-11-13132-2079/+3967
| | | | 290db8d23647a27c39b97c189a0b2ef6ec21ca69)
* heimdal - hdb/ext.c - fix a "shadows variable" warningMatthias Dieter Wallnöfer2009-10-211-4/+4
| | | | | Renamed the variable "str" in the nested block to "str2" to prevent the collision with "str" in the main function block.
* s4:heimdal A real fix for bug 6801Andrew Bartlett2009-10-141-3/+3
| | | | | | | The issue was that we would free the entry after the database, not knowing that the entry was a talloc child of the database. Andrew Bartlett
* heimdal - fix various warningsMatthias Dieter Wallnöfer2009-10-036-21/+21
| | | | | | | | | - Shadowed variables - "const" related warnings - Parameter names which shadow function declarations - Non-void functions which have no return value (patch also ported upstream)
* s4:heimdal/gssapi/krb5: set cred_handle in _gsskrb5_import_credStefan Metzmacher2009-09-181-0/+1
| | | | metze
* s4:heimdal: import lorikeet-heimdal-200908052208 (commit ↵Andrew Bartlett2009-08-0631-114/+30
| | | | | | | | | | | | | 370a73a74199a5a55188340906e15fd795f67a74) This removes some of the portability changes made to code under heimdal/ If these are still required, then we will re-add them with code under heimdal_build/ (so that we can simply 'drop in' future heimdal releases). Andrew Bartlett
generated by cgit (git 2.34.1) at 2025-06-16 11:53:59 +0000