gss-ntlmssp.git, branch crypto_reset

Add context extension to reset crypto state

2016-05-23T15:31:24+00:00

This is need to account for the special handling described in MS-SPNG 3.3.5.1
It instructs sthat the NTLMSSP crypto state needs to be reset if MIC is
performed in the SPNEGO layer.

Optionally reset sequence numbers too.

Signed-off-by: Simo Sorce

Move setting seq numbers to a spearate function

2016-05-23T15:31:24+00:00

In preparation to add another set function.

Signed-off-by: Simo Sorce

Check that we are actually asking for a known oid

2016-05-23T15:31:24+00:00

Do not treat any sec context inquiry the same, check the OID.

Signed-off-by: Simo Sorce

Fix a regression in error handling

2016-05-20T20:03:16+00:00

Commit fb6ffe0c50e166bf095736a051e4840bd5a5ad4f introduced a regression
in acquire_cred_from() where a processing error would be masked and a
GSS_COMPLETE status would be returned instead. This caused a credential
structure to be returned when no credentials are actually available.

Signed-off-by: Simo Sorce 
Reviewed-by: Greg Hudson

Add placeholder inquire_name

2015-06-06T14:49:32+00:00

Otherwise in some cases MIT's GSSAPI can crash after trying to inquire
a name.

For example see: https://github.com/modauthgssapi/mod_auth_gssapi/issues/34

Signed-off-by: Simo Sorce

Add test for accept returning mech

2015-04-20T03:06:23+00:00

Return actual mech on accept context too

2015-04-20T03:05:07+00:00

Related #5

Fix gss_inquire_cred with no creds

2015-04-19T19:29:58+00:00

For GSS_Inquire_cred RFC 2743 specifies:

  Input:
   o  cred_handle CREDENTIAL HANDLE -- if GSS_C_NO_CREDENTIAL
   -- is specified, default initiator credentials are queried

Thanks to Isaac Boukris for the inital patch on which this one is based.

Fixes: https://fedorahosted.org/gss-ntlmssp/ticket/6

Add test to check actual_mech is actually returned

2015-04-04T21:10:15+00:00

Return the actual_mech_type when requested

2015-04-04T20:47:39+00:00

Fixes #5