Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Release 0.3.1v0.3.1 | Simo Sorce | 2014-01-26 | 1 | -1/+1 |
| | |||||
* | Fix segfault in init context. | Simo Sorce | 2014-01-26 | 2 | -6/+11 |
| | | | | | | | | | | | The init context function was improperly initializing the ctx variable (too late) when some early error conditions can happen. Therefore passing to the delete context function a random memory address it would then try to free. This wuld cause a SEGFAULT in most cases. Additionally unfortunately iconv_close() does not follow good practices and blindignly dereferences data, even if the passed in pointer is NULL. So add a check before calling. | ||||
* | Release 0.3.0v0.3.0 | Simo Sorce | 2014-01-12 | 1 | -1/+1 |
| | |||||
* | Implement Import/Export cred functionsexport_cred | Simo Sorce | 2014-01-12 | 3 | -0/+216 |
| | |||||
* | Generalize export_state and related functions | Simo Sorce | 2014-01-12 | 1 | -75/+82 |
| | |||||
* | Expose cred store names in public header file. | Simo Sorce | 2014-01-12 | 3 | -6/+8 |
| | | | | Easier to use from clients this way. | ||||
* | Test export/import context functionsexport_ctx | Simo Sorce | 2013-12-15 | 1 | -0/+35 |
| | |||||
* | Implement import context function | Simo Sorce | 2013-12-15 | 1 | -1/+313 |
| | |||||
* | Implement export context function | Simo Sorce | 2013-12-15 | 5 | -1/+434 |
| | | | | | The Export format version is set to 0.1 Long term keys are not exported. | ||||
* | Add import/export functions for the RC4 state | Simo Sorce | 2013-12-15 | 2 | -0/+56 |
| | |||||
* | Use RC4 instead of EVP interface of openssl | Simo Sorce | 2013-12-15 | 1 | -49/+10 |
| | | | | | This makes it much easier to export/import the crypto state. In preparation for implemeting import/export of context. | ||||
* | Fix potential leaks in delete_context | Simo Sorce | 2013-12-15 | 1 | -0/+6 |
| | | | | | | | | Free RC4 state if any Free workstations tring if any Also make sure to safely zero the struct before freeing to avoid leaking any key material. | ||||
* | Do not copy creds on the context | Simo Sorce | 2013-12-15 | 2 | -63/+51 |
| | | | | | There is no need to copy creds around, they are always available or retrievable. | ||||
* | Fix memleaks in init_sec_context | Stefan Becker | 2013-12-13 | 1 | -1/+3 |
| | |||||
* | Fix memory leak with gssntlm_names | Simo Sorce | 2013-12-13 | 1 | -1/+1 |
| | | | | Thanks to Stefan Becker <chemobejk@gmail.com> for finding this leak. | ||||
* | Fix spec file krb5-libs dep | Simo Sorce | 2013-11-23 | 1 | -1/+1 |
| | |||||
* | Fix NTLM specific cred_store prefixes | Simo Sorce | 2013-11-23 | 1 | -3/+3 |
| | | | | | Can't use ':' in the prefix name as ':' is the separator between prefix and values. | ||||
* | Bump up version number to prerelease level | Simo Sorce | 2013-10-24 | 1 | -1/+1 |
| | |||||
* | Add methods to inquire credentials | Simo Sorce | 2013-10-24 | 4 | -0/+165 |
| | | | | Also add simple sanity check test. | ||||
* | Add support for NTLMv1 Signing and Sealing | Simo Sorce | 2013-10-23 | 3 | -49/+134 |
| | | | | Including tests to verify conformance to MS-NLMP | ||||
* | Add CRC32 function using Zlib's crc32 | Simo Sorce | 2013-10-23 | 4 | -0/+161 |
| | |||||
* | Fix URLs with new upstream locations | Simo Sorce | 2013-10-23 | 1 | -2/+2 |
| | |||||
* | Release 0.2.0v0.2.0 | Simo Sorce | 2013-10-18 | 1 | -1/+1 |
| | |||||
* | Test connectionless contextsconnectionless | Simo Sorce | 2013-10-18 | 1 | -2/+233 |
| | |||||
* | Support connectionless signing and sealing. | Simo Sorce | 2013-10-18 | 3 | -11/+104 |
| | | | | | In connectionless mode (GSS_C_DATAGRAM_FLAG on) sealing keys ust be rotated for each message. | ||||
* | Add way to set sequence numbres. | Simo Sorce | 2013-10-18 | 5 | -0/+81 |
| | | | | | | | | | | | In NTLMSSP connectionless mode applications are supposed to provide the sequence number, however GSSAPI's get_mic and verify_mic functions do not allow to pass an explicit sequence number. Allow to override the context sequence numbers using a custom oid and implemnting gss_set_sec_context_option() Allows the operation only if the context is in connectionless mode. | ||||
* | Add support for connectionless mode | Simo Sorce | 2013-10-18 | 1 | -46/+117 |
| | | | | | This needs a new GSSAPI flag, for now grab a number and define GSS_C_DATAGRAM_FLAG ourselves. | ||||
* | Add public devel header file | Simo Sorce | 2013-10-18 | 4 | -7/+60 |
| | | | | | This contains definitions for various OIDs and flags needed to implemented non-standard features like NTLMSSP Connectionless mode. | ||||
* | Add special case for enterprise names | Simo Sorce | 2013-10-18 | 1 | -1/+42 |
| | | | | | | | | | | | | | | | | | | | | | | | | When enterprise names are used they need to be passed with the embedded '@' signed escaped with a '\', when that is done the whole name is used as the user name and the name is not split on the @ or \ characters. These forms are now supported: foo USERNAME: foo DOMAIN: <null> BAR\foo USERNAME: foo DOMAIN: BAR foo@BAR USERNAME: foo DOMAIN: BAR foo\@bar.example.com USERNAME: foo\@bar.example.com DOMAIN: <null> | ||||
* | Treat NO OID as GSS_C_NT_USER_NAME on import | Simo Sorce | 2013-10-18 | 1 | -3/+6 |
| | |||||
* | Fix potential segfault condition in RC4_FREE | Simo Sorce | 2013-10-18 | 1 | -1/+1 |
| | |||||
* | Fix generation of signing keys and add tests | Simo Sorce | 2013-10-18 | 2 | -1/+184 |
| | |||||
* | Fix symbols export regex to include gssspi_ too. | Simo Sorce | 2013-10-18 | 1 | -1/+1 |
| | | | | Thanks to David Woodhouse for finding out. | ||||
* | Test acquire_cred_with_password | Simo Sorce | 2013-10-17 | 1 | -12/+36 |
| | |||||
* | Add support for gss_acquire_cred_with_password() | Simo Sorce | 2013-10-17 | 3 | -0/+60 |
| | |||||
* | Fix handling of NULL domain | Simo Sorce | 2013-10-17 | 2 | -10/+17 |
| | | | | | | | | | Fix segafult in NTOWFv2. When domain is NULL it is just omitted from the NTOWFv2 computation. Fix segfault in accept_sec_context, just make dom_name be an empty string. Fix also memory leaks. | ||||
* | Fix acquiring creds via cred_store | Simo Sorce | 2013-10-17 | 1 | -0/+26 |
| | | | | Make sure to set the cred type and copy in the name. | ||||
* | Streamline spec file. | Simo Sorce | 2013-10-17 | 1 | -22/+10 |
| | | | | Fixes as requested by Fedora review | ||||
* | Bump up version number afeter 0.1.0 release | Simo Sorce | 2013-10-17 | 1 | -1/+1 |
| | |||||
* | Correct upstream page in spec | Simo Sorce | 2013-10-14 | 1 | -2/+2 |
| | |||||
* | Make version 0.1.0v0.1.0 | Simo Sorce | 2013-10-13 | 1 | -1/+1 |
| | |||||
* | Fix typos in README.txt | Simo Sorce | 2013-10-13 | 1 | -1/+1 |
| | |||||
* | Add more tests. | Simo Sorce | 2013-08-21 | 1 | -0/+30 |
| | | | | Cover gss_inquire_context and gss_display_name implementations. | ||||
* | Add gss_display_name implementation | Simo Sorce | 2013-08-21 | 3 | -0/+85 |
| | |||||
* | Add implementation of gss_inquire_context | Simo Sorce | 2013-08-21 | 4 | -0/+154 |
| | | | | Also add source and target names to the context. | ||||
* | Test Integrity and Confidentiality | Simo Sorce | 2013-08-19 | 1 | -0/+69 |
| | |||||
* | Add integrity and confidentiality functions | Simo Sorce | 2013-08-19 | 10 | -7/+548 |
| | |||||
* | Add testsing of gssntlm mechglue functions | Simo Sorce | 2013-08-18 | 3 | -4/+138 |
| | |||||
* | Basic implementation of accept_sec_context | Simo Sorce | 2013-08-18 | 8 | -41/+625 |
| | | | | For now works only for satndalone server with access to a password file. | ||||
* | Add support for server credentials | Simo Sorce | 2013-07-28 | 1 | -1/+40 |
| |