summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Implement Import/Export cred functionsexport_credSimo Sorce2014-01-123-0/+216
|
* Generalize export_state and related functionsSimo Sorce2014-01-121-75/+82
|
* Expose cred store names in public header file.Simo Sorce2014-01-123-6/+8
| | | | Easier to use from clients this way.
* Implement import context functionSimo Sorce2013-12-151-1/+313
|
* Implement export context functionSimo Sorce2013-12-154-1/+433
| | | | | The Export format version is set to 0.1 Long term keys are not exported.
* Add import/export functions for the RC4 stateSimo Sorce2013-12-152-0/+56
|
* Use RC4 instead of EVP interface of opensslSimo Sorce2013-12-151-49/+10
| | | | | This makes it much easier to export/import the crypto state. In preparation for implemeting import/export of context.
* Fix potential leaks in delete_contextSimo Sorce2013-12-151-0/+6
| | | | | | | | Free RC4 state if any Free workstations tring if any Also make sure to safely zero the struct before freeing to avoid leaking any key material.
* Do not copy creds on the contextSimo Sorce2013-12-152-63/+51
| | | | | There is no need to copy creds around, they are always available or retrievable.
* Fix memleaks in init_sec_contextStefan Becker2013-12-131-1/+3
|
* Fix memory leak with gssntlm_namesSimo Sorce2013-12-131-1/+1
| | | | Thanks to Stefan Becker <chemobejk@gmail.com> for finding this leak.
* Fix NTLM specific cred_store prefixesSimo Sorce2013-11-231-3/+3
| | | | | Can't use ':' in the prefix name as ':' is the separator between prefix and values.
* Add methods to inquire credentialsSimo Sorce2013-10-243-0/+157
| | | | Also add simple sanity check test.
* Add support for NTLMv1 Signing and SealingSimo Sorce2013-10-232-35/+69
| | | | Including tests to verify conformance to MS-NLMP
* Add CRC32 function using Zlib's crc32Simo Sorce2013-10-232-0/+16
|
* Support connectionless signing and sealing.Simo Sorce2013-10-183-11/+104
| | | | | In connectionless mode (GSS_C_DATAGRAM_FLAG on) sealing keys ust be rotated for each message.
* Add way to set sequence numbres.Simo Sorce2013-10-184-0/+77
| | | | | | | | | | | In NTLMSSP connectionless mode applications are supposed to provide the sequence number, however GSSAPI's get_mic and verify_mic functions do not allow to pass an explicit sequence number. Allow to override the context sequence numbers using a custom oid and implemnting gss_set_sec_context_option() Allows the operation only if the context is in connectionless mode.
* Add support for connectionless modeSimo Sorce2013-10-181-46/+117
| | | | | This needs a new GSSAPI flag, for now grab a number and define GSS_C_DATAGRAM_FLAG ourselves.
* Add public devel header fileSimo Sorce2013-10-182-6/+44
| | | | | This contains definitions for various OIDs and flags needed to implemented non-standard features like NTLMSSP Connectionless mode.
* Add special case for enterprise namesSimo Sorce2013-10-181-1/+42
| | | | | | | | | | | | | | | | | | | | | | | | When enterprise names are used they need to be passed with the embedded '@' signed escaped with a '\', when that is done the whole name is used as the user name and the name is not split on the @ or \ characters. These forms are now supported: foo USERNAME: foo DOMAIN: <null> BAR\foo USERNAME: foo DOMAIN: BAR foo@BAR USERNAME: foo DOMAIN: BAR foo\@bar.example.com USERNAME: foo\@bar.example.com DOMAIN: <null>
* Treat NO OID as GSS_C_NT_USER_NAME on importSimo Sorce2013-10-181-3/+6
|
* Fix potential segfault condition in RC4_FREESimo Sorce2013-10-181-1/+1
|
* Fix generation of signing keys and add testsSimo Sorce2013-10-181-1/+1
|
* Add support for gss_acquire_cred_with_password()Simo Sorce2013-10-173-0/+60
|
* Fix handling of NULL domainSimo Sorce2013-10-172-10/+17
| | | | | | | | | Fix segafult in NTOWFv2. When domain is NULL it is just omitted from the NTOWFv2 computation. Fix segfault in accept_sec_context, just make dom_name be an empty string. Fix also memory leaks.
* Fix acquiring creds via cred_storeSimo Sorce2013-10-171-0/+26
| | | | Make sure to set the cred type and copy in the name.
* Add gss_display_name implementationSimo Sorce2013-08-213-0/+85
|
* Add implementation of gss_inquire_contextSimo Sorce2013-08-214-0/+154
| | | | Also add source and target names to the context.
* Add integrity and confidentiality functionsSimo Sorce2013-08-199-7/+547
|
* Basic implementation of accept_sec_contextSimo Sorce2013-08-188-41/+625
| | | | For now works only for satndalone server with access to a password file.
* Add support for server credentialsSimo Sorce2013-07-281-1/+40
|
* Add helper to copy names and gss_duplicate_nameSimo Sorce2013-07-283-0/+92
|
* Internal release nameSimo Sorce2013-07-282-9/+14
|
* Helper function to check lm compatibility levelSimo Sorce2013-07-284-17/+21
| | | | Also stop associating it with th creds struct.
* Fix message type checkSimo Sorce2013-07-283-5/+5
|
* Add gss_context_time() implementationSimo Sorce2013-07-283-1/+35
|
* Helper function to check security context validitySimo Sorce2013-07-283-0/+20
|
* Add expiration time checksSimo Sorce2013-07-282-0/+16
| | | | | | | | | Check Maxlife for challenge response messages. Also add a Maximum lifetime for the context itself based on the same challene/response maximum life. According to MS-NLMP MaxLifetime is 36h on modern Windows OSs, use the same for now.
* Add Credential Store supportSimo Sorce2013-07-283-84/+203
| | | | | This allows a program to feed crdentials directly to GSSAPI from a configuration file, or other means.
* Fix some commentsSimo Sorce2013-07-281-3/+2
|
* Fix target_info length calculationSimo Sorce2013-07-281-10/+10
| | | | | The size of the AV filed itself was missing for each field resulting in a shorter than needed buffer size.
* Always request NTLMSSP_REQUEST_TARGETSimo Sorce2013-07-191-0/+1
| | | | | | | Otherwise Windows 2003 may not return a target_info field for NTLMv2 or a server name for NTLMv1 in the challenge message. Thanks to David Woodhouse for providing help to debug this issue.
* Add NTLMv1 support to context initializationSimo Sorce2013-07-183-6/+73
|
* Add NTLM Crypto support functions for NTLMv1Simo Sorce2013-07-185-4/+324
|
* Implement basic naming functionsSimo Sorce2013-07-183-1/+310
|
* Implement credential handlingSimo Sorce2013-07-186-93/+297
|
* Initial GSS Mechanism code.Simo Sorce2013-07-184-2/+853
| | | | Implements init sec context and basic mechanism initialization.
* NTLM Crypto functionsSimo Sorce2013-07-186-55/+941
| | | | Adds crypto function helpers needed by NTLM authentication
* Initial NTLM message parsing librarySimo Sorce2013-07-162-0/+1721
| | | | Implements functions to encode/decode NTLMSSP packets
* Scheleton to start bulding the GSS-NTLMSSP project.Simo Sorce2013-07-132-0/+48
generated by cgit (git 2.34.1) at 2025-07-03 16:40:50 +0000