gss-proxy.git/proxy/src/mechglue, branch ntlmssp

Interpose also NTLMSSP mechanism

2014-01-07T02:27:55+00:00

Use secure_getenv in client and mechglue module

2013-11-21T12:48:25+00:00

proxymehc.so may be used in setuid binaries so follow best security
practices and use secure_getenv() if available.
Fallback to poorman emulation when secure_getenv() is not available.

Resolves: https://fedorahosted.org/gss-proxy/ticket/110

Reviewed-by: Günther Deschner

Fix calling gpm_inquire_cred_by_mech

2013-11-19T13:04:09+00:00

We need to pass the real mechanism oid here, not the spcial oid.
special oids are used exclusively by the interposer and gssapi
machinery that calls the interposer, they must never be propagated
to clients or servers.

https://fedorahosted.org/gss-proxy/ticket/107

Reviewed-by: Günther Deschner

Add way to return regular oid from special

2013-11-19T13:04:03+00:00

In some cases we need to pass on the corresponding real oid, after we
are given a special oid.
Add helper functions to do that.

https://fedorahosted.org/gss-proxy/ticket/107

Reviewed-by: Günther Deschner

Fix LOCAL_FIRST behavior

2013-10-18T12:34:46+00:00

We were erroneously returning and never falling back if LOCAL_FIRST was
selected. Correct also the remote first fallback flow.

Resolves: https://fedorahosted.org/gss-proxy/ticket/105

Reviewed-by: Günther Deschner

Coverity fixes.

2013-06-27T16:07:23+00:00

Fix a 4 coverity issues, ranging from memory leaks, to uninitialized
variables, to potential NULL derefernce.
Also a TOCTOU report that is in one of the accessory test scripts.
The bug itself is not reallya TOCTOU, but the check done in the script is
unecessary, so I just removed it.

Signed-off-by: Simo Sorce 
Reviewed-by: Günther Deschner

Disable gss_export_name_composite() for now.

2013-05-16T10:11:42+00:00

We first need to fix our tests and implementation.

Temporary workaround for:
https://fedorahosted.org/gss-proxy/ticket/81

Signed-off-by: Günther Deschner 
Reviewed-by: Simo Sorce

Neutralize gssi_export_name.

2013-05-16T10:04:23+00:00

We do not want to generate an exported name buffer.
Let's the mechglue code in MIT generate it for use from the display name.

Signed-off-by: Simo Sorce 
Reviewed-by: Günther Deschner

Fix typo in gssi_import_name_by_mech().

2013-05-15T11:34:46+00:00

Signed-off-by: Günther Deschner 
Reviewed-by: Simo Sorce

Add --with-gpp-default-behavior configure switch.

2013-05-15T11:34:45+00:00

Only LOCAL_ONLY,LOCAL_FIRST and REMOTE_FIRST allowed.
REMOTE_ONLY is recognized but configure aborts as long as it is not supported.

Signed-off-by: Günther Deschner 
Reviewed-by: Simo Sorce