summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/krb5
AgeCommit message (Collapse)AuthorFilesLines
2012-01-12Revert "make paranoia check less paranoid" - check that key types strictly matchAndrew Bartlett1-1/+1
This reverts commit c25af51232616061bb08eea86aae595b4f029490 because otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Jan 12 09:43:07 CET 2012 on sn-devel-104
2012-01-12make hmac-md5 the keyed checksum type for arcfour-hmac-md5Andrew Bartlett1-1/+1
2011-12-12HEIMDAL: Supply krb5_context to _krb5_internal_hmac to allow loggingAndrew Bartlett1-6/+6
Without this, log messages from any abort are not printed to the samba logs. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Dec 12 14:34:16 CET 2011 on sn-devel-104
2011-11-16HEIMDAL:lib/krb5: add utf8 support to build_logon_name() for the PACStefan Metzmacher1-18/+49
Pair-Programmed-With: Arvid Requate <requate@univention.de> metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Nov 16 02:00:12 CET 2011 on sn-devel-104
2011-07-26s4:heimdal: import lorikeet-heimdal-201107241840 (commit ↵Stefan Metzmacher17-29/+69
0fdf11fa3cdb47df9f5393ebf36d9f5742243036)
2011-07-15s4:heimdal: add missing filesStefan Metzmacher2-0/+393
metze
2011-07-15s4:heimdal: import lorikeet-heimdal-201107150856 (commit ↵Stefan Metzmacher68-698/+991
48936803fae4a2fb362c79365d31f420c917b85b)
2011-04-16s4-heimdal: Allow any kvno to match when searching the keytab.Andrew Bartlett1-2/+1
Windows does not use a KVNO when it checks it's passwords, and MIT doesn't check the KVNO when no acceptor identity is specified (looping over all keys in the keytab). Andrew Bartlett
2011-03-14Merge new lorikeet heimdal, revision 85ed7247f515770c73b1f1ced1739f6ce19d75d2Jelmer Vernooij19-238/+244
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Mar 14 23:53:46 CET 2011 on sn-devel-104
2011-02-02s4:heimdal: import lorikeet-heimdal-201101310455 (commit ↵Andrew Bartlett5-19/+49
aa88eb1a05c4985cc23fb65fc1bad75bdce01c1f)
2010-12-17heimdal_build: Add version-script for krb5.Jelmer Vernooij1-0/+769
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Fri Dec 17 21:09:25 CET 2010 on sn-devel-104
2010-12-01s4:heimdal: import lorikeet-heimdal-201012010201 (commit ↵Andrew Bartlett24-1641/+340
81fe27bcc0148d410ca4617f8759b9df1a5e935c)
2010-12-01heimdal: fix for w2000 from lhaAndrew Tridgell1-2/+14
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Dec 1 00:59:59 CET 2010 on sn-devel-104
2010-11-15heimdal Extra files required for merge up to current heimdalAndrew Bartlett17-0/+2946
2010-11-15Add attribute macros for Heimdal to useAndrew Bartlett1-0/+304
Heimdal uses HEIMDAL_NORETURN_ATTRIBUTE and HEIMDAL_PRINTF_ATTRIBUTE, and we need to provide a link between these and Samba's function attribute handling. Andrew Bartlett
2010-11-15s4:heimdal: import lorikeet-heimdal-201011102149 (commit ↵Andrew Bartlett10-2757/+557
5734d03c20e104c8f45533d07f2a2cbbd3224f29)
2010-11-11heimdal Don't dereference NULL in error verify_checksum error pathAndrew Bartlett1-1/+1
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Nov 11 10:37:03 UTC 2010 on sn-devel-104
2010-11-08heimdal: fixed a shadowed variable warning for error_messageAndrew Tridgell1-23/+23
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-02heimdal Add handling for PAC signatures over all encryption typesAndrew Bartlett2-24/+89
There are exceptions from the expected behaviour of 'checksum type matches key type' that we must deal with here, or else we can't serve DES-only servers. Andrew Bartlett
2010-10-03s4:heimdal: import lorikeet-heimdal-201010022046 (commit ↵Andrew Bartlett4-70/+96
1bea031b9404b14114b0272ecbe56e60c567af5c)
2010-10-03s4:heimdal: import lorikeet-heimdal-201009250123 (commit ↵Matthieu Patou36-504/+1057
42cabfb5b683dbcb97d583c397b897507689e382) I based this on Matthieu's import of lorikeet-heimdal, and then updated it to this commit. Andrew Bartlett
2010-09-30heimdal: added verbose logging of hemimdal crypto errorsAndrew Bartlett1-2/+15
2010-09-29heimdal Fix DNS name qualification to not mangle IP addressesAndrew Bartlett1-5/+23
If the host running this code used IPv6 forms for IPv4 addreses then the check for '.' would not be sufficient to determine that this isn't a name we should mangle. Instead, check if it can be parsed as a numeric address first, and only then mangle. Andrew Bartlett
2010-09-27heimdal: avoid DNS search domain expansion Andrew Tridgell1-1/+16
When you have a domain search list in resolv.conf, and one of the DNS servers for a searched domain is uncontactable then we would timeout resolving DNS names. Avoid this by adding a '.' to the hostname if the hostname already has a '.' in it, which we assume to mean it is fully qualified.
2010-04-09s4-krb5: Fix typos in comment.Karolin Seeger1-1/+1
Karolin
2010-03-27s4:heimdal: import lorikeet-heimdal-201003262338 (commit ↵Andrew Bartlett9-34/+103
f4e0dc17709829235f057e0e100d34802d3929ff)
2010-03-27s4:heimdal: import lorikeet-heimdal-201001120029 (commit ↵Andrew Bartlett78-1049/+2082
a5e675fed7c5db8a7370b77ed0bfa724196aa84d)
2010-03-16kerberos - set the memory to "0"s before freeing the password to prevent ↵Matthias Dieter Wallnöfer1-2/+6
security issues
2010-03-16heimdal - remove unused variableMatthias Dieter Wallnöfer1-1/+0
2010-03-16heimdal - fix overlapped identifiers in the "krb5" libraryMatthias Dieter Wallnöfer3-11/+11
2010-03-16heimdal - free always "ctx->password" when it isn't needed anymoreMatthias Dieter Wallnöfer1-1/+3
"strdup" does always create a new object in the memory (through "malloc") which needs to be freed if it isn't used anymore.
2010-02-15s4-heimdal: Fix typos in comment.Karolin Seeger1-1/+1
Karolin
2009-12-14heimdal: work around differences between GNU and XSI strerror_r()Andrew Tridgell1-2/+10
This is a fairly ugly workaround, but then again, strerror_r() is a very ugly mess.
2009-12-08s4-heimdal: fixed a use-after-free heimdal bugAndrew Tridgell1-0/+1
This caused samba4kinit to segfault on some systems
2009-12-08krb5: Fix leaked hx509_context pointerKamen Mazdrashki1-0/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-17s4:heimdal: import lorikeet-heimdal-200911170333 (commit ↵Andrew Bartlett2-13/+7
b532c294d974cead40a1183c71be644c6ccc2832) This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
2009-11-13s4:heimdal: import lorikeet-heimdal-200911122202 (commit ↵Andrew Bartlett17-351/+641
9291fd2d101f3eecec550178634faa94ead3e9a1)
2009-11-13s4:heimdal: import lorikeet-heimdal-200909210500 (commit ↵Andrew Bartlett18-289/+1309
290db8d23647a27c39b97c189a0b2ef6ec21ca69)
2009-08-06s4:heimdal: import lorikeet-heimdal-200908052208 (commit ↵Andrew Bartlett2-13/+1
370a73a74199a5a55188340906e15fd795f67a74) This removes some of the portability changes made to code under heimdal/ If these are still required, then we will re-add them with code under heimdal_build/ (so that we can simply 'drop in' future heimdal releases). Andrew Bartlett
2009-08-05s4:heimdal: import lorikeet-heimdal-200908050050 (commit ↵Andrew Bartlett12-175/+218
8714779fa7376fd9f7761587639e68b48afc8c9c) This also adds a new hdb-glue.c file, to cope with Heimdal's uncondtional enabling of SQLITE. (Very reasonable, but not required for Samba4's use). Andrew Bartlett
2009-07-17s4:heimdal: import lorikeet-heimdal-200907162216 (commit ↵Andrew Bartlett2-1/+18
d09910d6803aad96b52ee626327ee55b14ea0de8) This includes in particular changes to the KDC to resolve bug 6272, originally by Matthieu Patou <mat+Informatique.Samba@matws.net>. We need to sort the AuthorizationData elements to put the PAC first, or else WinXP breaks when browsed from Win2k8. Andrew Bartlett
2009-07-16s4:heimdal: import lorikeet-heimdal-200907152325 (commit ↵Andrew Bartlett4-87/+201
2bef9cd5378c01e9c2a74d6221761883bd11a5c5)
2009-07-03heimdal: don't include <ifaddrs.h> without knowing it's thereBjörn Jacke1-0/+2
this is 73dbbe0d54 re-added. abartlet, please pick this to lorikeet.
2009-06-12s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett91-2729/+4331
904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
2009-02-24Fix the build. Looks like no one ever compiled this on a systemJeremy Allison1-0/+12
with a libintl.h before. Jeremy.
2009-02-24Start fixing Solaris build failures.Jeremy Allison1-1/+1
Jeremy.
2009-01-31heimdal: void functions should not return a valueStefan Metzmacher1-1/+1
metze
2009-01-30heimdal: don't include <ifaddrs.h> without knowing it's thereStefan Metzmacher1-0/+2
metze
2008-11-02Use standard heimdal function for finding interfaces - libreplace provides ↵Jelmer Vernooij1-0/+292
support for the underlying functions now.
2008-10-28s4: import lorikeet-heimdal-200810271034Stefan Metzmacher90-4028/+5197
metze