aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2009-09-11don't check for NULL-ity before freeinglhoward/s4uLuke Howard1-6/+2
2009-09-11clarify commentsLuke Howard1-14/+26
2009-09-11add some comments about the last commitLuke Howard1-1/+6
2009-09-11More flexible check for S4U2Self client/server name comparisonLuke Howard1-1/+16
2009-09-11remove unused variablesLuke Howard1-4/+0
2009-09-11Match Windows behaviour when rewriting server name in S4U2Self request: don't...Luke Howard1-45/+9
2009-09-11update manual page for S4ULuke Howard1-0/+14
2009-09-11make -P option (S4U2Proxy) dependent on -U (S4U2Self)Luke Howard1-6/+12
2009-09-11update testing notesLuke Howard1-2/+5
2009-09-11merge trunk to 22719Luke Howard83-395/+4865
2009-09-11rename gcvt_fct to pacb_fctLuke Howard2-8/+8
2009-09-11 * add_pa_data_element appears to leave out_padata in an invalid stateLuke Howard1-6/+9
2009-09-11 * s4u_gss.glue.c:kg_get_evidence_ticket is unused; it should beLuke Howard1-20/+0
2009-09-11 * kvno should check for -P without -k after parsing all of theLuke Howard1-6/+7
2009-09-08for S4U2Proxy, set client prinipal to returned S4U2Self princLuke Howard1-1/+1
2009-09-07Don't store S4U referral tickets because they contain user authz data; genera...Luke Howard2-68/+27
2009-09-07cleanup and make spnego use configurableLuke Howard1-33/+77
2009-09-05Remove gss_{add,acquire}_imperso gss_{add,acquire}_cred_impersonate_cred APIsLuke Howard11-797/+0
2009-09-02add PA_S4U_X509_USER to trval_reference.outLuke Howard1-0/+17
2009-09-02Add pa_s4u_x509_user ASN.1 testsLuke Howard8-2/+76
2009-09-01cleanupLuke Howard1-4/+10
2009-08-31we know token_mech_type is non-NULLLuke Howard1-1/+0
2009-08-31test should work with SPNEGO creds nowLuke Howard1-9/+1
2009-08-31implement delegated handling fix as suggested by Nico in krbdev mailLuke Howard2-83/+82
2009-08-31avoid infinite recursion in spnego_gss_inquire_credLuke Howard1-3/+51
2009-08-31ensure we have inquire_cred/inquire_cred_by_oid handlers for SPNEGOLuke Howard2-2/+58
2009-08-31use GSS_KRB5_NT_PRINCIPAL_NAME for proxy targetLuke Howard1-1/+1
2009-08-29plug some leaksLuke Howard1-0/+4
2009-08-29plug some more leaksLuke Howard2-0/+8
2009-08-29fix some leaksLuke Howard2-34/+33
2009-08-28more cleanupLuke Howard1-4/+9
2009-08-28cleanupLuke Howard1-61/+113
2009-08-27add some troubleshooting tipsLuke Howard1-1/+6
2009-08-27don't return delegated S4U creds unless evidence ticket was forwardableLuke Howard1-1/+2
2009-08-27remove previous check; we should never issue non-forwardable proxy credsLuke Howard2-5/+2
2009-08-27reformatLuke Howard1-9/+13
2009-08-27check evidence ticket is forwardable before sending to KDCLuke Howard2-0/+10
2009-08-26backout previous commit; should be KDC_ERR_POLICYLuke Howard1-1/+1
2009-08-26Return KDC_ERR_PATH_NOT_ACCEPTED if constrained delegation attempted between ...Luke Howard1-1/+1
2009-08-25cleanupLuke Howard1-0/+5
2009-08-25cleanupLuke Howard8-36/+75
2009-08-24s/kdc_process_s4u2self_rep/kdc_make_s4u2self_rep/Luke Howard3-13/+13
2009-08-23Add a fail-safe check to ensure a proxy credentials handle is notLuke Howard1-1/+2
2009-08-23In gss_acquire_cred_impersonate_cred(), use krb5_get_credentials() to retrieveLuke Howard1-14/+13
2009-08-22Remove a redundant argument to kg_compose_deleg_cred()Luke Howard3-8/+3
2009-08-22Cleanup, and don't return a "proxy" credential for use with constrainedLuke Howard3-64/+40
2009-08-22consolidate and remove duplicate codeLuke Howard3-85/+43
2009-08-21remote gss_krb5_add_sec_context_delegateeLuke Howard1-1/+0
2009-08-21Refactor to reduce duplicate codeLuke Howard2-160/+123
2009-08-21cleanupLuke Howard1-4/+3
generated by cgit v1.1 at 2024-06-28 09:28:33 +0000