aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2009-01-03On decrypt, the ivec should be chained from ciphertextmskrb-integSam Hartman1-2/+5
2009-01-03Patch from Luke Howard:Sam Hartman1-3/+8
2009-01-03Luke Howard indicates that ser_sctx.c does not account for the size of the co...Sam Hartman1-1/+1
2009-01-03Revert "integrate Novell patch to always try referrals - I have not reviewed"Sam Hartman1-55/+11
2009-01-03Remove merge issues listSam Hartman1-4/+0
2009-01-03git-svn managed to generate a bogus commit or otherwise get into a state wher...Sam Hartman4-18/+28
2009-01-03fix merge errorSam Hartman1-4/+4
2009-01-03Make dependSam Hartman36-1025/+1366
2009-01-03Merge trunk at 21659Sam Hartman243-35356/+1951
2009-01-03 better application behavior although is somewhat non-intuitive.Sam Hartman2-16/+31
2009-01-03If KRB5_PRINCIPAL_UNPARSE_NO_REALM is specified, don't escape the @Luke Howard1-2/+13
2009-01-02Indent fixupLuke Howard1-2/+2
2009-01-02CleanupLuke Howard1-4/+2
2009-01-02Fix up comment to explain why the kdb keytab is not used in the tgs case any ...Sam Hartman1-4/+2
2009-01-02Handle KDC_ERR_WRONG_REALM in krb5_get_in_tkt() - needs review, notLuke Howard1-1/+38
2009-01-02cleanupLuke Howard1-2/+3
2009-01-02Revert r21667, it breaks authorization data backends that need access toLuke Howard1-0/+13
2009-01-02Validate k_nprincs != 0 before passing a pointer to krbtgtLuke Howard1-2/+2
2009-01-02Using the server name as a hintSam Hartman1-21/+2
2009-01-02Use kdb keytabSam Hartman1-13/+0
2009-01-02KDC always assumes a serverSam Hartman1-1/+1
2009-01-02Don't register any services with portmap.Sam Hartman1-1/+1
2009-01-02Layer gss_sign() on top of gss_get_mic(), gss_verify() on top ofLuke Howard15-119/+70
2009-01-02be sure to decode enc_padataLuke Howard1-0/+1
2009-01-02Only allow the AS-REP server principal to be changed if we requested andLuke Howard1-5/+15
2009-01-02move common macros into int-proto.hLuke Howard4-12/+6
2009-01-02In an AS-REP, only canonicalize the server name if we are returning aLuke Howard1-14/+8
2009-01-01Set KRB5_KDB_FLAG_PKINIT flag, AD backends need this to returnLuke Howard1-0/+3
2009-01-01Refactor by adding find_pa_data() helperLuke Howard2-19/+25
2009-01-01Use KRB5_PRINCIPAL_UNPARSE_NO_REALM for the logon name; cleanupLuke Howard1-9/+9
2009-01-01Only add FD to sstate.rfds if add_XXX_fd() succeedsLuke Howard1-11/+13
2009-01-01Keep krb5_gss_glue.c just for mechanism-specific API; move the rest intoLuke Howard2-492/+488
2009-01-01Back out r2164[78]; although the mech_invoke abstraction is superfluousLuke Howard6-37/+247
2009-01-01remove superfluous commentLuke Howard1-2/+0
2009-01-01remove cruftLuke Howard1-25/+0
2009-01-01fix regression in last commit (use correct OID for inquiring sessionLuke Howard1-9/+7
2009-01-01gssspi_mech_invoke() is superfluous for mech_krb5, it's only useful forLuke Howard5-193/+30
2009-01-01Restore old gss_krb5_ccache_name() implementation, it does not need toLuke Howard3-68/+8
2009-01-01Don't add a socket to sstate.rfds until add_XXX_fd() has returnedLuke Howard1-20/+25
2009-01-01Wrap gss_seal/gss_unseal (V1) on gss_wrap/gss_unrwap (V2), rather thanLuke Howard10-95/+43
2009-01-01Use tgs_ktypes rather than permitted_enctypes for client-side EtypeListLuke Howard1-14/+15
2008-12-31CleanupLuke Howard1-5/+1
2008-12-31skip over KRB5_CRYPTO_TYPE_EMPTY buffers when translating IOVLuke Howard1-0/+6
2008-12-31Correctly distinguish between initiator and acceptor subkey checksumLuke Howard5-59/+104
2008-12-30Previously, we tested explicitly for KRB5_KDB_PWCHANGE_SERVICE whenLuke Howard2-12/+13
2008-12-29cleanupLuke Howard1-4/+7
2008-12-29Don't omit ticket session key enctypes when negotiating enctypesLuke Howard1-5/+2
2008-12-29don't return enc-pa-data if canon flag unsetLuke Howard1-5/+7
2008-12-29Cleanup kg_make_confounder() somewhatLuke Howard1-12/+5
2008-12-28fix a logic error introduced in r21615Luke Howard1-7/+4
generated by cgit v1.1 at 2024-06-28 10:01:06 +0000