Age | Commit message (Expand) | Author | Files | Lines |
2009-01-03 | On decrypt, the ivec should be chained from ciphertextmskrb-integ | Sam Hartman | 1 | -2/+5 |
2009-01-03 | Patch from Luke Howard: | Sam Hartman | 1 | -3/+8 |
2009-01-03 | Luke Howard indicates that ser_sctx.c does not account for the size of the co... | Sam Hartman | 1 | -1/+1 |
2009-01-03 | Revert "integrate Novell patch to always try referrals - I have not reviewed" | Sam Hartman | 1 | -55/+11 |
2009-01-03 | Remove merge issues list | Sam Hartman | 1 | -4/+0 |
2009-01-03 | git-svn managed to generate a bogus commit or otherwise get into a state wher... | Sam Hartman | 4 | -18/+28 |
2009-01-03 | fix merge error | Sam Hartman | 1 | -4/+4 |
2009-01-03 | Make depend | Sam Hartman | 36 | -1025/+1366 |
2009-01-03 | Merge trunk at 21659 | Sam Hartman | 243 | -35356/+1951 |
2009-01-03 | better application behavior although is somewhat non-intuitive. | Sam Hartman | 2 | -16/+31 |
2009-01-03 | If KRB5_PRINCIPAL_UNPARSE_NO_REALM is specified, don't escape the @ | Luke Howard | 1 | -2/+13 |
2009-01-02 | Indent fixup | Luke Howard | 1 | -2/+2 |
2009-01-02 | Cleanup | Luke Howard | 1 | -4/+2 |
2009-01-02 | Fix up comment to explain why the kdb keytab is not used in the tgs case any ... | Sam Hartman | 1 | -4/+2 |
2009-01-02 | Handle KDC_ERR_WRONG_REALM in krb5_get_in_tkt() - needs review, not | Luke Howard | 1 | -1/+38 |
2009-01-02 | cleanup | Luke Howard | 1 | -2/+3 |
2009-01-02 | Revert r21667, it breaks authorization data backends that need access to | Luke Howard | 1 | -0/+13 |
2009-01-02 | Validate k_nprincs != 0 before passing a pointer to krbtgt | Luke Howard | 1 | -2/+2 |
2009-01-02 | Using the server name as a hint | Sam Hartman | 1 | -21/+2 |
2009-01-02 | Use kdb keytab | Sam Hartman | 1 | -13/+0 |
2009-01-02 | KDC always assumes a server | Sam Hartman | 1 | -1/+1 |
2009-01-02 | Don't register any services with portmap. | Sam Hartman | 1 | -1/+1 |
2009-01-02 | Layer gss_sign() on top of gss_get_mic(), gss_verify() on top of | Luke Howard | 15 | -119/+70 |
2009-01-02 | be sure to decode enc_padata | Luke Howard | 1 | -0/+1 |
2009-01-02 | Only allow the AS-REP server principal to be changed if we requested and | Luke Howard | 1 | -5/+15 |
2009-01-02 | move common macros into int-proto.h | Luke Howard | 4 | -12/+6 |
2009-01-02 | In an AS-REP, only canonicalize the server name if we are returning a | Luke Howard | 1 | -14/+8 |
2009-01-01 | Set KRB5_KDB_FLAG_PKINIT flag, AD backends need this to return | Luke Howard | 1 | -0/+3 |
2009-01-01 | Refactor by adding find_pa_data() helper | Luke Howard | 2 | -19/+25 |
2009-01-01 | Use KRB5_PRINCIPAL_UNPARSE_NO_REALM for the logon name; cleanup | Luke Howard | 1 | -9/+9 |
2009-01-01 | Only add FD to sstate.rfds if add_XXX_fd() succeeds | Luke Howard | 1 | -11/+13 |
2009-01-01 | Keep krb5_gss_glue.c just for mechanism-specific API; move the rest into | Luke Howard | 2 | -492/+488 |
2009-01-01 | Back out r2164[78]; although the mech_invoke abstraction is superfluous | Luke Howard | 6 | -37/+247 |
2009-01-01 | remove superfluous comment | Luke Howard | 1 | -2/+0 |
2009-01-01 | remove cruft | Luke Howard | 1 | -25/+0 |
2009-01-01 | fix regression in last commit (use correct OID for inquiring session | Luke Howard | 1 | -9/+7 |
2009-01-01 | gssspi_mech_invoke() is superfluous for mech_krb5, it's only useful for | Luke Howard | 5 | -193/+30 |
2009-01-01 | Restore old gss_krb5_ccache_name() implementation, it does not need to | Luke Howard | 3 | -68/+8 |
2009-01-01 | Don't add a socket to sstate.rfds until add_XXX_fd() has returned | Luke Howard | 1 | -20/+25 |
2009-01-01 | Wrap gss_seal/gss_unseal (V1) on gss_wrap/gss_unrwap (V2), rather than | Luke Howard | 10 | -95/+43 |
2009-01-01 | Use tgs_ktypes rather than permitted_enctypes for client-side EtypeList | Luke Howard | 1 | -14/+15 |
2008-12-31 | Cleanup | Luke Howard | 1 | -5/+1 |
2008-12-31 | skip over KRB5_CRYPTO_TYPE_EMPTY buffers when translating IOV | Luke Howard | 1 | -0/+6 |
2008-12-31 | Correctly distinguish between initiator and acceptor subkey checksum | Luke Howard | 5 | -59/+104 |
2008-12-30 | Previously, we tested explicitly for KRB5_KDB_PWCHANGE_SERVICE when | Luke Howard | 2 | -12/+13 |
2008-12-29 | cleanup | Luke Howard | 1 | -4/+7 |
2008-12-29 | Don't omit ticket session key enctypes when negotiating enctypes | Luke Howard | 1 | -5/+2 |
2008-12-29 | don't return enc-pa-data if canon flag unset | Luke Howard | 1 | -5/+7 |
2008-12-29 | Cleanup kg_make_confounder() somewhat | Luke Howard | 1 | -12/+5 |
2008-12-28 | fix a logic error introduced in r21615 | Luke Howard | 1 | -7/+4 |