aboutsummaryrefslogtreecommitdiff
path: root/src/kdc
AgeCommit message (Expand)AuthorFilesLines
2011-03-15KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284]Tom Yu1-0/+2
2011-03-09Adjust most C source files to match the new standards for copyrightGreg Hudson17-67/+20
2011-03-02Remove some declarations from kdc_preauth.c which are no longer neededGreg Hudson1-9/+0
2011-02-25Make dependGreg Hudson1-50/+43
2011-02-09KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-028...Tom Yu1-1/+2
2010-12-01Implement restrict_anonymous_to_tgt realm flagGreg Hudson3-5/+43
2010-11-01krb5_get_error_message cannot return NULL, and returns "Success" onGreg Hudson2-18/+12
2010-10-19securID code fixesSam Hartman1-0/+1
2010-10-19Remove KDC replay cacheGreg Hudson6-111/+3
2010-10-05CVE-2010-1322 KDC uninitialized pointer crash in authorization data handling ...Tom Yu1-4/+4
2010-10-01Add an error to be returned by a preauth mechanism indicating that the KDC sh...Sam Hartman2-1/+4
2010-10-01Remove support for the old pa-sam-challenge and pa-sam-responseSam Hartman1-725/+0
2010-09-19Slight revisions to create_workers() in the KDC:Greg Hudson1-6/+9
2010-09-17KDC worker processes featureGreg Hudson4-7/+160
2010-09-15kdb: store mkey list in context and permit NULL mkey for kdb_dbe_decrypt_key_...Sam Hartman5-152/+10
2010-09-08Make dependGreg Hudson1-36/+43
2010-09-02Properly search for MANDATORY-FOR-KDC authdata elements. Reported byGreg Hudson1-1/+1
2010-08-29Fix an account lockout error-handling regression by converting theGreg Hudson1-11/+23
2010-08-12In AS replies, set the key-expiration field to the minimum of accountGreg Hudson1-1/+12
2010-07-15Add check_allowed_to_delegate to the DAL with a corresponding libkdb5Greg Hudson1-33/+4
2010-07-15Add refresh_config to the DAL with a corresponding libkdb5 API,Greg Hudson1-3/+1
2010-07-13Addendum to r24185: make audit_as_req return void, since it's anGreg Hudson1-2/+2
2010-07-13Add audit_as_req to the DAL with a corresponding libkdb5 API,Greg Hudson1-27/+2
2010-07-13Add check_policy_as and check_policy_tgs to the DAL table withGreg Hudson2-79/+16
2010-07-12Add check_transited_realms to the DAL table with a correspondingGreg Hudson1-25/+4
2010-07-12Add sign_authdata to the DAL table with a corresponding libkdb5 API,Greg Hudson3-83/+7
2010-07-08Create a KRB5_KDB_FLAG_ALIAS_OK to control whether plugin modulesGreg Hudson2-0/+3
2010-07-07Add a missing break in the parsing of krb5kdc's -P option. ReportedGreg Hudson1-0/+1
2010-07-06Remove count parameters from get_principal, put_principal,Greg Hudson5-305/+173
2010-07-03Use KRB5_PLUGIN_OP_NOTSUPP uniformly as the error code for operationsGreg Hudson3-5/+5
2010-07-02Remove verify_master_key from the DAL table, as well as its associatedGreg Hudson1-17/+0
2010-07-02Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data toGreg Hudson4-23/+20
2010-07-02Remove the set_master_key and get_master_key DAL interfaces and theirGreg Hudson1-5/+0
2010-06-07make dependGreg Hudson1-62/+66
2010-05-24Don't include nul characters in the text we send with krb-errorGreg Hudson2-2/+2
2010-05-04Eliminate the unused realm_dbname field from krb5_realm_paramsGreg Hudson2-3/+0
2010-04-30memory leak in process_tgs_req in r23724Tom Yu1-1/+3
2010-04-22Eliminate a non-useful NULL check in the KDC's dispatch() function.Greg Hudson1-1/+1
2010-04-20Fix CVE-2010-1230 (MITKRB5-SA-2010-004) double-free in KDC triggeredTom Yu1-0/+2
2010-03-17Merge users/raeburn/branches/network-mergeKen Raeburn9-1829/+177
2010-03-16handle NT_SRV_INST in service principal referralsTom Yu1-0/+1
2010-03-05Ignore improperly encoded signedpath AD elementsGreg Hudson1-1/+5
2010-02-18The TGS code was not freeing authdata. This is an old leak which wasGreg Hudson1-2/+3
2010-02-16MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of serviceTom Yu3-1/+8
2010-02-10Followon fixes to r23712:Greg Hudson5-9/+14
2010-02-09enc_padata can include empty sequenceSam Hartman5-84/+61
2010-02-05Fix cross-realm handling of AD-SIGNEDPATHGreg Hudson3-7/+19
2010-01-27Get rid of kdb_ext.h and allow out-of-tree KDB pluginsGreg Hudson2-56/+48
2010-01-12Simplify and fix FAST check for keyed checksum typeGreg Hudson1-15/+4
2010-01-07Always treat anonymous as preauth requiredSam Hartman1-0/+1
generated by cgit v1.1 at 2024-07-09 00:30:37 +0000