git.samba.org - lorikeet-heimdal.git/commit

git.samba.org / lorikeet-heimdal.git / commit

author	Luke Howard <lukeh@padl.com>
	Thu, 29 Jul 2021 02:56:10 +0000 (12:56 +1000)
committer	Luke Howard <lukeh@padl.com>
	Thu, 12 Aug 2021 07:37:01 +0000 (17:37 +1000)
commit	49f3f5bd99cdbc538c8d28b1bdfdcb7c98726fbb
tree	b3b865ff4c8a111dccb7b38803671ddd78b2452a	tree
parent	15c82996a4ac3d33beaf13b77e1b8d3efa07f8c0	commit \| diff

kdc: support for GSS-API pre-authentication

Add support for GSS-API pre-authentication to the KDC, using a simplified
variation of draft-perez-krb-wg-gss-preauth-02 that encodes GSS-API context
tokens directly in PADATA, and uses FX-COOKIE for state management.

More information on the protocol and implementation may be found in
lib/gssapi/preauth/README.md.

40 files changed:

doc/standardisation/draft-perez-krb-wg-gss-preauth-02.txt	[new file with mode: 0644]	blob
kadmin/init.c		diff \| blob \| history
kdc/Makefile.am		diff \| blob \| history
kdc/NTMakefile		diff \| blob \| history
kdc/default_config.c		diff \| blob \| history
kdc/digest-service.c		diff \| blob \| history
kdc/fast.c		diff \| blob \| history
kdc/gss_preauth.c	[new file with mode: 0644]	blob
kdc/gss_preauth_authorizer_plugin.h	[new file with mode: 0644]	blob
kdc/headers.h		diff \| blob \| history
kdc/kdc.h		diff \| blob \| history
kdc/kdc_locl.h		diff \| blob \| history
kdc/kerberos5.c		diff \| blob \| history
kdc/negotiate_token_validator.c		diff \| blob \| history
kdc/windc.c		diff \| blob \| history
kuser/Makefile.am		diff \| blob \| history
kuser/kinit.1		diff \| blob \| history
kuser/kinit.c		diff \| blob \| history
kuser/kuser_locl.h		diff \| blob \| history
lib/asn1/krb5.asn1		diff \| blob \| history
lib/gssapi/Makefile.am		diff \| blob \| history
lib/gssapi/NTMakefile		diff \| blob \| history
lib/gssapi/gssapi/gssapi.h		diff \| blob \| history
lib/gssapi/gssapi/gssapi_preauth.h	[new file with mode: 0644]	blob
lib/gssapi/libgssapi-exports.def		diff \| blob \| history
lib/gssapi/mech/gss_mech_switch.c		diff \| blob \| history
lib/gssapi/preauth/README.md	[new file with mode: 0644]	blob
lib/gssapi/preauth/pa_client.c	[new file with mode: 0644]	blob
lib/gssapi/preauth/pa_common.c	[new file with mode: 0644]	blob
lib/gssapi/version-script.map		diff \| blob \| history
lib/krb5/init_creds_pw.c		diff \| blob \| history
lib/krb5/krb5.conf.5		diff \| blob \| history
lib/krb5/krb5.h		diff \| blob \| history
lib/krb5/krb5_err.et		diff \| blob \| history
lib/krb5/krb5_locl.h		diff \| blob \| history
lib/krb5/libkrb5-exports.def.in		diff \| blob \| history
lib/krb5/principal.c		diff \| blob \| history
lib/krb5/version-script.map		diff \| blob \| history
tests/kdc/check-fast.in		diff \| blob \| history
tests/kdc/krb5.conf.in		diff \| blob \| history

Lorikeet-Heimal

RSS Atom