git.samba.org
/
lorikeet-heimdal.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅ next
kdc: Return NEVER_VALID error code if ticket will never be valid
2023-05-16
Joseph Sutton
kdc: Return NEVER_VALID error code if ticket will never...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-16
Joseph Sutton
kdc: Always apply maximum ticket lifetime and renew...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-16
Joseph Sutton
hdb: Make maximum ticket lifetime and renew time signed...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-16
Joseph Sutton
kdc: Pass in HDB_F_ARMOR_PRINCIPAL when fetching armor...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-16
Joseph Sutton
hdb: Add flag to indicate a fetch for the client of...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-16
Joseph Sutton
kdc: Have caller pass HDB_F_FOR_TGS_REQ into _kdc_fast_check...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Set PAC as trusted if indicated by the plugin
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
krb5: Add functions to determine whether PAC is trusted
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Move _krb5_pac_get_attributes_info() call to right...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc-plugin: Split updating a PAC out of PAC verification
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Call _kdc_fast_check_armor_pac() prior to calling...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
lib/hdb: Make hdb_enctype2key() parameter const
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
CVE-2022-37966 third_party/heimdal: Fix error message...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
CVE-2022-37967 Add new PAC checksum
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
SAMBA ONLY krb5: Don't generate PAC_ATTRIBUTES_INFO...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
SAMBA ONLY kdc: Always include PAC if it is non-NULL
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Allow requesting no PAC for AS-REQ to non-TGS...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
krb5: Remove UPN_DNS_INFO_EX realm check
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Add function to get current KDC time
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
krb5: Check for signed overflow
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Reinstate publicly accessible configuration structure...
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kuser: Avoid conflicting macro definitions
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Don't conceal error code when using FAST
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
kdc: Send ETYPE-INFO2 instead of PW-SALT for validated...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2023-05-03
Joseph Sutton
lorikeet-heimdal: Move Heimdal into third_party directory
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-17
Joseph Sutton
Introduce macro for common plugin structure elements
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-17
Joseph Sutton
kdc: Check generate_pac() return code
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-17
Joseph Sutton
lib/krb5: Remove __func__ compatibility workaround
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Check for overflow in _gsskrb5_get_mech()
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Check buffer length against...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Check the result of _gsskrb5_get_mech()
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Avoid undefined behaviour in...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Don't pass NULL pointers to...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Use constant-time memcmp() in...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
gsskrb5: CVE-2022-3437 Use constant-time memcmp() for...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-11-15
Joseph Sutton
krb5: CVE-2022-42898 PAC parse integer overflows
Joseph Sutton
<josephsutton@catalyst.net.nz>.
commit
|
commitdiff
|
tree
2022-09-27
Joseph Sutton
lib/krb5: Fix leak in error path
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-09-16
Joseph Sutton
kadm5: Correctly set userAccountControl bits
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-09-16
Joseph Sutton
lib/krb5: Avoid undefined pointer arithmetic
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-04-30
Joseph Sutton
Use constant-time memcmp when comparing sensitive buffers
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-04-30
Joseph Sutton
hcrypto: Use memset_s() when clearing sensitive buffers
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-04-30
Joseph Sutton
hcrypto: Fix typo when clearing context structure
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-03-12
Joseph Sutton
roken: Fix time_t overflow checking
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-03-08
Joseph Sutton
kdc: Add function to add encrypted padata
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-03-08
Joseph Sutton
lib/krb5: Make parameters to PAC functions 'const'
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-01-18
Joseph Sutton
heimdal:base: Don't perform arithmetic on a NULL pointer
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-01-18
Joseph Sutton
heimdal: Avoid overflow when performing bitwise shift...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2022-01-17
Joseph Sutton
kdc: Still prefer encryption types with "not default...
commit
|
commitdiff
|
tree
2021-12-20
Joseph Sutton
kdc: Return error code from _kdc_check_pac() with an...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-20
Joseph Sutton
kdc: Fix NULL pointer dereference on failure to verify...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-17
Joseph Sutton
kdc: Check PAC of armor tickets
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-17
Joseph Sutton
kdc: Don't return PREAUTH_FAILED if encrypted challenge...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Optionally allow missing additional ticket PAC...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Add krb5_is_enctype_old() to determine whether...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Verify PAC in TGT provided for user-to-user authentication
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Check name in request against name in user-to...
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Use sname from request rather than user-to-user...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Move fetching krbtgt entry to before enctype selection
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Check return code
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Avoid races and multiple DB lookups in s4u2self...
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Optionally require that PAC be be present
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Check PAC of armor tickets
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-16
Joseph Sutton
kdc: Make check_PAC() and verify_flags() accessible...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-15
Joseph Sutton
kdc: Don't advertise padata types that will not be...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
kdc: Don't keep trying keys for encrypted-challenge...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
kdc: Check authdata in ticket rather than in request...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
kdc: Add support for explicit armoring from MS-KILE
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
kdc: Allow RODC-issued armor tickets
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
heimdal: Make _krb5_pac_get_kdc_checksum_info() into...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
kdc: Fix leak
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
krb5: Check asprintf return value
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-14
Joseph Sutton
asn1: Fix binary search off-by-one read
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-08
Joseph Sutton
s4/heimdal/lib/krb5/pac.c: Align PAC buffers to match...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-07
Joseph Sutton
heimdal:kdc: Match Windows error code for unsupported...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-07
Joseph Sutton
heimdal:kdc: Properly check for unsupported critical...
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree
2021-12-07
Joseph Sutton
heimdal: Initialise KDC reply
Signed-off-by:
Joseph Sutton
<josephsutton@catalyst.net.nz>
commit
|
commitdiff
|
tree