summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* On decrypt, the ivec should be chained from ciphertextmskrb-integSam Hartman2009-01-031-2/+5
* Patch from Luke Howard:Sam Hartman2009-01-031-3/+8
* Luke Howard indicates that ser_sctx.c does not account for the size of the co...Sam Hartman2009-01-031-1/+1
* Revert "integrate Novell patch to always try referrals - I have not reviewed"Sam Hartman2009-01-031-55/+11
* Remove merge issues listSam Hartman2009-01-031-4/+0
* git-svn managed to generate a bogus commit or otherwise get into a state wher...Sam Hartman2009-01-034-18/+28
* fix merge errorSam Hartman2009-01-031-4/+4
* Make dependSam Hartman2009-01-0336-1025/+1366
* Merge trunk at 21659Sam Hartman2009-01-03243-35356/+1951
* better application behavior although is somewhat non-intuitive.Sam Hartman2009-01-032-16/+31
* If KRB5_PRINCIPAL_UNPARSE_NO_REALM is specified, don't escape the @Luke Howard2009-01-031-2/+13
* Indent fixupLuke Howard2009-01-021-2/+2
* CleanupLuke Howard2009-01-021-4/+2
* Fix up comment to explain why the kdb keytab is not used in the tgs case any ...Sam Hartman2009-01-021-4/+2
* Handle KDC_ERR_WRONG_REALM in krb5_get_in_tkt() - needs review, notLuke Howard2009-01-021-1/+38
* cleanupLuke Howard2009-01-021-2/+3
* Revert r21667, it breaks authorization data backends that need access toLuke Howard2009-01-021-0/+13
* Validate k_nprincs != 0 before passing a pointer to krbtgtLuke Howard2009-01-021-2/+2
* Using the server name as a hintSam Hartman2009-01-021-21/+2
* Use kdb keytabSam Hartman2009-01-021-13/+0
* KDC always assumes a serverSam Hartman2009-01-021-1/+1
* Don't register any services with portmap.Sam Hartman2009-01-021-1/+1
* Layer gss_sign() on top of gss_get_mic(), gss_verify() on top ofLuke Howard2009-01-0215-119/+70
* be sure to decode enc_padataLuke Howard2009-01-021-0/+1
* Only allow the AS-REP server principal to be changed if we requested andLuke Howard2009-01-021-5/+15
* move common macros into int-proto.hLuke Howard2009-01-024-12/+6
* In an AS-REP, only canonicalize the server name if we are returning aLuke Howard2009-01-021-14/+8
* Set KRB5_KDB_FLAG_PKINIT flag, AD backends need this to returnLuke Howard2009-01-011-0/+3
* Refactor by adding find_pa_data() helperLuke Howard2009-01-012-19/+25
* Use KRB5_PRINCIPAL_UNPARSE_NO_REALM for the logon name; cleanupLuke Howard2009-01-011-9/+9
* Only add FD to sstate.rfds if add_XXX_fd() succeedsLuke Howard2009-01-011-11/+13
* Keep krb5_gss_glue.c just for mechanism-specific API; move the rest intoLuke Howard2009-01-012-492/+488
* Back out r2164[78]; although the mech_invoke abstraction is superfluousLuke Howard2009-01-016-37/+247
* remove superfluous commentLuke Howard2009-01-011-2/+0
* remove cruftLuke Howard2009-01-011-25/+0
* fix regression in last commit (use correct OID for inquiring sessionLuke Howard2009-01-011-9/+7
* gssspi_mech_invoke() is superfluous for mech_krb5, it's only useful forLuke Howard2009-01-015-193/+30
* Restore old gss_krb5_ccache_name() implementation, it does not need toLuke Howard2009-01-013-68/+8
* Don't add a socket to sstate.rfds until add_XXX_fd() has returnedLuke Howard2009-01-011-20/+25
* Wrap gss_seal/gss_unseal (V1) on gss_wrap/gss_unrwap (V2), rather thanLuke Howard2009-01-0110-95/+43
* Use tgs_ktypes rather than permitted_enctypes for client-side EtypeListLuke Howard2009-01-011-14/+15
* CleanupLuke Howard2008-12-311-5/+1
* skip over KRB5_CRYPTO_TYPE_EMPTY buffers when translating IOVLuke Howard2008-12-311-0/+6
* Correctly distinguish between initiator and acceptor subkey checksumLuke Howard2008-12-315-59/+104
* Previously, we tested explicitly for KRB5_KDB_PWCHANGE_SERVICE whenLuke Howard2008-12-302-12/+13
* cleanupLuke Howard2008-12-291-4/+7
* Don't omit ticket session key enctypes when negotiating enctypesLuke Howard2008-12-291-5/+2
* don't return enc-pa-data if canon flag unsetLuke Howard2008-12-291-5/+7
* Cleanup kg_make_confounder() somewhatLuke Howard2008-12-291-12/+5
* fix a logic error introduced in r21615Luke Howard2008-12-281-7/+4
View Lorry Controller Status