Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | _actually_ make the code work with heimdal. | 2011-02-21 | |
| | |||
* | Use different flags for krb5_cc_retrieve_cred if not using MIT Kerberos. | 2011-02-21 | |
| | | | | | | | The fact that the Heimdal and MIT APIs are subtly different strikes again. I am honestly starting to wonder if they make it look this similar just to frustrate people; I only don't believe it because neither team seems like that sort of person. Fixes #74. | ||
* | In the expired tickets case, authent->length is probably gibberish; | 2010-12-11 | |
| | | | | notice->z_authent_authent_len will be zero. | ||
* | rewrite ZMakeZcodeRealmAuthentication to be less ugly and shorter | 2010-08-22 | |
| | | | | | | | | | | | I am becoming increasingly enamored with the fall-through on error clean-up-everything-at-the-end style of C error handling and resource management. Also remove some misleading/useless/wrong comments. (also fix a problem in the tickets expired case where it was using the wrong (possibly undefined) authenticator lengh) | ||
* | fixes for krb5 being more careful about ticket expiration | 2010-08-22 | |
| | | | | | | | | | | | | krb5 actually checks in mk_req and fails if the ticks are expired, rather than giving you an authenticator that would fail and, handing you the session key that you'd already negotiated. This causes (meh) sending auth to fail as opposed to just ending up unauthentic and (poor) verifiable messages to look unauthentic or forged. So get the session key from the ccache without checking the expiration time, and have the cert routine skip making an authenticator if krb5_mk_req_extended says the ticket is expired. | ||
* | simplify error handling | 2009-10-08 | |
| | |||
* | Remove the chock wedging things into DES mode and hopefully redo the ↵ | 2009-07-26 | |
| | | | | | | keyusage stuff such that it actually works. | ||
* | another phantom null | 2009-04-03 | |
| | |||
* | build everything successfully with -Wall -Werror | 2009-03-02 | |
| | |||
* | cleanup various warnings from gcc -Wall | 2008-01-21 | |
| | |||
* | factor out #if 0s and #if 1s | 2008-01-20 | |
| | |||
* | first pass de-K&Rify lib | 2008-01-20 | |
| | |||
* | applied athena-update-branch patch | 2007-12-25 | |
| | |||
* | Remove authenticator caching; it doesn't help much (most notices are | 2002-11-11 | |
| | | | | sent from zwrite sending one notice and exiting). | ||
* | Some RCS ID cleanup: delete $Log$ and replace other RCS keywords with $Id$. | 1999-01-22 | |
| | |||
* | ZEPHYR_USES_KERBEROS -> HAVE_KRB4; ZEPHYR_USES_HESIOD -> HAVE_HESIOD | 1997-10-25 | |
| | |||
* | Pull in sources from zephyr locker. See /mit/zephyr/repository for | 1997-09-14 | |
| | | | | detailed change information. | ||
* | Call Z_FormatRawHeader with six arguments when building without | 1994-12-12 | |
| | | | | Kerberos. | ||
* | Fix a few typos. | 1994-11-01 | |
| | |||
* | Changes for better authentication. | 1994-11-01 | |
| | |||
* | Changed KERBEROS to Z_HaveKerberos | 1993-11-20 | |
| | |||
* | Add register declaration. | 1991-06-20 | |
| | |||
* | Fix from lwvanels to set "last_authent_time" correctly if it was 0 or | 1990-09-04 | |
| | | | | if an error occurred. | ||
* | Permit Kerberos authenticators to be reused if less than two minutes | 1990-07-15 | |
| | | | | | have passed. New function ZResetAuthentication resets this cache. [audited by marc] | ||
* | change rcs id stuff. | 1989-10-02 | |
| | |||
* | Need to set z_ascii_authent for Z_FormatRawHeader. | 1989-10-02 | |
| | |||
* | fix order of include files | 1989-05-25 | |
| | |||
* | #include krb_err.h for definitions. | 1989-05-25 | |
| | |||
* | fix order of setting auth flags [jtkohl] | 1988-09-09 | |
| | |||
* | new args for Z_FormatRawHeader | 1988-06-17 | |
| | |||
* | All sorts of changes for ver 0.2 | 1988-05-17 | |
| | |||
* | Added RCSID | 1987-07-29 | |
| | |||
* | safety | 1987-07-05 | |