cyrus-sasl.git
5 years agoGSS_S_PROMPTING_NEEDED is a bit master
Luke Howard [Sat, 4 Jan 2014 02:12:22 +0000 (13:12 +1100)]
GSS_S_PROMPTING_NEEDED is a bit

5 years agoGSS_S_PROMPTING_NEEDED support
Luke Howard [Sat, 4 Jan 2014 02:02:40 +0000 (13:02 +1100)]
GSS_S_PROMPTING_NEEDED support

6 years agoallow non-PLUS mech if mech doesn't support mutual
Luke Howard [Mon, 14 Jan 2013 22:46:46 +0000 (09:46 +1100)]
allow non-PLUS mech if mech doesn't support mutual

6 years agocheck for HAVE_GSSAPI_GSSAPI_EXT_H
Luke Howard [Wed, 9 Jan 2013 06:13:44 +0000 (17:13 +1100)]
check for HAVE_GSSAPI_GSSAPI_EXT_H

6 years agoMerge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/cyrus-sasl
Luke Howard [Mon, 7 Jan 2013 08:00:00 +0000 (19:00 +1100)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/cyrus-sasl

Conflicts:
plugins/gs2.c

6 years agodisable mutual flag requirement
Luke Howard [Sat, 5 Jan 2013 04:07:24 +0000 (15:07 +1100)]
disable mutual flag requirement

6 years agosupport mechanisms that do not support mutual auth
Luke Howard [Fri, 4 Jan 2013 22:17:01 +0000 (09:17 +1100)]
support mechanisms that do not support mutual auth

7 years agoRevert unneeded change
Pete Fotheringham [Mon, 2 Jan 2012 06:05:03 +0000 (06:05 +0000)]
Revert unneeded change

7 years agoMerge branch 'master', remote-tracking branch 'origin'
Pete Fotheringham [Sun, 1 Jan 2012 17:55:26 +0000 (17:55 +0000)]
Merge branch 'master', remote-tracking branch 'origin'

7 years agoMerge branch 'master' of ssh://moonshot-v4/srv/git/cyrus-sasl
Pete Fotheringham [Sun, 1 Jan 2012 17:33:12 +0000 (17:33 +0000)]
Merge branch 'master' of ssh://moonshot-v4/srv/git/cyrus-sasl

7 years agoMerge branch 'master' of ssh://moonshot-v4/srv/git/cyrus-sasl
Pete Fotheringham [Sun, 1 Jan 2012 17:33:12 +0000 (17:33 +0000)]
Merge branch 'master' of ssh://moonshot-v4/srv/git/cyrus-sasl

7 years agoIn Mac OS, create the Framework in $(DESTDIR) not in /
Pete Fotheringham [Fri, 30 Dec 2011 15:36:48 +0000 (15:36 +0000)]
In Mac OS, create the Framework in $(DESTDIR) not in /

7 years agoIn Mac OS, create the Framework in $(DESTDIR) not in /
Pete Fotheringham [Fri, 30 Dec 2011 15:36:48 +0000 (15:36 +0000)]
In Mac OS, create the Framework in $(DESTDIR) not in /

7 years agoretry cred acquisition with named cred
Luke Howard [Fri, 23 Sep 2011 02:58:18 +0000 (12:58 +1000)]
retry cred acquisition with named cred

7 years agoAdd GSS-SPNEGO support
Luke Howard [Fri, 23 Sep 2011 02:58:07 +0000 (12:58 +1000)]
Add GSS-SPNEGO support

8 years agoupdate .gitignore
Luke Howard [Wed, 30 Mar 2011 12:26:34 +0000 (23:26 +1100)]
update .gitignore

8 years agoanother autogenerated file to be removed
Luke Howard [Wed, 30 Mar 2011 12:25:47 +0000 (23:25 +1100)]
another autogenerated file to be removed

8 years agoremove some more autogenerated files
Luke Howard [Wed, 30 Mar 2011 12:24:46 +0000 (23:24 +1100)]
remove some more autogenerated files

8 years agoRevert "add config.sub, config.guess back"
Luke Howard [Wed, 30 Mar 2011 12:09:01 +0000 (23:09 +1100)]
Revert "add config.sub, config.guess back"

This reverts commit 361470eac38aab878968dd2c38b067be8d1c122d.

8 years agoRevert "add configure back"
Luke Howard [Wed, 30 Mar 2011 12:08:46 +0000 (23:08 +1100)]
Revert "add configure back"

This reverts commit 0602ff8c14004db4a8b3bbd7f424975d0001662e.

8 years agoRevert "Add more autogenerated files"
Luke Howard [Wed, 30 Mar 2011 12:08:33 +0000 (23:08 +1100)]
Revert "Add more autogenerated files"

This reverts commit 0c68bb48c79271ffe4ff000029b7f2e2beb30687.

8 years agoRevert "more autogenerated stuff being checked in"
Luke Howard [Wed, 30 Mar 2011 12:08:26 +0000 (23:08 +1100)]
Revert "more autogenerated stuff being checked in"

This reverts commit 7c31e9bc026d6603089eddbfdf32a4404b7b0999.

8 years agoMerge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/cyrus-sasl
Luke Howard [Wed, 30 Mar 2011 11:31:51 +0000 (22:31 +1100)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/cyrus-sasl

8 years agomore autogenerated stuff being checked in
Luke Howard [Wed, 30 Mar 2011 11:30:46 +0000 (22:30 +1100)]
more autogenerated stuff being checked in

8 years agoAdd more autogenerated files
Luke Howard [Wed, 30 Mar 2011 11:21:27 +0000 (22:21 +1100)]
Add more autogenerated files

8 years agoadd configure back
Luke Howard [Wed, 30 Mar 2011 11:13:22 +0000 (22:13 +1100)]
add configure back

8 years agoadd config.sub, config.guess back
Luke Howard [Wed, 30 Mar 2011 11:13:07 +0000 (22:13 +1100)]
add config.sub, config.guess back

8 years agosaslauthd build fixes
Luke Howard [Wed, 30 Mar 2011 11:00:20 +0000 (22:00 +1100)]
saslauthd build fixes

8 years agonegative SASL errors are fatal
Luke Howard [Wed, 30 Mar 2011 08:11:53 +0000 (19:11 +1100)]
negative SASL errors are fatal

8 years agouse draft-josefsson-gss-capsulate-01 if present
Luke Howard [Tue, 22 Mar 2011 01:44:38 +0000 (12:44 +1100)]
use draft-josefsson-gss-capsulate-01 if present

8 years agoRevert "If we don't have a realm, use server FQDN; only portable thing we can do"
Luke Howard [Thu, 17 Mar 2011 23:12:56 +0000 (10:12 +1100)]
Revert "If we don't have a realm, use server FQDN; only portable thing we can do"

This reverts commit 9da0e79067688db69a6ea1437de2780af4fa80b7.

8 years agoRevert "revert 9da0e79067688db69a6ea1437de2780af4fa80b7"
Luke Howard [Thu, 17 Mar 2011 23:12:53 +0000 (10:12 +1100)]
Revert "revert 9da0e79067688db69a6ea1437de2780af4fa80b7"

This reverts commit 5a0b9a5b556773b6c28e49f6a046c0eef79b106c.

8 years agorevert 9da0e79067688db69a6ea1437de2780af4fa80b7
Luke Howard [Thu, 17 Mar 2011 15:40:31 +0000 (02:40 +1100)]
revert 9da0e79067688db69a6ea1437de2780af4fa80b7

8 years agoIf we don't have a realm, use server FQDN; only portable thing we can do
Luke Howard [Thu, 17 Mar 2011 15:31:00 +0000 (02:31 +1100)]
If we don't have a realm, use server FQDN; only portable thing we can do

8 years agodon't crash if client provides NULL authid
Luke Howard [Wed, 16 Mar 2011 07:30:05 +0000 (18:30 +1100)]
don't crash if client provides NULL authid

8 years agoautoconf
Luke Howard [Wed, 16 Mar 2011 07:22:50 +0000 (18:22 +1100)]
autoconf

8 years agocheck for gssapi_ext.h
Luke Howard [Wed, 16 Mar 2011 07:14:31 +0000 (18:14 +1100)]
check for gssapi_ext.h

8 years agoDon't favour default GSS credentials over application provided identity
Luke Howard [Wed, 16 Mar 2011 07:14:01 +0000 (18:14 +1100)]
Don't favour default GSS credentials over application provided identity

8 years agoRemove Sleepycat license from README.GS2
Luke Howard [Thu, 20 Jan 2011 02:58:26 +0000 (13:58 +1100)]
Remove Sleepycat license from README.GS2

8 years agoFixed handling of channel bindings on the client side
Luke Howard [Thu, 20 Jan 2011 02:55:17 +0000 (13:55 +1100)]
Fixed handling of channel bindings on the client side

The client side was failing to select a suitable SASL mechanism when
the application specified channel bindings, but didn't make them mandatory
to use. In such a configuration, if a non channel binding capable mechanism
was selected through "client_mech_list" SASL option, sasl_client_start
would fail. For example if the server supports both SCRAM-SHA-1[-PLUS] and
PLAIN and "client_mech_list" was set to "PLAIN", authentication would never
work. This patch fixes the problem.

The patch also cleans up the best SASL mechanism selection code to
prefer better channel bindings over SASL security layer.

Test-information:

Compiled and tested on Windows with msadm expire_mail and imapd.

Signed-off-by: Dave Cridland <dave.cridland@isode.com>
8 years agoDon't free OID for Heimdal
Luke Howard [Mon, 3 Jan 2011 11:46:48 +0000 (22:46 +1100)]
Don't free OID for Heimdal

8 years agoTreat GSS_C_NO_CRED identically to GSS_C_CRED_UNAVAIL
Luke Howard [Mon, 3 Jan 2011 11:45:47 +0000 (22:45 +1100)]
Treat GSS_C_NO_CRED identically to GSS_C_CRED_UNAVAIL

8 years agoHeimdal compile fix
Luke Howard [Mon, 3 Jan 2011 11:25:23 +0000 (22:25 +1100)]
Heimdal compile fix

8 years agoDon't include gssapi_ext.h, we don't need it
Luke Howard [Mon, 3 Jan 2011 11:24:42 +0000 (22:24 +1100)]
Don't include gssapi_ext.h, we don't need it

8 years agoRenumber CB-specific error codes/flags
Luke Howard [Fri, 22 Oct 2010 13:28:46 +0000 (00:28 +1100)]
Renumber CB-specific error codes/flags

Assigned numbers had conflicted with those assigned by maintainer

8 years agoautoreconf
Luke Howard [Thu, 21 Oct 2010 22:10:33 +0000 (09:10 +1100)]
autoreconf

8 years agoRemove EAP support from GSSAPI plugin
Luke Howard [Thu, 21 Oct 2010 22:10:22 +0000 (09:10 +1100)]
Remove EAP support from GSSAPI plugin

8 years agoupdate for new MIT 1.9
Luke Howard [Wed, 13 Oct 2010 22:05:04 +0000 (09:05 +1100)]
update for new MIT 1.9

8 years agofix comments for sasl_cbinding_disp_t
Luke Howard [Tue, 28 Sep 2010 17:00:20 +0000 (19:00 +0200)]
fix comments for sasl_cbinding_disp_t

8 years agomake channel binding disposition an enum
Luke Howard [Tue, 28 Sep 2010 16:54:04 +0000 (18:54 +0200)]
make channel binding disposition an enum

8 years agoskip legacy SASL mechanisms if client wants CB
Luke Howard [Tue, 28 Sep 2010 16:01:39 +0000 (18:01 +0200)]
skip legacy SASL mechanisms if client wants CB

8 years agoFix CB support when client selects mechanism explicitly
Luke Howard [Tue, 28 Sep 2010 15:31:07 +0000 (17:31 +0200)]
Fix CB support when client selects mechanism explicitly

8 years agoInclude channel bindings if present and the server supports
Luke Howard [Tue, 28 Sep 2010 14:56:45 +0000 (16:56 +0200)]
Include channel bindings if present and the server supports
them or we are not negotiating mechanisms.

8 years agocleanup
Luke Howard [Tue, 28 Sep 2010 10:34:38 +0000 (12:34 +0200)]
cleanup

8 years agocleanup
Luke Howard [Tue, 28 Sep 2010 10:34:00 +0000 (12:34 +0200)]
cleanup

8 years agoremove incorrect assertion
Luke Howard [Tue, 28 Sep 2010 07:55:49 +0000 (09:55 +0200)]
remove incorrect assertion

8 years agoadd some comments
Luke Howard [Mon, 27 Sep 2010 21:05:25 +0000 (23:05 +0200)]
add some comments

8 years agoEmpty authnid means GSS_C_NO_NAME
Luke Howard [Mon, 27 Sep 2010 21:04:35 +0000 (23:04 +0200)]
Empty authnid means GSS_C_NO_NAME

8 years agodo SASL name canon, whatever it does, before GSS name import
Luke Howard [Mon, 27 Sep 2010 20:54:56 +0000 (22:54 +0200)]
do SASL name canon, whatever it does, before GSS name import

8 years agonote about name canon
Luke Howard [Mon, 27 Sep 2010 20:44:25 +0000 (22:44 +0200)]
note about name canon

8 years agomore cleanup
Luke Howard [Mon, 27 Sep 2010 20:33:56 +0000 (22:33 +0200)]
more cleanup

8 years agomore cleanup
Luke Howard [Mon, 27 Sep 2010 20:22:42 +0000 (22:22 +0200)]
more cleanup

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 20:21:45 +0000 (22:21 +0200)]
cleanup

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 19:45:00 +0000 (21:45 +0200)]
cleanup

8 years agoclean up credential selection
Luke Howard [Mon, 27 Sep 2010 19:37:24 +0000 (21:37 +0200)]
clean up credential selection

8 years agoOnly ask for password if we can't get creds
Luke Howard [Mon, 27 Sep 2010 18:02:39 +0000 (20:02 +0200)]
Only ask for password if we can't get creds

8 years agofix off-by-one in very confusing mech ordering code
Luke Howard [Mon, 27 Sep 2010 17:33:23 +0000 (19:33 +0200)]
fix off-by-one in very confusing mech ordering code

8 years agodon't care about returned mech from GSS accept/init
Luke Howard [Mon, 27 Sep 2010 16:55:40 +0000 (18:55 +0200)]
don't care about returned mech from GSS accept/init

8 years agodisable OID check to get IAKERB to work
Luke Howard [Mon, 27 Sep 2010 15:08:58 +0000 (17:08 +0200)]
disable OID check to get IAKERB to work

8 years agofor mechs that support GSS_C_MA_AUTH_INIT_INIT, use default prompts
Luke Howard [Mon, 27 Sep 2010 15:08:45 +0000 (17:08 +0200)]
for mechs that support GSS_C_MA_AUTH_INIT_INIT, use default prompts

8 years agoadd hostname argument to sample server
Luke Howard [Mon, 27 Sep 2010 14:48:48 +0000 (16:48 +0200)]
add hostname argument to sample server

8 years agomore tolerant mechlist parsing
Luke Howard [Mon, 27 Sep 2010 12:36:26 +0000 (14:36 +0200)]
more tolerant mechlist parsing

8 years agoagain don't release constant OIDs
Luke Howard [Mon, 27 Sep 2010 12:29:15 +0000 (14:29 +0200)]
again don't release constant OIDs

8 years agodon't free OID
Luke Howard [Mon, 27 Sep 2010 12:25:21 +0000 (14:25 +0200)]
don't free OID

8 years agoNew SASL_BADBINDING error code; cleanup error handling
Luke Howard [Mon, 27 Sep 2010 12:20:12 +0000 (14:20 +0200)]
New SASL_BADBINDING error code; cleanup error handling

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 12:13:30 +0000 (14:13 +0200)]
cleanup

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 11:14:14 +0000 (13:14 +0200)]
cleanup

8 years agocleanups to minimise merging hassle
Luke Howard [Mon, 27 Sep 2010 10:59:06 +0000 (12:59 +0200)]
cleanups to minimise merging hassle

8 years agoadd _init files
Luke Howard [Mon, 27 Sep 2010 10:58:57 +0000 (12:58 +0200)]
add _init files

8 years agoadd .gitignore
Luke Howard [Mon, 27 Sep 2010 10:43:10 +0000 (12:43 +0200)]
add .gitignore

8 years agoAdd GS2 plugin
Luke Howard [Mon, 27 Sep 2010 10:42:51 +0000 (12:42 +0200)]
Add GS2 plugin

8 years agoRefactor channel binding code
Luke Howard [Mon, 27 Sep 2010 10:42:40 +0000 (12:42 +0200)]
Refactor channel binding code

8 years agomore work on CB
Luke Howard [Mon, 27 Sep 2010 01:15:52 +0000 (03:15 +0200)]
more work on CB

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 01:02:45 +0000 (03:02 +0200)]
cleanup

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 00:59:52 +0000 (02:59 +0200)]
cleanup

8 years agoreformat
Luke Howard [Mon, 27 Sep 2010 00:59:06 +0000 (02:59 +0200)]
reformat

8 years agoavoid legacy mechs if we require CB
Luke Howard [Mon, 27 Sep 2010 00:57:53 +0000 (02:57 +0200)]
avoid legacy mechs if we require CB

8 years agocleanup
Luke Howard [Mon, 27 Sep 2010 00:48:17 +0000 (02:48 +0200)]
cleanup

8 years agocomplete moving logic to server
Luke Howard [Mon, 27 Sep 2010 00:26:10 +0000 (02:26 +0200)]
complete moving logic to server

8 years agomove CB validation into libsasl
Luke Howard [Sun, 26 Sep 2010 23:54:20 +0000 (01:54 +0200)]
move CB validation into libsasl

8 years agoAdd GS2 mech code
Luke Howard [Sun, 26 Sep 2010 22:46:41 +0000 (00:46 +0200)]
Add GS2 mech code

8 years agomove more CB selection logic to libsasl
Luke Howard [Sun, 26 Sep 2010 22:41:50 +0000 (00:41 +0200)]
move more CB selection logic to libsasl

8 years agocleanup
Luke Howard [Sun, 26 Sep 2010 22:23:39 +0000 (00:23 +0200)]
cleanup

8 years agocleanup channel bindings logic
Luke Howard [Sun, 26 Sep 2010 18:02:21 +0000 (20:02 +0200)]
cleanup channel bindings logic

8 years agorefactor gs2 plus logic a bit
Luke Howard [Sun, 26 Sep 2010 17:40:46 +0000 (19:40 +0200)]
refactor gs2 plus logic a bit

8 years agocleanup
Luke Howard [Sun, 26 Sep 2010 15:34:00 +0000 (17:34 +0200)]
cleanup

8 years agocleanup
Luke Howard [Sun, 26 Sep 2010 15:31:28 +0000 (17:31 +0200)]
cleanup

8 years agoadd readme
Luke Howard [Sun, 26 Sep 2010 15:25:43 +0000 (17:25 +0200)]
add readme

8 years agodon't blow away text->mechanism
Luke Howard [Sun, 26 Sep 2010 15:23:17 +0000 (17:23 +0200)]
don't blow away text->mechanism

8 years agocheck for rfc5587 before building gs2
Luke Howard [Sun, 26 Sep 2010 15:17:37 +0000 (17:17 +0200)]
check for rfc5587 before building gs2