kouril [Tue, 26 Aug 2003 10:50:57 +0000 (10:50 +0000)]
Fixed my email address
kouril [Tue, 26 Aug 2003 06:52:37 +0000 (06:52 +0000)]
Ludek Sulak added to originators
kouril [Mon, 25 Aug 2003 12:24:27 +0000 (12:24 +0000)]
Better handling of includes
kouril [Mon, 25 Aug 2003 10:39:03 +0000 (10:39 +0000)]
Added correct parameters to ap_strcat()
kouril [Mon, 25 Aug 2003 07:02:19 +0000 (07:02 +0000)]
- Added a license block
- Krb4 part adapted to be able to build with MIT too
- Removed option KrbServiceName (current server hostname is found by means of
ap_get_server_name())
- Added new function krb5_verify_user() implementing krb5 password verification
(not dependent on actual krb5 implementation used)
kouril [Tue, 12 Aug 2003 13:45:39 +0000 (13:45 +0000)]
Implemented KRB4 password verification
kouril [Tue, 12 Aug 2003 10:49:36 +0000 (10:49 +0000)]
- removed unused code
- removed directives KrbSaveTickets, KrbForwardable
kouril [Tue, 12 Aug 2003 09:36:42 +0000 (09:36 +0000)]
Since we're going to support mainly Kerberos GSSAPI, gss context is not kept
across multiple request.
kouril [Tue, 12 Aug 2003 08:18:10 +0000 (08:18 +0000)]
- added setting flag KRB5_TC_OPENCLOSE to make krb5_initialize happy
- various typos
kouril [Tue, 12 Aug 2003 07:00:32 +0000 (07:00 +0000)]
- krb5_verify_user() made really work
- added parameters use_krb4, use_krb5 to note_kerb_auth_failure()
kouril [Mon, 11 Aug 2003 14:12:47 +0000 (14:12 +0000)]
Changes for compatibility with MIT (1.2.8)
kouril [Mon, 11 Aug 2003 12:45:22 +0000 (12:45 +0000)]
- removed directive 'KrbTmpdir'
- new files for krb5 ccaches are generated by means of krb5 API
kouril [Mon, 11 Aug 2003 12:27:15 +0000 (12:27 +0000)]
- have the module returned the krb5 format of authenticated username instead of what user sent in the request
- if service name given in the config file contains a slash, use only the first
part of the service name
kouril [Mon, 11 Aug 2003 11:27:49 +0000 (11:27 +0000)]
Use gss_display_name() instead of gss_export_name() to get only the user's name without mechanism id's
kouril [Mon, 11 Aug 2003 11:06:45 +0000 (11:06 +0000)]
Added call krb5_save_realms() for saving multiple realms given in a config file (can the ITERATE flag be used?)
kouril [Mon, 11 Aug 2003 09:49:30 +0000 (09:49 +0000)]
Removed option 'AuthKerberos' (and all corresponding code) and used AuthType
instead.
kouril [Fri, 8 Aug 2003 14:28:15 +0000 (14:28 +0000)]
- name changed from kerb_auth_module to auth_kerb_module (to ease building with
apache2)
- more adaptations to make it compile with apache2
kouril [Fri, 8 Aug 2003 12:17:50 +0000 (12:17 +0000)]
Adaptation to make it compile with Apache 2.0 (not finished yet)
kouril [Thu, 7 Aug 2003 14:57:37 +0000 (14:57 +0000)]
Removed useless code
kouril [Thu, 7 Aug 2003 13:16:07 +0000 (13:16 +0000)]
- use specifiefd keytab for passwd verification
- use service_name from config file if specified
- corrected output of gss error text
kouril [Thu, 7 Aug 2003 10:09:54 +0000 (10:09 +0000)]
- removed unused code
- added some comments to make the module structure more readable
kouril [Thu, 7 Aug 2003 09:55:49 +0000 (09:55 +0000)]
- reordered calls so that similar calls are placed togetoher
- added and used function store_gss_creds()
- fixed parameters sent in http 401 replies
kouril [Thu, 7 Aug 2003 08:44:41 +0000 (08:44 +0000)]
Added support for KerberosV5, KerberosV4 keywords in AuthType
kouril [Thu, 7 Aug 2003 07:47:45 +0000 (07:47 +0000)]
Defined macro 'command' to ease the kerb_auth_cmds structure (unified for apache1 and apache2)
kouril [Thu, 7 Aug 2003 07:08:16 +0000 (07:08 +0000)]
Cleanups
kouril [Mon, 30 Jun 2003 19:41:48 +0000 (19:41 +0000)]
- some code from store_krb5_creds() moved to separate function (called from
store_krb5_creds()), this new function will be also used from the gssapi
handler
kouril [Mon, 30 Jun 2003 16:53:33 +0000 (16:53 +0000)]
- removed unused variables
- added analogical MIT call for krb5_cc_gen_new()
- added get_gss_error() call printing GSS error messages
- activated Negotiate support
(compiles with Heimdal and apache 1.3.37)
jadestorm [Mon, 30 Jun 2003 15:01:17 +0000 (15:01 +0000)]
Committing what I have. See ChangeLog for the last couple of things I
did. I wouldn't consider anything in any form of reasonable state at the
moment.
kouril [Sun, 29 Jun 2003 10:06:11 +0000 (10:06 +0000)]
- Added a cleanup function purging ticket file(s) after finishing http request
- Code for credential storing moved to a separate function
- Added logging of error messages
Compiles with Heimdal and Apache 1.3.27, not tested if really works
kouril [Mon, 23 Jun 2003 12:38:34 +0000 (12:38 +0000)]
Various code rearrangements to achieve portable password verification.
- added call of krb5_verify_user() for password verification
- password verification moved into a separate function (also called
krb5_verify_user()), which compiles only if Heimdal is not found (since this
call seems to be missing from the MIT API)
- should work with both Heimdal and MIT implementation
- don't compile yet
kouril [Sun, 8 Jun 2003 18:46:31 +0000 (18:46 +0000)]
- Added functions for Negotiate support, not called from the body yet.
- Compiles with Apache 1.3.27 and Heimdal 0.6.
kouril [Fri, 6 Jun 2003 10:49:27 +0000 (10:49 +0000)]
Note Negotiate support in TODO
kouril [Fri, 6 Jun 2003 10:22:35 +0000 (10:22 +0000)]
Added CVS identification keyword
kouril [Thu, 5 Jun 2003 15:03:26 +0000 (15:03 +0000)]
typos (done mainly to test if notification works)
jadestorm [Tue, 3 Jun 2003 04:03:24 +0000 (04:03 +0000)]
Added a fair amount of functionality that was present in 4.*.
jadestorm [Thu, 29 May 2003 15:31:02 +0000 (15:31 +0000)]
Fixed up configure scripts and Makefiles to work with new setup.
Fixed mod_auth_kerb.c to compile.
jadestorm [Thu, 29 May 2003 14:56:26 +0000 (14:56 +0000)]
Removed krb5 source tree.
jadestorm [Thu, 29 May 2003 14:55:51 +0000 (14:55 +0000)]
Removed separate krb4 source tree.
jadestorm [Thu, 29 May 2003 14:55:16 +0000 (14:55 +0000)]
Removed apache2 separate source tree.
jadestorm [Thu, 29 May 2003 14:54:31 +0000 (14:54 +0000)]
Removed apache 1 separate source tree.
jadestorm [Thu, 29 May 2003 14:52:38 +0000 (14:52 +0000)]
Returned to single mod_auth_kerb.c file.
jadestorm [Sat, 7 Sep 2002 01:53:24 +0000 (01:53 +0000)]
Added rest of options I expect to be using.
jadestorm [Fri, 6 Sep 2002 04:07:14 +0000 (04:07 +0000)]
Added EAPI check.
jadestorm [Fri, 6 Sep 2002 04:00:46 +0000 (04:00 +0000)]
Prettied up module configs.
jadestorm [Tue, 3 Sep 2002 02:59:34 +0000 (02:59 +0000)]
Added authoritative support.
jadestorm [Tue, 3 Sep 2002 01:31:27 +0000 (01:31 +0000)]
Added support for fail_status and authkerberos options.
jadestorm [Mon, 2 Sep 2002 04:29:49 +0000 (04:29 +0000)]
Added auth_cmds.c processing for apache1 and 2. Still need to add custom
option processors.
jadestorm [Tue, 9 Jul 2002 04:57:00 +0000 (04:57 +0000)]
Added more todos.
jadestorm [Tue, 9 Jul 2002 04:54:48 +0000 (04:54 +0000)]
Added beginnings of commands that mod_auth_kerb supports.
jadestorm [Mon, 8 Jul 2002 01:55:08 +0000 (01:55 +0000)]
Added Dual Auth support via KerberosDualV5V4 and KerberosDualV4V5.
jadestorm [Sun, 7 Jul 2002 14:56:53 +0000 (14:56 +0000)]
Added rest of TODO's.
jadestorm [Thu, 4 Jul 2002 19:14:53 +0000 (19:14 +0000)]
Added TODO list to keep track of what all is in the agenda. =)
jadestorm [Mon, 3 Jun 2002 05:11:56 +0000 (05:11 +0000)]
Added AUTHORS, ChangeLog, INSTALL, and NEWS in an attempt to make this look
a little more 'normal'. =)
jadestorm [Wed, 8 May 2002 04:41:10 +0000 (04:41 +0000)]
Fixed Apache 2 support. Had ap_strcat instead of apr_strcat.
jadestorm [Tue, 7 May 2002 01:20:45 +0000 (01:20 +0000)]
Begin fixes on apache2 API for initial ticket authentication.
However, currently apache refuses to load the module.
jadestorm [Sat, 4 May 2002 17:54:34 +0000 (17:54 +0000)]
Fixed configure to look in appropriate location for krb4 header files
within a krb5 install. Fixed auth_user to actually work, and removed
a warning from krb4/validate.
jadestorm [Sat, 4 May 2002 05:37:24 +0000 (05:37 +0000)]
Some work done to get initial username/password checking working.
jadestorm [Wed, 1 May 2002 19:03:59 +0000 (19:03 +0000)]
Initial revision