kouril [Tue, 27 Apr 2004 14:14:08 +0000 (14:14 +0000)]
increase version number to be ready for a new release
kouril [Tue, 27 Apr 2004 14:05:24 +0000 (14:05 +0000)]
Added MIT license statements
kouril [Tue, 27 Apr 2004 12:12:06 +0000 (12:12 +0000)]
basicaly typos
kouril [Fri, 23 Apr 2004 12:19:37 +0000 (12:19 +0000)]
krb5 ccache is initialized only after the password verification succeeds
kouril [Wed, 21 Apr 2004 16:15:22 +0000 (16:15 +0000)]
Added header includes and other minor fixes
kouril [Wed, 21 Apr 2004 10:15:04 +0000 (10:15 +0000)]
really use auth_context prepared
kouril [Fri, 16 Apr 2004 22:19:58 +0000 (22:19 +0000)]
added header containing internal MIT definitions
kouril [Fri, 16 Apr 2004 20:44:37 +0000 (20:44 +0000)]
First attempt of working around replay cache (thanks to Jari Ahonen for the GSSAPI part)
kouril [Tue, 13 Apr 2004 15:58:39 +0000 (15:58 +0000)]
- Don't use global structures to persistently store gss context. Support only
krb5 which requires single gssapi authentication iteration.
kouril [Fri, 9 Apr 2004 13:05:29 +0000 (13:05 +0000)]
Mark a few places where a debug logging should be added
kouril [Thu, 1 Apr 2004 08:21:44 +0000 (08:21 +0000)]
- Use macro AC_PATH_PROG to find the apxs command, don't look for the apache
binary at all since information about apache version are fetched from headers
at compile time.
- Require version 2.57 of autoconf as 2.53 seems to have an error in the
AC_PATH_PROG macro
kouril [Mon, 29 Mar 2004 15:16:38 +0000 (15:16 +0000)]
In order to distinguish between apache API v1.3 and v.2.0 use define
STANDARD20_MODULE_STUFF (from ap_config.h) instead of own APXS[12] variables
kouril [Mon, 29 Mar 2004 14:41:04 +0000 (14:41 +0000)]
- note_kerb_auth_failure() renamed to set_kerb_auth_headers()
- return also last value from gss_accept_sec_context() so client can perform
mutual authentication
kouril [Mon, 29 Mar 2004 13:49:00 +0000 (13:49 +0000)]
- don't pass a prompter callback to the password veryfying call
- Heimdal is able to handle anonymous memory caches so it's not necessary to use different (non-portable) code for ccache generation
kouril [Thu, 25 Mar 2004 11:27:56 +0000 (11:27 +0000)]
License changed from Apache to BSD
kouril [Tue, 23 Mar 2004 15:32:35 +0000 (15:32 +0000)]
Use GSS_C_NT_HOSTBASED_SERVICE instead of GSS_C_NT_USER_NAME in the gss_import_name()
Don't free the gss structs when additional GSS iterations are required
kouril [Wed, 25 Feb 2004 17:43:31 +0000 (17:43 +0000)]
Updated year in the license block
kouril [Wed, 25 Feb 2004 17:16:20 +0000 (17:16 +0000)]
Don't use DNS lookups when constructing the server principal name. This allows
to use the VirtualServer names as specified in the httpd.conf
kouril [Thu, 19 Feb 2004 15:17:18 +0000 (15:17 +0000)]
Added logging of error messages to the password verification part.
kouril [Wed, 11 Feb 2004 13:26:19 +0000 (13:26 +0000)]
restructuralized checks for krb5 enviroment
kouril [Tue, 10 Feb 2004 13:52:44 +0000 (13:52 +0000)]
Don't use the service name when reading the keytab. This should prevent from
problems between the MS and MIT krb5 implementation. (this fix works only with
1.3.x).
kouril [Thu, 5 Feb 2004 15:17:00 +0000 (15:17 +0000)]
Use different calls when generating memory ccache with Heimdal or MIT
kouril [Thu, 5 Feb 2004 15:12:08 +0000 (15:12 +0000)]
moved check for nonempty password to a proper place
kouril [Thu, 5 Feb 2004 14:05:50 +0000 (14:05 +0000)]
don't accept empty passwords
kouril [Thu, 5 Feb 2004 10:21:02 +0000 (10:21 +0000)]
Allow also authentication against a proxy server.
(see bug #880378 https://sourceforge.net/tracker/?func=detail&atid=464524&aid=880378&group_id=51775)
kouril [Tue, 13 Jan 2004 14:31:53 +0000 (14:31 +0000)]
Added omitted directive in the sample config
kouril [Mon, 12 Jan 2004 16:19:39 +0000 (16:19 +0000)]
really log minor GSS error messages
kouril [Mon, 12 Jan 2004 15:28:12 +0000 (15:28 +0000)]
fixed deleting files
kouril [Mon, 12 Jan 2004 15:17:43 +0000 (15:17 +0000)]
Copied installation guide from web pages
kouril [Mon, 12 Jan 2004 15:03:17 +0000 (15:03 +0000)]
better cleanup
kouril [Mon, 12 Jan 2004 13:49:52 +0000 (13:49 +0000)]
removed support for HAVE_KRB5_CC_GEN_NEW
kouril [Mon, 12 Jan 2004 13:44:21 +0000 (13:44 +0000)]
- Extended directories where the apache binaries are looked for
- A bit better support for installation without krb5-config
kouril [Wed, 7 Jan 2004 16:31:12 +0000 (16:31 +0000)]
Make sure local headers are used first
kouril [Wed, 7 Jan 2004 16:15:44 +0000 (16:15 +0000)]
Removed recursively called make; all objects required are set by the configure
script. This change should make it possible to use non-GNU make's.
kouril [Tue, 6 Jan 2004 14:31:39 +0000 (14:31 +0000)]
don't log automaticaly errno error messages
kouril [Tue, 6 Jan 2004 14:28:02 +0000 (14:28 +0000)]
enclose minor GSS error message into parenthesis
kouril [Sat, 27 Dec 2003 07:59:25 +0000 (07:59 +0000)]
- Added forgotten parenthesis
- The KrbMethodK4Pass and KrbMethodK5Pass options renamed to KrbMethodK4Passwd
and KrbMethodK5Passwd, respectively
kouril [Fri, 19 Dec 2003 16:45:02 +0000 (16:45 +0000)]
Don't overwrite the minor status from accept_sec_context()
kouril [Fri, 19 Dec 2003 16:41:54 +0000 (16:41 +0000)]
Don't offer the Negotiate method again when the client has failed to authenticate using GSS.
kouril [Fri, 19 Dec 2003 15:27:40 +0000 (15:27 +0000)]
let GSS error code propagate properly to the caller
kouril [Fri, 19 Dec 2003 11:34:13 +0000 (11:34 +0000)]
Increased version number before publishing a new release
kouril [Fri, 19 Dec 2003 09:53:46 +0000 (09:53 +0000)]
How to initialize the module
kouril [Thu, 18 Dec 2003 16:18:21 +0000 (16:18 +0000)]
removed '-o $@' since it has been announced to making troubles on Solaris (see
https://sourceforge.net/forum/forum.php?thread_id=991025&forum_id=171554)
kouril [Thu, 18 Dec 2003 15:16:14 +0000 (15:16 +0000)]
mark place to fix (don't offer Negotiate when some GSS call failed)
kouril [Thu, 18 Dec 2003 15:12:11 +0000 (15:12 +0000)]
properly initialize memory space so that it can be unallocated later.
kouril [Thu, 18 Dec 2003 14:12:54 +0000 (14:12 +0000)]
Don't wrap tokens returned by the acceptor with the SPNEGO oid specs
kouril [Wed, 17 Dec 2003 14:04:17 +0000 (14:04 +0000)]
Use `HTTP' as a default principal name for authentication, instead of `khttp'.
kouril [Wed, 17 Dec 2003 13:57:44 +0000 (13:57 +0000)]
Added the -c switch to apxs when doing installation. This enforce a new
compilation of the module itself but (hopefuly) prevents problems with libtool
and different target names generated by libtool on different platforms.
kouril [Sun, 14 Dec 2003 19:00:06 +0000 (19:00 +0000)]
Extended format of GSS error messages (human readable info on both minor_status
and major stator is printed out)
kouril [Thu, 11 Dec 2003 21:48:47 +0000 (21:48 +0000)]
use krb5_cc_resolve() and manualy created temporary files (generated with mkstemp) to create ccache. This should more portable.
kouril [Fri, 28 Nov 2003 22:45:57 +0000 (22:45 +0000)]
gssapi lib added to the `openbsd part'
kouril [Fri, 28 Nov 2003 22:41:18 +0000 (22:41 +0000)]
updated list of Heimdal libs for Openbsd
kouril [Sun, 23 Nov 2003 22:38:38 +0000 (22:38 +0000)]
Make configure work also with krb5 installations where the krb5-config command
is not available (suppose only Heimdal libraries in this case)
kouril [Mon, 17 Nov 2003 00:14:44 +0000 (00:14 +0000)]
Added 'make install' line
kouril [Sun, 16 Nov 2003 23:20:49 +0000 (23:20 +0000)]
Added #include <string.h> to make compiler stop complaining of memset() and memcmp() not being declared
kouril [Thu, 13 Nov 2003 15:18:51 +0000 (15:18 +0000)]
Check error values
kouril [Thu, 13 Nov 2003 15:01:28 +0000 (15:01 +0000)]
Corrected targets to prevent from useles compiling files that hasn't changed
kouril [Fri, 7 Nov 2003 15:29:25 +0000 (15:29 +0000)]
increased version number before creating a new release
kouril [Fri, 7 Nov 2003 15:23:15 +0000 (15:23 +0000)]
note the configure script
kouril [Thu, 6 Nov 2003 18:30:50 +0000 (18:30 +0000)]
- make krb_authoritative really work as it's supposed to
- use proper option type for the ServiceName option
kouril [Thu, 6 Nov 2003 18:29:54 +0000 (18:29 +0000)]
- don't forgot krb4 libs
kouril [Thu, 6 Nov 2003 16:58:14 +0000 (16:58 +0000)]
added -Ispnegokrb5
kouril [Tue, 4 Nov 2003 20:12:48 +0000 (20:12 +0000)]
Added support for the KrbAuthoritative option (if set by the admin to 'off' it
allows authentication control to pass on to another modules).
kouril [Tue, 4 Nov 2003 19:08:15 +0000 (19:08 +0000)]
Added support for the KrbServiceName option, which can be used to set the name
of the service key in the keytab
kouril [Tue, 4 Nov 2003 18:52:22 +0000 (18:52 +0000)]
added support for both spnego and pure krb5 GSS tokens
kouril [Tue, 4 Nov 2003 18:50:28 +0000 (18:50 +0000)]
Don't use recursive definition
kouril [Tue, 4 Nov 2003 16:59:01 +0000 (16:59 +0000)]
Added check for Heimdal
kouril [Tue, 4 Nov 2003 16:39:36 +0000 (16:39 +0000)]
- the spnegokrb5 lib is not used if only krb4 is specified
- configure script adapted to work correctly with MIT krb4 headers
kouril [Tue, 4 Nov 2003 14:31:39 +0000 (14:31 +0000)]
removed unused files
kouril [Tue, 4 Nov 2003 14:30:21 +0000 (14:30 +0000)]
- cosmetics in the main Makefile
- changes to make the spnego dir work with the autools stuff
kouril [Tue, 4 Nov 2003 14:08:22 +0000 (14:08 +0000)]
Remove Makefiles which are generated by the autools stuff
kouril [Tue, 4 Nov 2003 14:06:24 +0000 (14:06 +0000)]
Added distclean rule
kouril [Tue, 4 Nov 2003 13:58:43 +0000 (13:58 +0000)]
ignore generated stuff
kouril [Tue, 4 Nov 2003 13:52:14 +0000 (13:52 +0000)]
- set bugs contact to the developer list
- the apxs and httpd binaries are also looked for in the sbin subdirs
kouril [Tue, 4 Nov 2003 12:37:11 +0000 (12:37 +0000)]
Added option KrbVerifyKDC to optinaly disable the verification of KDC
(solves Patch record #835573)
kouril [Mon, 3 Nov 2003 09:16:01 +0000 (09:16 +0000)]
- removed unused compatibility macros
- don't let apache log errno messages
- use HAVE_KRB5_CC_GEN_NEW definition (set by the configure script)
- have the moduled called only once (for the initial request). This should
prevent from multiple contacting KDC and significantly decrease number of
messages sent over the network (and increase perfomance thus)
kouril [Mon, 3 Nov 2003 09:07:24 +0000 (09:07 +0000)]
Added support for autotools
kouril [Fri, 31 Oct 2003 15:30:53 +0000 (15:30 +0000)]
Added variable to makefile.include to ease build of stand-alone spnegokrb5
kouril [Fri, 31 Oct 2003 15:20:41 +0000 (15:20 +0000)]
*** empty log message ***
kouril [Mon, 27 Oct 2003 12:50:57 +0000 (12:50 +0000)]
typos
kouril [Mon, 27 Oct 2003 12:48:02 +0000 (12:48 +0000)]
Added variable to makefile.include to ease build of stand-alone spnegokrb5
kouril [Mon, 27 Oct 2003 12:46:59 +0000 (12:46 +0000)]
Allocate memory before setting enviroment
kouril [Fri, 24 Oct 2003 11:36:36 +0000 (11:36 +0000)]
Added some comments
kouril [Fri, 17 Oct 2003 09:29:05 +0000 (09:29 +0000)]
Log error messages on krb4 failures
kouril [Mon, 29 Sep 2003 16:23:15 +0000 (16:23 +0000)]
Warning about bad use of strcat
kouril [Thu, 18 Sep 2003 11:03:56 +0000 (11:03 +0000)]
use putenv() instead of setenv() to be more portable (Solaris9 seems not like it
-- see https://sourceforge.net/forum/message.php?msg_id=2196410)
kouril [Mon, 8 Sep 2003 11:39:24 +0000 (11:39 +0000)]
remove also files in the src directory
kouril [Mon, 8 Sep 2003 11:33:24 +0000 (11:33 +0000)]
removed configure.in
kouril [Mon, 8 Sep 2003 11:32:29 +0000 (11:32 +0000)]
First attempt of writing configure.in
kouril [Mon, 8 Sep 2003 11:24:39 +0000 (11:24 +0000)]
Added _very_ rough documentation
kouril [Mon, 8 Sep 2003 11:22:26 +0000 (11:22 +0000)]
Send 'Negotiate' instead of 'GSS-Negotiate' in the WWW-Authenticate header
kouril [Mon, 8 Sep 2003 11:21:15 +0000 (11:21 +0000)]
Link with the spnegokrb5 lib
kouril [Mon, 8 Sep 2003 10:38:37 +0000 (10:38 +0000)]
Use MIT by default :-)
kouril [Mon, 8 Sep 2003 10:37:35 +0000 (10:37 +0000)]
Make comment more descriptive
kouril [Sat, 6 Sep 2003 21:25:37 +0000 (21:25 +0000)]
removed free()
kouril [Sat, 6 Sep 2003 21:05:24 +0000 (21:05 +0000)]
Added the accepting part
kouril [Fri, 5 Sep 2003 14:38:15 +0000 (14:38 +0000)]
Added proper GSS encapsulation of token sent
kouril [Fri, 5 Sep 2003 09:29:01 +0000 (09:29 +0000)]
Removed unsed Makefile.in
kouril [Fri, 5 Sep 2003 09:23:19 +0000 (09:23 +0000)]
Removed unused files
kouril [Fri, 5 Sep 2003 09:16:50 +0000 (09:16 +0000)]
Removed dependecies on Heimdal