Sam Hartman [Fri, 8 Mar 2013 15:23:09 +0000 (10:23 -0500)]
add freeradius to build
Sam Hartman [Thu, 6 Dec 2012 16:54:52 +0000 (11:54 -0500)]
Add trust_router to Debian build
Sam Hartman [Fri, 16 Nov 2012 03:14:02 +0000 (22:14 -0500)]
Update mech_eap for empty acceptor name
Sam Hartman [Sun, 4 Nov 2012 09:24:24 +0000 (04:24 -0500)]
makefile.in for libradsec
Sam Hartman [Sat, 3 Nov 2012 10:15:55 +0000 (06:15 -0400)]
Update debian packages
Sam Hartman [Sat, 19 May 2012 01:01:46 +0000 (21:01 -0400)]
Update openssh package
Sam Hartman [Sat, 19 May 2012 01:01:34 +0000 (21:01 -0400)]
Update ui package
Sam Hartman [Tue, 18 Sep 2012 23:54:18 +0000 (19:54 -0400)]
Update to new add-source strategy
Use sudo to run the add_source stuff because newer sbuild does not run
the setup hook as root.
Sam Hartman [Wed, 16 May 2012 19:03:30 +0000 (15:03 -0400)]
Update openssh
Sam Hartman [Wed, 1 Feb 2012 12:10:09 +0000 (07:10 -0500)]
ui update
Sam Hartman [Thu, 19 Jan 2012 15:50:59 +0000 (10:50 -0500)]
ui update
Sam Hartman [Wed, 25 Jan 2012 16:56:27 +0000 (11:56 -0500)]
Merge unused variable warning into libradsec
Sam Hartman [Tue, 24 Jan 2012 17:43:41 +0000 (12:43 -0500)]
Update libradsec
Sam Hartman [Wed, 18 Jan 2012 21:25:59 +0000 (16:25 -0500)]
Use .. in gitmodules now that buildbot supports
Sam Hartman [Wed, 18 Jan 2012 18:49:09 +0000 (13:49 -0500)]
fix logic error
Sam Hartman [Wed, 18 Jan 2012 15:32:37 +0000 (10:32 -0500)]
mech_eap: actually bump debian version
Sam Hartman [Wed, 18 Jan 2012 13:18:34 +0000 (08:18 -0500)]
Update for CACertificate and various name constraints
Sam Hartman [Wed, 18 Jan 2012 01:32:36 +0000 (20:32 -0500)]
update ui
Sam Hartman [Wed, 18 Jan 2012 00:34:45 +0000 (19:34 -0500)]
Update moonshot for cert hash fix
Sam Hartman [Wed, 18 Jan 2012 00:13:46 +0000 (19:13 -0500)]
Moonshot becomes a submodule
Sam Hartman [Wed, 18 Jan 2012 00:12:54 +0000 (19:12 -0500)]
Update ui
Sam Hartman [Tue, 3 Jan 2012 20:41:46 +0000 (15:41 -0500)]
Initialize shib resolver before opensaml
Sam Hartman [Tue, 3 Jan 2012 20:41:17 +0000 (15:41 -0500)]
Initializeshib resolver before opensaml so catalog path is set
Sam Hartman [Fri, 16 Dec 2011 16:45:29 +0000 (11:45 -0500)]
Synchronize shibboleth with itself
Sam Hartman [Wed, 14 Dec 2011 11:14:08 +0000 (06:14 -0500)]
More updates
Sam Hartman [Wed, 14 Dec 2011 10:16:42 +0000 (05:16 -0500)]
Include xmltooling gcc fixes
Sam Hartman [Tue, 13 Dec 2011 21:30:54 +0000 (16:30 -0500)]
Update xmltooling for build problem
Sam Hartman [Tue, 13 Dec 2011 21:10:02 +0000 (16:10 -0500)]
Shibboleth depends on boost now
Sam Hartman [Tue, 13 Dec 2011 21:01:00 +0000 (16:01 -0500)]
autoreconf shibboleth
Sam Hartman [Tue, 13 Dec 2011 20:29:42 +0000 (15:29 -0500)]
Merge remote-tracking branch 'origin/debian' into debian
Sam Hartman [Tue, 13 Dec 2011 20:29:04 +0000 (15:29 -0500)]
update shibboleth packages
Sam Hartman [Mon, 12 Dec 2011 17:25:52 +0000 (12:25 -0500)]
Rebuild resolver
Sam Hartman [Fri, 9 Dec 2011 01:35:04 +0000 (20:35 -0500)]
remove blank lines
Sam Hartman [Thu, 8 Dec 2011 18:34:46 +0000 (13:34 -0500)]
Debian version of openssh oops
Sam Hartman [Thu, 8 Dec 2011 17:37:06 +0000 (12:37 -0500)]
autoreconf
Sam Hartman [Thu, 8 Dec 2011 17:36:03 +0000 (12:36 -0500)]
Add ui and remove firefox
Sam Hartman [Thu, 8 Dec 2011 16:35:05 +0000 (11:35 -0500)]
Update submodules
Also add Moonshot UI
Sam Hartman [Wed, 7 Dec 2011 20:54:56 +0000 (15:54 -0500)]
Move sp forward
Sam Hartman [Wed, 7 Dec 2011 19:18:24 +0000 (14:18 -0500)]
update shibboleth packages
Sam Hartman [Wed, 7 Dec 2011 17:04:03 +0000 (12:04 -0500)]
Install multiarch krb5 plugin
Sam Hartman [Mon, 5 Dec 2011 19:09:28 +0000 (14:09 -0500)]
Merge remote-tracking branch 'origin/master' into debian
Conflicts:
.gitmodules
cyrus-sasl
libradsec
mod_auth_kerb
moonshot/.gitignore
moonshot/libeap
moonshot/mech_eap/init_sec_context.c
moonshot/mech_eap/unwrap_iov.c
shibboleth/opensaml2
shibboleth/resolver
shibboleth/sp
Pete Fotheringham [Thu, 1 Dec 2011 11:05:55 +0000 (11:05 +0000)]
Add --with-gss_impl=mit when building cyrus-sasl
Pete Fotheringham [Wed, 30 Nov 2011 18:33:33 +0000 (18:33 +0000)]
Merge branch 'master' of project-moonshot.org/git/moonshot
Conflicts:
moonshot/mech_eap/Makefile.am
Pete Fotheringham [Wed, 30 Nov 2011 18:18:01 +0000 (18:18 +0000)]
Mac installer instructions, README and pmdoc files
Installer and disk image build successfully
Pete Fotheringham [Wed, 30 Nov 2011 17:31:26 +0000 (17:31 +0000)]
Link against the Kerberos library in /usr/local instead of the version in /usr
Luke Howard [Mon, 28 Nov 2011 15:01:39 +0000 (02:01 +1100)]
Revert "Support EAP-TLS in Moonshot (requires OpenSSL)"
This reverts commit
2ef42df0ecea8745a678fe26ff9b16072b93586b.
Luke Howard [Mon, 28 Nov 2011 15:01:34 +0000 (02:01 +1100)]
Revert "remember to duplicate clientCertificate"
This reverts commit
0bde9b2ad5a4a36f745f1c91e9155edb337922b8.
Luke Howard [Mon, 28 Nov 2011 15:01:28 +0000 (02:01 +1100)]
Revert "Allow certificate/private key to contain binary data"
This reverts commit
6196f93aaca970f23276407af0812179c51a29ea.
Luke Howard [Thu, 17 Nov 2011 11:15:47 +0000 (22:15 +1100)]
NFSv4 patch from Daniel Kouril
Luke Howard [Thu, 17 Nov 2011 09:34:12 +0000 (20:34 +1100)]
Allow certificate/private key to contain binary data
Luke Howard [Thu, 17 Nov 2011 09:04:08 +0000 (20:04 +1100)]
remember to duplicate clientCertificate
Luke Howard [Thu, 17 Nov 2011 08:33:22 +0000 (19:33 +1100)]
Support EAP-TLS in Moonshot (requires OpenSSL)
Luke Howard [Sat, 22 Oct 2011 02:38:51 +0000 (13:38 +1100)]
wrap gssQueryMechanismInfo
Luke Howard [Fri, 21 Oct 2011 03:51:09 +0000 (14:51 +1100)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Fri, 21 Oct 2011 03:50:05 +0000 (14:50 +1100)]
Fix for building without acceptor
Sam Hartman [Thu, 13 Oct 2011 23:26:04 +0000 (19:26 -0400)]
Update opensaml2
Sam Hartman [Thu, 13 Oct 2011 13:55:00 +0000 (09:55 -0400)]
Fix merge conflict
Sam hartman [Mon, 10 Oct 2011 13:54:57 +0000 (14:54 +0100)]
Move submodule forward
Sam hartman [Mon, 10 Oct 2011 13:46:46 +0000 (14:46 +0100)]
Add freeradius to rpath; disable ui integration from spec for now
Sam hartman [Sat, 8 Oct 2011 14:54:59 +0000 (15:54 +0100)]
Spec file update
Sam hartman [Fri, 16 Sep 2011 18:56:38 +0000 (19:56 +0100)]
Update libeap to include make dist
Sam hartman [Fri, 16 Sep 2011 18:41:51 +0000 (19:41 +0100)]
make dist: distribute sources
Distribute headers so that make dist works
Include headers in built sources to fix dependencies for parallel builds
Distribute exports files and require that the resulting library depend on them
Sam Hartman [Mon, 10 Oct 2011 14:09:49 +0000 (10:09 -0400)]
Update for local mods to libradsec and jansson
Luke Howard [Fri, 7 Oct 2011 14:39:32 +0000 (01:39 +1100)]
Don't fail if password supplied by caller
If the libmoonshot or static (file-based) identity resolver fails, and
the caller provided a password via gss_acquire_cred_with_password(), then
resolving the credential should not fail.
Luke Howard [Fri, 7 Oct 2011 07:06:57 +0000 (18:06 +1100)]
fix incorrect reauth cred assert check
Luke Howard [Thu, 6 Oct 2011 10:34:10 +0000 (21:34 +1100)]
note about whether initiator cred lock is required
Luke Howard [Thu, 6 Oct 2011 10:29:55 +0000 (21:29 +1100)]
remove unnecessary cred lock in acceptor
Luke Howard [Wed, 5 Oct 2011 07:47:39 +0000 (18:47 +1100)]
allow building without libmoonshot
Luke Howard [Wed, 5 Oct 2011 07:14:03 +0000 (18:14 +1100)]
update libradsec to avoid pointer aliasing error
Luke Howard [Wed, 5 Oct 2011 02:28:19 +0000 (13:28 +1100)]
revert openssh
Luke Howard [Wed, 5 Oct 2011 02:22:38 +0000 (13:22 +1100)]
poke buildbot
Luke Howard [Wed, 5 Oct 2011 02:07:47 +0000 (13:07 +1100)]
initialize major in gss_query_meta_data
Luke Howard [Wed, 5 Oct 2011 02:01:17 +0000 (13:01 +1100)]
reset mod_auth_kerb
Luke Howard [Wed, 5 Oct 2011 01:56:19 +0000 (12:56 +1100)]
Merge branch 'master' into negoex
Luke Howard [Wed, 5 Oct 2011 01:52:44 +0000 (12:52 +1100)]
Update libradsec
Luke Howard [Wed, 5 Oct 2011 01:44:27 +0000 (12:44 +1100)]
add GSS-SPNEGO to cyrus-sasl
Luke Howard [Mon, 3 Oct 2011 23:22:14 +0000 (10:22 +1100)]
NegoEx SPIs
Luke Howard [Thu, 22 Sep 2011 09:24:09 +0000 (19:24 +1000)]
check radsec config when acquiring acceptor cred
Luke Howard [Tue, 20 Sep 2011 13:44:28 +0000 (23:44 +1000)]
note gssEapAcquireCred should validate RADIUS config
Luke Howard [Tue, 20 Sep 2011 02:21:43 +0000 (12:21 +1000)]
Fix regression where error tokens were not being sent
Luke Howard [Mon, 19 Sep 2011 12:49:16 +0000 (22:49 +1000)]
Add GSSEAP_NO_LOCAL_MAPPING error
Luke Howard [Mon, 19 Sep 2011 08:58:52 +0000 (18:58 +1000)]
use krb5_auth_con_setlocalsubkey on Heimdal
Luke Howard [Sun, 18 Sep 2011 03:39:51 +0000 (13:39 +1000)]
Add CRED_FLAG_TARGET
Set a flag indicating whether the credential has been bound to a service
Luke Howard [Sat, 17 Sep 2011 09:25:16 +0000 (19:25 +1000)]
Simplify verify_mic path
Allow verify_mic, wrapped on top of the IOV routines, to pass in a single
HEADER buffer rather than needing to understand the underlying split between
header and trailer.
Luke Howard [Sat, 17 Sep 2011 07:47:01 +0000 (17:47 +1000)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Sat, 17 Sep 2011 07:32:28 +0000 (17:32 +1000)]
make sure imported sec context keys correctly allocated
Luke Howard [Sat, 17 Sep 2011 06:24:53 +0000 (16:24 +1000)]
PRF/random_to_key allocation fix
MIT and Heimdal uses different allocation strategies
(caller-allocates, callee-allocates) for the same functions,
unfortunately.
Conflicts:
moonshot/mech_eap/util.h
Luke Howard [Fri, 16 Sep 2011 23:46:06 +0000 (09:46 +1000)]
use calloc to match with Heimdal (heim_alloc not exported)
Luke Howard [Sat, 17 Sep 2011 06:17:57 +0000 (16:17 +1000)]
create TLD on-demand for threads started pre-DLL load
Conflicts:
moonshot/mech_eap/util_tld.c
Luke Howard [Fri, 16 Sep 2011 22:10:21 +0000 (08:10 +1000)]
more cleanup of TLD
Luke Howard [Fri, 16 Sep 2011 21:49:44 +0000 (07:49 +1000)]
general cleanup of TLD init
Sam hartman [Fri, 16 Sep 2011 18:56:45 +0000 (19:56 +0100)]
mech_eap.spec: new redhat packaging
Add build infrastructure to generate spec file.
Sam hartman [Fri, 16 Sep 2011 18:56:38 +0000 (19:56 +0100)]
Update libeap to include make dist
Sam hartman [Fri, 16 Sep 2011 18:43:04 +0000 (19:43 +0100)]
Fix unused variable in non-acceptor mode
Sam hartman [Fri, 16 Sep 2011 18:41:51 +0000 (19:41 +0100)]
make dist: distribute sources
Distribute headers so that make dist works
Include headers in built sources to fix dependencies for parallel builds
Distribute exports files and require that the resulting library depend on them
Sam hartman [Fri, 16 Sep 2011 15:17:53 +0000 (16:17 +0100)]
Makefile: build fixes
mech_eap_la_CFLAGS was multiply defined.
Also, disable-acceptor sources were set incorrectly.
Sam hartman [Fri, 16 Sep 2011 15:16:28 +0000 (16:16 +0100)]
configure: GNU_SOURCE is redundant
You only want either use_extensions or gnu_source. use_extensions is
the modern preferred way to enable gnu_source.
This commit fixes a lot of useless warnings at autoreconf time.
Sam Hartman [Fri, 16 Sep 2011 15:13:03 +0000 (16:13 +0100)]
configure: support krb5 --with-system-et
If the system et and compile_et are used, then compile_et may not be
in the krb5 directory; support this.
Luke Howard [Fri, 16 Sep 2011 14:02:34 +0000 (00:02 +1000)]
More careful matching of alloc/free functions
Luke Howard [Fri, 16 Sep 2011 06:14:48 +0000 (16:14 +1000)]
use GSSEAP_ASSERT macro instead of assert