summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
kouril [Tue, 4 Nov 2003 19:08:15 +0000 (19:08 +0000)]
Added support for the KrbServiceName option, which can be used to set the name
of the service key in the keytab
kouril [Tue, 4 Nov 2003 18:52:22 +0000 (18:52 +0000)]
added support for both spnego and pure krb5 GSS tokens
kouril [Tue, 4 Nov 2003 18:50:28 +0000 (18:50 +0000)]
Don't use recursive definition
kouril [Tue, 4 Nov 2003 16:59:01 +0000 (16:59 +0000)]
Added check for Heimdal
kouril [Tue, 4 Nov 2003 16:39:36 +0000 (16:39 +0000)]
- the spnegokrb5 lib is not used if only krb4 is specified
- configure script adapted to work correctly with MIT krb4 headers
kouril [Tue, 4 Nov 2003 14:31:39 +0000 (14:31 +0000)]
removed unused files
kouril [Tue, 4 Nov 2003 14:30:21 +0000 (14:30 +0000)]
- cosmetics in the main Makefile
- changes to make the spnego dir work with the autools stuff
kouril [Tue, 4 Nov 2003 14:08:22 +0000 (14:08 +0000)]
Remove Makefiles which are generated by the autools stuff
kouril [Tue, 4 Nov 2003 14:06:24 +0000 (14:06 +0000)]
Added distclean rule
kouril [Tue, 4 Nov 2003 13:58:43 +0000 (13:58 +0000)]
ignore generated stuff
kouril [Tue, 4 Nov 2003 13:52:14 +0000 (13:52 +0000)]
- set bugs contact to the developer list
- the apxs and httpd binaries are also looked for in the sbin subdirs
kouril [Tue, 4 Nov 2003 12:37:11 +0000 (12:37 +0000)]
Added option KrbVerifyKDC to optinaly disable the verification of KDC
(solves Patch record #835573)
kouril [Mon, 3 Nov 2003 09:16:01 +0000 (09:16 +0000)]
- removed unused compatibility macros
- don't let apache log errno messages
- use HAVE_KRB5_CC_GEN_NEW definition (set by the configure script)
- have the moduled called only once (for the initial request). This should
prevent from multiple contacting KDC and significantly decrease number of
messages sent over the network (and increase perfomance thus)
kouril [Mon, 3 Nov 2003 09:07:24 +0000 (09:07 +0000)]
Added support for autotools
kouril [Fri, 31 Oct 2003 15:30:53 +0000 (15:30 +0000)]
Added variable to makefile.include to ease build of stand-alone spnegokrb5
kouril [Fri, 31 Oct 2003 15:20:41 +0000 (15:20 +0000)]
*** empty log message ***
kouril [Mon, 27 Oct 2003 12:50:57 +0000 (12:50 +0000)]
typos
kouril [Mon, 27 Oct 2003 12:48:02 +0000 (12:48 +0000)]
Added variable to makefile.include to ease build of stand-alone spnegokrb5
kouril [Mon, 27 Oct 2003 12:46:59 +0000 (12:46 +0000)]
Allocate memory before setting enviroment
kouril [Fri, 24 Oct 2003 11:36:36 +0000 (11:36 +0000)]
Added some comments
kouril [Fri, 17 Oct 2003 09:29:05 +0000 (09:29 +0000)]
Log error messages on krb4 failures
kouril [Mon, 29 Sep 2003 16:23:15 +0000 (16:23 +0000)]
Warning about bad use of strcat
kouril [Thu, 18 Sep 2003 11:03:56 +0000 (11:03 +0000)]
use putenv() instead of setenv() to be more portable (Solaris9 seems not like it
-- see https://sourceforge.net/forum/message.php?msg_id=2196410)
kouril [Mon, 8 Sep 2003 11:39:24 +0000 (11:39 +0000)]
remove also files in the src directory
kouril [Mon, 8 Sep 2003 11:33:24 +0000 (11:33 +0000)]
removed configure.in
kouril [Mon, 8 Sep 2003 11:32:29 +0000 (11:32 +0000)]
First attempt of writing configure.in
kouril [Mon, 8 Sep 2003 11:24:39 +0000 (11:24 +0000)]
Added _very_ rough documentation
kouril [Mon, 8 Sep 2003 11:22:26 +0000 (11:22 +0000)]
Send 'Negotiate' instead of 'GSS-Negotiate' in the WWW-Authenticate header
kouril [Mon, 8 Sep 2003 11:21:15 +0000 (11:21 +0000)]
Link with the spnegokrb5 lib
kouril [Mon, 8 Sep 2003 10:38:37 +0000 (10:38 +0000)]
Use MIT by default :-)
kouril [Mon, 8 Sep 2003 10:37:35 +0000 (10:37 +0000)]
Make comment more descriptive
kouril [Sat, 6 Sep 2003 21:25:37 +0000 (21:25 +0000)]
removed free()
kouril [Sat, 6 Sep 2003 21:05:24 +0000 (21:05 +0000)]
Added the accepting part
kouril [Fri, 5 Sep 2003 14:38:15 +0000 (14:38 +0000)]
Added proper GSS encapsulation of token sent
kouril [Fri, 5 Sep 2003 09:29:01 +0000 (09:29 +0000)]
Removed unsed Makefile.in
kouril [Fri, 5 Sep 2003 09:23:19 +0000 (09:23 +0000)]
Removed unused files
kouril [Fri, 5 Sep 2003 09:16:50 +0000 (09:16 +0000)]
Removed dependecies on Heimdal
kouril [Fri, 5 Sep 2003 09:00:29 +0000 (09:00 +0000)]
Makefile stuff to build the whole zoo
kouril [Fri, 5 Sep 2003 08:59:35 +0000 (08:59 +0000)]
- added version announcent (ap_add_version_component) for apache2
- fixed headers locations
kouril [Fri, 5 Sep 2003 08:54:08 +0000 (08:54 +0000)]
Added wrapping calls (gss_init_sec_context_spnego() and gss_accept_sec_context_spnego()) for SPNEGO and krb5 gss-api
kouril [Thu, 4 Sep 2003 12:55:49 +0000 (12:55 +0000)]
Call of gss_accept_sec_context_spnego
kouril [Tue, 26 Aug 2003 10:50:57 +0000 (10:50 +0000)]
Fixed my email address
kouril [Tue, 26 Aug 2003 06:52:37 +0000 (06:52 +0000)]
Ludek Sulak added to originators
kouril [Mon, 25 Aug 2003 12:24:27 +0000 (12:24 +0000)]
Better handling of includes
kouril [Mon, 25 Aug 2003 10:39:03 +0000 (10:39 +0000)]
Added correct parameters to ap_strcat()
kouril [Mon, 25 Aug 2003 07:02:19 +0000 (07:02 +0000)]
- Added a license block
- Krb4 part adapted to be able to build with MIT too
- Removed option KrbServiceName (current server hostname is found by means of
ap_get_server_name())
- Added new function krb5_verify_user() implementing krb5 password verification
(not dependent on actual krb5 implementation used)
kouril [Tue, 12 Aug 2003 13:45:39 +0000 (13:45 +0000)]
Implemented KRB4 password verification
kouril [Tue, 12 Aug 2003 10:49:36 +0000 (10:49 +0000)]
- removed unused code
- removed directives KrbSaveTickets, KrbForwardable
kouril [Tue, 12 Aug 2003 09:36:42 +0000 (09:36 +0000)]
Since we're going to support mainly Kerberos GSSAPI, gss context is not kept
across multiple request.
kouril [Tue, 12 Aug 2003 08:18:10 +0000 (08:18 +0000)]
- added setting flag KRB5_TC_OPENCLOSE to make krb5_initialize happy
- various typos
kouril [Tue, 12 Aug 2003 07:00:32 +0000 (07:00 +0000)]
- krb5_verify_user() made really work
- added parameters use_krb4, use_krb5 to note_kerb_auth_failure()
kouril [Mon, 11 Aug 2003 14:12:47 +0000 (14:12 +0000)]
Changes for compatibility with MIT (1.2.8)
kouril [Mon, 11 Aug 2003 12:45:22 +0000 (12:45 +0000)]
- removed directive 'KrbTmpdir'
- new files for krb5 ccaches are generated by means of krb5 API
kouril [Mon, 11 Aug 2003 12:27:15 +0000 (12:27 +0000)]
- have the module returned the krb5 format of authenticated username instead of what user sent in the request
- if service name given in the config file contains a slash, use only the first
part of the service name
kouril [Mon, 11 Aug 2003 11:27:49 +0000 (11:27 +0000)]
Use gss_display_name() instead of gss_export_name() to get only the user's name without mechanism id's
kouril [Mon, 11 Aug 2003 11:06:45 +0000 (11:06 +0000)]
Added call krb5_save_realms() for saving multiple realms given in a config file (can the ITERATE flag be used?)
kouril [Mon, 11 Aug 2003 09:49:30 +0000 (09:49 +0000)]
Removed option 'AuthKerberos' (and all corresponding code) and used AuthType
instead.
kouril [Fri, 8 Aug 2003 14:28:15 +0000 (14:28 +0000)]
- name changed from kerb_auth_module to auth_kerb_module (to ease building with
apache2)
- more adaptations to make it compile with apache2
kouril [Fri, 8 Aug 2003 12:17:50 +0000 (12:17 +0000)]
Adaptation to make it compile with Apache 2.0 (not finished yet)
kouril [Thu, 7 Aug 2003 14:57:37 +0000 (14:57 +0000)]
Removed useless code
kouril [Thu, 7 Aug 2003 13:16:07 +0000 (13:16 +0000)]
- use specifiefd keytab for passwd verification
- use service_name from config file if specified
- corrected output of gss error text
kouril [Thu, 7 Aug 2003 10:09:54 +0000 (10:09 +0000)]
- removed unused code
- added some comments to make the module structure more readable
kouril [Thu, 7 Aug 2003 09:55:49 +0000 (09:55 +0000)]
- reordered calls so that similar calls are placed togetoher
- added and used function store_gss_creds()
- fixed parameters sent in http 401 replies
kouril [Thu, 7 Aug 2003 08:44:41 +0000 (08:44 +0000)]
Added support for KerberosV5, KerberosV4 keywords in AuthType
kouril [Thu, 7 Aug 2003 07:47:45 +0000 (07:47 +0000)]
Defined macro 'command' to ease the kerb_auth_cmds structure (unified for apache1 and apache2)
kouril [Thu, 7 Aug 2003 07:08:16 +0000 (07:08 +0000)]
Cleanups
kouril [Mon, 30 Jun 2003 19:41:48 +0000 (19:41 +0000)]
- some code from store_krb5_creds() moved to separate function (called from
store_krb5_creds()), this new function will be also used from the gssapi
handler
kouril [Mon, 30 Jun 2003 16:53:33 +0000 (16:53 +0000)]
- removed unused variables
- added analogical MIT call for krb5_cc_gen_new()
- added get_gss_error() call printing GSS error messages
- activated Negotiate support
(compiles with Heimdal and apache 1.3.37)
jadestorm [Mon, 30 Jun 2003 15:01:17 +0000 (15:01 +0000)]
Committing what I have. See ChangeLog for the last couple of things I
did. I wouldn't consider anything in any form of reasonable state at the
moment.
kouril [Sun, 29 Jun 2003 10:06:11 +0000 (10:06 +0000)]
- Added a cleanup function purging ticket file(s) after finishing http request
- Code for credential storing moved to a separate function
- Added logging of error messages
Compiles with Heimdal and Apache 1.3.27, not tested if really works
kouril [Mon, 23 Jun 2003 12:38:34 +0000 (12:38 +0000)]
Various code rearrangements to achieve portable password verification.
- added call of krb5_verify_user() for password verification
- password verification moved into a separate function (also called
krb5_verify_user()), which compiles only if Heimdal is not found (since this
call seems to be missing from the MIT API)
- should work with both Heimdal and MIT implementation
- don't compile yet
kouril [Sun, 8 Jun 2003 18:46:31 +0000 (18:46 +0000)]
- Added functions for Negotiate support, not called from the body yet.
- Compiles with Apache 1.3.27 and Heimdal 0.6.
kouril [Fri, 6 Jun 2003 10:49:27 +0000 (10:49 +0000)]
Note Negotiate support in TODO
kouril [Fri, 6 Jun 2003 10:22:35 +0000 (10:22 +0000)]
Added CVS identification keyword
kouril [Thu, 5 Jun 2003 15:03:26 +0000 (15:03 +0000)]
typos (done mainly to test if notification works)
jadestorm [Tue, 3 Jun 2003 04:03:24 +0000 (04:03 +0000)]
Added a fair amount of functionality that was present in 4.*.
jadestorm [Thu, 29 May 2003 15:31:02 +0000 (15:31 +0000)]
Fixed up configure scripts and Makefiles to work with new setup.
Fixed mod_auth_kerb.c to compile.
jadestorm [Thu, 29 May 2003 14:56:26 +0000 (14:56 +0000)]
Removed krb5 source tree.
jadestorm [Thu, 29 May 2003 14:55:51 +0000 (14:55 +0000)]
Removed separate krb4 source tree.
jadestorm [Thu, 29 May 2003 14:55:16 +0000 (14:55 +0000)]
Removed apache2 separate source tree.
jadestorm [Thu, 29 May 2003 14:54:31 +0000 (14:54 +0000)]
Removed apache 1 separate source tree.
jadestorm [Thu, 29 May 2003 14:52:38 +0000 (14:52 +0000)]
Returned to single mod_auth_kerb.c file.
jadestorm [Sat, 7 Sep 2002 01:53:24 +0000 (01:53 +0000)]
Added rest of options I expect to be using.
jadestorm [Fri, 6 Sep 2002 04:07:14 +0000 (04:07 +0000)]
Added EAPI check.
jadestorm [Fri, 6 Sep 2002 04:00:46 +0000 (04:00 +0000)]
Prettied up module configs.
jadestorm [Tue, 3 Sep 2002 02:59:34 +0000 (02:59 +0000)]
Added authoritative support.
jadestorm [Tue, 3 Sep 2002 01:31:27 +0000 (01:31 +0000)]
Added support for fail_status and authkerberos options.
jadestorm [Mon, 2 Sep 2002 04:29:49 +0000 (04:29 +0000)]
Added auth_cmds.c processing for apache1 and 2. Still need to add custom
option processors.
jadestorm [Tue, 9 Jul 2002 04:57:00 +0000 (04:57 +0000)]
Added more todos.
jadestorm [Tue, 9 Jul 2002 04:54:48 +0000 (04:54 +0000)]
Added beginnings of commands that mod_auth_kerb supports.
jadestorm [Mon, 8 Jul 2002 01:55:08 +0000 (01:55 +0000)]
Added Dual Auth support via KerberosDualV5V4 and KerberosDualV4V5.
jadestorm [Sun, 7 Jul 2002 14:56:53 +0000 (14:56 +0000)]
Added rest of TODO's.
jadestorm [Thu, 4 Jul 2002 19:14:53 +0000 (19:14 +0000)]
Added TODO list to keep track of what all is in the agenda. =)
jadestorm [Mon, 3 Jun 2002 05:11:56 +0000 (05:11 +0000)]
Added AUTHORS, ChangeLog, INSTALL, and NEWS in an attempt to make this look
a little more 'normal'. =)
jadestorm [Wed, 8 May 2002 04:41:10 +0000 (04:41 +0000)]
Fixed Apache 2 support. Had ap_strcat instead of apr_strcat.
jadestorm [Tue, 7 May 2002 01:20:45 +0000 (01:20 +0000)]
Begin fixes on apache2 API for initial ticket authentication.
However, currently apache refuses to load the module.
jadestorm [Sat, 4 May 2002 17:54:34 +0000 (17:54 +0000)]
Fixed configure to look in appropriate location for krb4 header files
within a krb5 install. Fixed auth_user to actually work, and removed
a warning from krb4/validate.
jadestorm [Sat, 4 May 2002 05:37:24 +0000 (05:37 +0000)]
Some work done to get initial username/password checking working.
jadestorm [Wed, 1 May 2002 19:03:59 +0000 (19:03 +0000)]
Initial revision