Luke Howard [Tue, 19 Oct 2010 12:08:57 +0000 (23:08 +1100)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Conflicts:
shibboleth/opensaml2
shibboleth/xmltooling
Luke Howard [Mon, 18 Oct 2010 22:04:59 +0000 (09:04 +1100)]
fix uninitialised return code in encodeExtensions
Luke Howard [Sat, 16 Oct 2010 21:06:55 +0000 (08:06 +1100)]
remove reflect error
Luke Howard [Sat, 16 Oct 2010 08:55:23 +0000 (19:55 +1100)]
add some function headers
Luke Howard [Sat, 16 Oct 2010 07:39:08 +0000 (18:39 +1100)]
cleanup
Luke Howard [Sat, 16 Oct 2010 07:34:06 +0000 (18:34 +1100)]
cleanup
Luke Howard [Sat, 16 Oct 2010 06:26:02 +0000 (17:26 +1100)]
update for libradsec API cleanups
Luke Howard [Fri, 15 Oct 2010 06:59:50 +0000 (17:59 +1100)]
fix comment explaining key derivation
Luke Howard [Wed, 13 Oct 2010 20:03:20 +0000 (07:03 +1100)]
attrbutes internal to the GSS EAP mechanism (not keys) can now
be requested, but they are not enumerated, nor can they be set
or deleted
Luke Howard [Wed, 13 Oct 2010 04:07:52 +0000 (15:07 +1100)]
add set/delete attribute to SAML provider
Luke Howard [Wed, 13 Oct 2010 00:51:09 +0000 (11:51 +1100)]
properly support multiple attribute statements
Luke Howard [Wed, 13 Oct 2010 00:09:52 +0000 (11:09 +1100)]
cleanup, fix some uninitialised variable warnings
Luke Howard [Tue, 12 Oct 2010 22:19:05 +0000 (09:19 +1100)]
copy name flags
Luke Howard [Tue, 12 Oct 2010 21:12:57 +0000 (08:12 +1100)]
more error reporting work
Luke Howard [Tue, 12 Oct 2010 11:22:57 +0000 (22:22 +1100)]
guess acceptor service name if none specified
Luke Howard [Tue, 12 Oct 2010 11:11:07 +0000 (22:11 +1100)]
more error handling improvements
Luke Howard [Tue, 12 Oct 2010 09:20:15 +0000 (20:20 +1100)]
More error reporting
Luke Howard [Tue, 12 Oct 2010 01:43:35 +0000 (12:43 +1100)]
better error checking
Luke Howard [Tue, 12 Oct 2010 01:38:53 +0000 (12:38 +1100)]
don't include attr length in exported composite names
Luke Howard [Tue, 12 Oct 2010 01:33:19 +0000 (12:33 +1100)]
plug leak
Luke Howard [Tue, 12 Oct 2010 01:31:05 +0000 (12:31 +1100)]
add RADIUS set/delete attribute code
Luke Howard [Tue, 12 Oct 2010 01:04:18 +0000 (12:04 +1100)]
squash error codes before emitting error tokens
Luke Howard [Tue, 12 Oct 2010 00:16:56 +0000 (01:16 +0100)]
Add error token type
Luke Howard [Mon, 11 Oct 2010 21:58:23 +0000 (22:58 +0100)]
error fixes
Luke Howard [Mon, 11 Oct 2010 20:39:27 +0000 (21:39 +0100)]
cleanup
Luke Howard [Mon, 11 Oct 2010 20:02:43 +0000 (22:02 +0200)]
cleanup radsec error mapping
Luke Howard [Mon, 11 Oct 2010 19:43:45 +0000 (21:43 +0200)]
error handling fixes
Luke Howard [Mon, 11 Oct 2010 19:12:52 +0000 (21:12 +0200)]
Better error reporting through com_err
Luke Howard [Mon, 11 Oct 2010 14:35:02 +0000 (16:35 +0200)]
add gsseap error table
Luke Howard [Mon, 11 Oct 2010 13:00:14 +0000 (15:00 +0200)]
initialise output token, cleanup
Luke Howard [Mon, 11 Oct 2010 08:12:06 +0000 (10:12 +0200)]
make name importing table driven
Luke Howard [Mon, 11 Oct 2010 00:13:13 +0000 (02:13 +0200)]
minor cleanup
Luke Howard [Mon, 11 Oct 2010 00:02:45 +0000 (02:02 +0200)]
cleanup
Luke Howard [Sun, 10 Oct 2010 23:59:41 +0000 (01:59 +0200)]
cleanup
Luke Howard [Sun, 10 Oct 2010 23:57:24 +0000 (01:57 +0200)]
refactory extensions code per Sam's comments
Luke Howard [Sun, 10 Oct 2010 17:16:05 +0000 (19:16 +0200)]
make extension tokens extensible
Luke Howard [Sun, 10 Oct 2010 15:51:26 +0000 (17:51 +0200)]
don't store count in exported RADIUS attrs
Luke Howard [Sat, 9 Oct 2010 16:19:57 +0000 (18:19 +0200)]
cleanup
Luke Howard [Sat, 9 Oct 2010 13:52:37 +0000 (15:52 +0200)]
gitignore
Luke Howard [Sat, 9 Oct 2010 13:39:22 +0000 (15:39 +0200)]
new autogen.sh from libradsec
Luke Howard [Sat, 9 Oct 2010 09:26:10 +0000 (11:26 +0200)]
cleanup
Luke Howard [Sat, 9 Oct 2010 09:21:26 +0000 (11:21 +0200)]
cleanup
Luke Howard [Sat, 9 Oct 2010 08:32:56 +0000 (10:32 +0200)]
mark attributes authenticated if they have PW_MESSAGE_AUTHENTICATOR
Luke Howard [Sat, 9 Oct 2010 08:29:35 +0000 (10:29 +0200)]
cleanup
Luke Howard [Sat, 9 Oct 2010 08:28:36 +0000 (10:28 +0200)]
remove name pointer to handle/config file
Luke Howard [Sat, 9 Oct 2010 08:12:55 +0000 (10:12 +0200)]
cleanup, filter secret attributes before copying
Luke Howard [Sat, 9 Oct 2010 07:46:18 +0000 (09:46 +0200)]
destroy conn handle after authenticated
Luke Howard [Sat, 9 Oct 2010 07:44:17 +0000 (09:44 +0200)]
remove util_alloc.c
Luke Howard [Sat, 9 Oct 2010 07:44:04 +0000 (09:44 +0200)]
remove util_alloc.c
Luke Howard [Sat, 9 Oct 2010 07:39:55 +0000 (09:39 +0200)]
cleanup
Luke Howard [Fri, 8 Oct 2010 22:49:18 +0000 (00:49 +0200)]
cleanup
Luke Howard [Fri, 8 Oct 2010 22:48:12 +0000 (00:48 +0200)]
add some documentation
Luke Howard [Fri, 8 Oct 2010 22:45:18 +0000 (00:45 +0200)]
add sample config file
Luke Howard [Fri, 8 Oct 2010 22:04:24 +0000 (00:04 +0200)]
require MSK on client
Luke Howard [Fri, 8 Oct 2010 21:37:01 +0000 (23:37 +0200)]
always need a key for CB to work
Luke Howard [Fri, 8 Oct 2010 20:41:39 +0000 (22:41 +0200)]
fix uninitialised return value
Luke Howard [Fri, 8 Oct 2010 20:41:11 +0000 (22:41 +0200)]
fix octet string length check
Luke Howard [Fri, 8 Oct 2010 19:29:47 +0000 (21:29 +0200)]
cleanup
Luke Howard [Fri, 8 Oct 2010 18:50:06 +0000 (20:50 +0200)]
fix some libradsec interop nits
Luke Howard [Fri, 8 Oct 2010 16:03:58 +0000 (18:03 +0200)]
allow RADIUS config stanza to be set via cred option
Luke Howard [Fri, 8 Oct 2010 15:55:56 +0000 (17:55 +0200)]
preliminary RADIUS error handling
Luke Howard [Fri, 8 Oct 2010 14:22:27 +0000 (16:22 +0200)]
don't link in libfreeradius-client
Luke Howard [Fri, 8 Oct 2010 14:21:49 +0000 (16:21 +0200)]
s/avps/vps/g
Luke Howard [Fri, 8 Oct 2010 14:05:07 +0000 (16:05 +0200)]
move alloc stuff into a separate file
Luke Howard [Fri, 8 Oct 2010 13:59:17 +0000 (15:59 +0200)]
initial libradsec port
Luke Howard [Fri, 8 Oct 2010 12:03:20 +0000 (14:03 +0200)]
fix constant nit
Luke Howard [Wed, 6 Oct 2010 21:21:07 +0000 (23:21 +0200)]
check for libradsec
Luke Howard [Wed, 6 Oct 2010 21:02:42 +0000 (23:02 +0200)]
cleanup exception handling
Luke Howard [Wed, 6 Oct 2010 20:04:51 +0000 (22:04 +0200)]
move to .22 OID arc
Luke Howard [Tue, 5 Oct 2010 09:29:36 +0000 (11:29 +0200)]
s/1.3.6.1.4.1.5322.21/1.3.6.1.4.1.5322.22
Luke Howard [Mon, 4 Oct 2010 10:43:24 +0000 (12:43 +0200)]
correctly propagate expiry time from reauth ticket
Luke Howard [Mon, 4 Oct 2010 10:25:36 +0000 (12:25 +0200)]
marshal server name in partial contexts
Luke Howard [Sat, 2 Oct 2010 20:22:27 +0000 (22:22 +0200)]
return EINVAL if no context
Luke Howard [Sat, 2 Oct 2010 20:19:10 +0000 (22:19 +0200)]
add temporary NOTES file
Luke Howard [Sat, 2 Oct 2010 20:18:59 +0000 (22:18 +0200)]
more locking cleanups
Luke Howard [Sat, 2 Oct 2010 20:16:51 +0000 (22:16 +0200)]
acquire lock in gss_wrap_iov_length()
Luke Howard [Sat, 2 Oct 2010 20:15:58 +0000 (22:15 +0200)]
acquire lock in gss_wrap_size_limit
Luke Howard [Fri, 1 Oct 2010 01:22:30 +0000 (03:22 +0200)]
more cleanups, locking-related
Luke Howard [Fri, 1 Oct 2010 01:08:53 +0000 (03:08 +0200)]
various mutex-related cleanups
Luke Howard [Thu, 30 Sep 2010 15:15:47 +0000 (17:15 +0200)]
beginnings of better error handling
Luke Howard [Thu, 30 Sep 2010 10:30:46 +0000 (12:30 +0200)]
Make sure libradius config file follows AVPs
Luke Howard [Wed, 29 Sep 2010 23:02:25 +0000 (01:02 +0200)]
eliminate non-AES EAP mechanisms
Luke Howard [Wed, 29 Sep 2010 16:29:30 +0000 (18:29 +0200)]
use a more efficient encoding of RADIUS AVPs
Luke Howard [Wed, 29 Sep 2010 13:15:53 +0000 (15:15 +0200)]
add some notes to README
Luke Howard [Wed, 29 Sep 2010 13:09:20 +0000 (15:09 +0200)]
lock creds in right spot in accept_sec_context
Luke Howard [Wed, 29 Sep 2010 11:16:08 +0000 (13:16 +0200)]
cleanup
Luke Howard [Wed, 29 Sep 2010 10:47:22 +0000 (12:47 +0200)]
Don't expose the enctype-less mech OID
Luke Howard [Tue, 28 Sep 2010 12:17:41 +0000 (14:17 +0200)]
better error handling in RADIUS AD plugin
Luke Howard [Tue, 28 Sep 2010 08:58:36 +0000 (10:58 +0200)]
SASL mech should be EAP
Luke Howard [Tue, 28 Sep 2010 08:58:06 +0000 (10:58 +0200)]
fix time of use reression in accept_sec_context
Luke Howard [Tue, 28 Sep 2010 07:38:29 +0000 (09:38 +0200)]
don't enter cleanup handler without locking cred
Luke Howard [Mon, 27 Sep 2010 23:29:56 +0000 (01:29 +0200)]
cleanup
Luke Howard [Mon, 27 Sep 2010 23:18:22 +0000 (01:18 +0200)]
be careful to lock cred before using it
Luke Howard [Mon, 27 Sep 2010 23:18:09 +0000 (01:18 +0200)]
reorder some things for future reauth cred support
Luke Howard [Mon, 27 Sep 2010 23:14:27 +0000 (01:14 +0200)]
comments
Luke Howard [Mon, 27 Sep 2010 23:11:36 +0000 (01:11 +0200)]
allow reauth code to use default credentials
Luke Howard [Mon, 27 Sep 2010 18:01:22 +0000 (20:01 +0200)]
Don't allow us to acquire initiator cred without password for now
Luke Howard [Mon, 27 Sep 2010 12:39:10 +0000 (14:39 +0200)]
set minor on gss_internal_release_oid
Luke Howard [Sun, 26 Sep 2010 16:28:55 +0000 (18:28 +0200)]
do the right lucid thing for accepor subkeys
Luke Howard [Sun, 26 Sep 2010 16:25:41 +0000 (18:25 +0200)]
support for lucid export
projects / mech_eap.orig / log