Luke Howard [Tue, 13 Sep 2011 05:02:41 +0000 (15:02 +1000)]
Merge TLD code from Windows port, after cleanup
Luke Howard [Tue, 13 Sep 2011 04:16:17 +0000 (14:16 +1000)]
build without RADIUS-related headers if no acceptor
Luke Howard [Mon, 12 Sep 2011 22:42:07 +0000 (08:42 +1000)]
make it possible to build without acceptor
Luke Howard [Mon, 12 Sep 2011 12:07:17 +0000 (22:07 +1000)]
make possible build without OpenSAML and/or Shib
Luke Howard [Mon, 12 Sep 2011 03:32:34 +0000 (13:32 +1000)]
merge a few Win32 build fixes
Luke Howard [Sat, 10 Sep 2011 21:30:35 +0000 (22:30 +0100)]
separate {init,accept}_sec_context into gss_/gssEap pattern
Luke Howard [Sat, 10 Sep 2011 19:12:08 +0000 (20:12 +0100)]
add GSS_EAP_CRED_SET_CRED_PASSWORD cred option
Luke Howard [Sat, 10 Sep 2011 17:49:27 +0000 (18:49 +0100)]
add GSSEAP_CONSTRUCTOR/DESTRUCTOR macro
Luke Howard [Sat, 10 Sep 2011 17:45:48 +0000 (18:45 +0100)]
use GSSAPI_CALLCONV for exported SPIs
Luke Howard [Sat, 10 Sep 2011 09:31:20 +0000 (10:31 +0100)]
update TODO
Luke Howard [Fri, 9 Sep 2011 22:51:04 +0000 (23:51 +0100)]
Merge branch 'ext-mic' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot into ext-mic
Luke Howard [Fri, 9 Sep 2011 22:44:04 +0000 (23:44 +0100)]
Merge branch 'master' into ext-mic
Luke Howard [Wed, 7 Sep 2011 13:33:19 +0000 (14:33 +0100)]
support for libmoonshot identity selector
Luke Howard [Fri, 9 Sep 2011 21:17:56 +0000 (22:17 +0100)]
Merge branch 'master' into ext-mic
Luke Howard [Fri, 9 Sep 2011 21:16:45 +0000 (22:16 +0100)]
remove unused toktype2 variable
From: Sam Hartman <hartmans@painless-security.com>
Luke Howard [Fri, 9 Sep 2011 21:14:19 +0000 (22:14 +0100)]
remove unused EAP state machine variable
Luke Howard [Fri, 9 Sep 2011 21:12:48 +0000 (22:12 +0100)]
Check error return from vasprintf: string is undefined on error
From: Sam Hartman <hartmans@painless-security.com>
Luke Howard [Tue, 6 Sep 2011 10:23:56 +0000 (11:23 +0100)]
Update assert to reflect protected subtoken length
Luke Howard [Sat, 16 Jul 2011 11:59:31 +0000 (11:59 +0000)]
Merge branch 'ext-mic' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot into ext-mic
Conflicts:
moonshot/mech_eap/util_context.c
Luke Howard [Sat, 16 Jul 2011 11:56:54 +0000 (11:56 +0000)]
integrity protect subtoken length
Luke Howard [Thu, 19 May 2011 15:14:48 +0000 (17:14 +0200)]
integrity protect extension token exchange
Luke Howard [Thu, 19 May 2011 15:02:25 +0000 (17:02 +0200)]
send GSS flags
Luke Howard [Sat, 16 Jul 2011 11:46:34 +0000 (11:46 +0000)]
remove getFeatures() hack when initialising Shib
Shibboleth now supports multiple initializations
Luke Howard [Sat, 11 Jun 2011 20:24:56 +0000 (20:24 +0000)]
Merge branch 'ext-mic' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot into ext-mic
Luke Howard [Thu, 19 May 2011 15:14:48 +0000 (17:14 +0200)]
integrity protect extension token exchange
Luke Howard [Thu, 19 May 2011 15:02:25 +0000 (17:02 +0200)]
send GSS flags
Luke Howard [Sat, 11 Jun 2011 20:23:57 +0000 (20:23 +0000)]
update TODO list
Sam Hartman [Thu, 2 Jun 2011 19:04:25 +0000 (15:04 -0400)]
Commit an opensaml2 to that exists
Luke Howard [Mon, 23 May 2011 20:18:48 +0000 (16:18 -0400)]
ScopedAttribute/SimpleAttribute are displayable
Luke Howard [Mon, 23 May 2011 17:48:36 +0000 (13:48 -0400)]
support BinaryAttribute subclasses
Luke Howard [Mon, 23 May 2011 15:05:30 +0000 (11:05 -0400)]
Upgrade Shibboleth for binary attribute support
Luke Howard [Thu, 19 May 2011 15:14:48 +0000 (17:14 +0200)]
integrity protect extension token exchange
Luke Howard [Thu, 19 May 2011 15:02:25 +0000 (17:02 +0200)]
send GSS flags
Luke Howard [Fri, 20 May 2011 11:08:42 +0000 (13:08 +0200)]
Revert "implement gss_acquire_cred_ext"
This reverts commit
57135a1070518a0c1228a29ed9fcf726357856a1.
Luke Howard [Fri, 20 May 2011 11:08:34 +0000 (13:08 +0200)]
Revert "remove acquire_cred_ext until it is standardized"
This reverts commit
0620dfff7eeebfec8279f4a7ee8e60e75161a856.
Luke Howard [Fri, 20 May 2011 08:04:22 +0000 (10:04 +0200)]
reauth-specific hack should be conditional on reauth being enabled
Luke Howard [Fri, 20 May 2011 07:52:45 +0000 (09:52 +0200)]
remove acquire_cred_ext until it is standardized
Luke Howard [Thu, 19 May 2011 14:11:06 +0000 (16:11 +0200)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Thu, 19 May 2011 14:09:27 +0000 (16:09 +0200)]
update TODO
Luke Howard [Tue, 17 May 2011 10:24:36 +0000 (12:24 +0200)]
update to openssh-5.8p2
moonshot [Mon, 4 Apr 2011 18:47:27 +0000 (14:47 -0400)]
hack: force mutual to be true
Force mutual to be true for the vm-integ brach so ssh works
Luke Howard [Mon, 16 May 2011 22:49:11 +0000 (00:49 +0200)]
fool gssapi symbol tests into working with Heimdal and MIT
Luke Howard [Mon, 16 May 2011 22:46:40 +0000 (00:46 +0200)]
move gss_const_OID compat to gssapiP_eap.h
Luke Howard [Mon, 16 May 2011 13:49:02 +0000 (15:49 +0200)]
don't set display_value for binary RADIUS attributes
Luke Howard [Mon, 16 May 2011 12:26:44 +0000 (14:26 +0200)]
update with location of samba patches
Luke Howard [Mon, 16 May 2011 11:44:37 +0000 (13:44 +0200)]
update README
Luke Howard [Mon, 16 May 2011 08:58:53 +0000 (10:58 +0200)]
Add readme for Samba
Luke Howard [Mon, 16 May 2011 08:20:34 +0000 (10:20 +0200)]
cleanup getFragmentedAttribute
Luke Howard [Mon, 16 May 2011 08:05:20 +0000 (10:05 +0200)]
catch exceptions initialising Shibboleth
Luke Howard [Mon, 16 May 2011 07:59:03 +0000 (09:59 +0200)]
remove attempt to autdetect base64, it's broken
instead, put a special hack for urn:mspac: until Shibboleth is fixed
Luke Howard [Mon, 16 May 2011 07:56:46 +0000 (09:56 +0200)]
allow newlines in base64Valid check
Luke Howard [Mon, 16 May 2011 07:48:43 +0000 (09:48 +0200)]
note that treating all base64 values as binary is bad
Luke Howard [Sun, 15 May 2011 23:17:20 +0000 (01:17 +0200)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Sun, 15 May 2011 23:16:41 +0000 (01:16 +0200)]
allow binary resolved attributes
Luke Howard [Sun, 15 May 2011 23:16:32 +0000 (01:16 +0200)]
allow empty user names in SSH protocol
Luke Howard [Sun, 15 May 2011 23:15:03 +0000 (01:15 +0200)]
Treat non-internal UKERNA attributes as fragmented, for PAC
Luke Howard [Sun, 15 May 2011 23:10:20 +0000 (01:10 +0200)]
always set complete for local attributes
Luke Howard [Sun, 15 May 2011 23:03:46 +0000 (01:03 +0200)]
add MS-Windows-Auth-Data attribute
Luke Howard [Sun, 15 May 2011 22:52:02 +0000 (00:52 +0200)]
ignore embedded newlines in base64
Luke Howard [Sun, 15 May 2011 15:24:20 +0000 (17:24 +0200)]
Update OpenSSH to support passing empty user name
Luke Howard [Sat, 14 May 2011 23:18:02 +0000 (01:18 +0200)]
implement gss_acquire_cred_ext
Luke Howard [Sat, 14 May 2011 14:01:04 +0000 (16:01 +0200)]
implement gss_inquire_cred_by_mech
Luke Howard [Thu, 12 May 2011 21:24:45 +0000 (23:24 +0200)]
allow pCtx to be NULL for Heimdal compat
Luke Howard [Thu, 12 May 2011 21:05:06 +0000 (23:05 +0200)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Conflicts:
moonshot/mech_eap/util_saml.cpp
Luke Howard [Thu, 12 May 2011 20:33:22 +0000 (22:33 +0200)]
don't release mech OID on Heimdal
Luke Howard [Tue, 10 May 2011 11:32:15 +0000 (13:32 +0200)]
cleanup indentation
Sam Hartman [Tue, 10 May 2011 00:21:49 +0000 (20:21 -0400)]
Remove inappropriate const from cast
Sam Hartman [Tue, 10 May 2011 00:21:49 +0000 (20:21 -0400)]
Remove inappropriate const from cast
(cherry picked from commit
a4f1d12a74dd8021570fc9a8d4c4304036991990)
Sam Hartman [Mon, 9 May 2011 14:28:38 +0000 (10:28 -0400)]
Add firefox module
Sam Hartman [Mon, 9 May 2011 14:27:16 +0000 (10:27 -0400)]
Update for radsec repo
Luke Howard [Mon, 9 May 2011 12:24:10 +0000 (14:24 +0200)]
note about interning OIDs
Luke Howard [Tue, 3 May 2011 14:54:06 +0000 (16:54 +0200)]
update to libeap with -DCONFIG_TLS_INTERNAL_CLIENT
Luke Howard [Thu, 28 Apr 2011 06:25:42 +0000 (02:25 -0400)]
Merge branch 'master' of /srv/git/moonshot
Luke Howard [Thu, 28 Apr 2011 06:25:21 +0000 (02:25 -0400)]
update resolver/sp for Heimdal naming extension tests
Luke Howard [Wed, 27 Apr 2011 22:36:43 +0000 (00:36 +0200)]
alphabetize sources correctly
Luke Howard [Wed, 27 Apr 2011 16:59:22 +0000 (18:59 +0200)]
reinstate -DEAP_XXX defines for now
Luke Howard [Wed, 27 Apr 2011 16:08:47 +0000 (18:08 +0200)]
remove mech_eap/libeap from build packages and replace with moonshot
Luke Howard [Wed, 27 Apr 2011 15:44:38 +0000 (17:44 +0200)]
cleanup autogen.sh
Luke Howard [Wed, 27 Apr 2011 15:13:13 +0000 (17:13 +0200)]
fix mech_eap build on OS X
Luke Howard [Wed, 27 Apr 2011 15:01:32 +0000 (17:01 +0200)]
update libeap for CONFIG_FIPS fix
Luke Howard [Wed, 27 Apr 2011 14:45:14 +0000 (16:45 +0200)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Wed, 27 Apr 2011 14:44:29 +0000 (16:44 +0200)]
export gssspi_authorize_localname
Luke Howard [Wed, 27 Apr 2011 14:42:16 +0000 (16:42 +0200)]
remove @EAP_LDFLAGS@, no longer exists
Sam Hartman [Wed, 27 Apr 2011 14:23:16 +0000 (10:23 -0400)]
Update libeap
Luke Howard [Wed, 27 Apr 2011 14:11:21 +0000 (16:11 +0200)]
include gssspi_authorize_localname
Luke Howard [Wed, 27 Apr 2011 14:11:05 +0000 (16:11 +0200)]
silent-rules unknown with my version of automake
Luke Howard [Wed, 27 Apr 2011 14:10:49 +0000 (16:10 +0200)]
move autogen.sh to top level
Luke Howard [Wed, 27 Apr 2011 14:10:05 +0000 (16:10 +0200)]
add gssspi_authorize_localname() stub
Sam Hartman [Wed, 27 Apr 2011 13:51:43 +0000 (09:51 -0400)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/moonshot
Sam Hartman [Tue, 26 Apr 2011 20:48:11 +0000 (16:48 -0400)]
Update libeap location in modules
Sam Hartman [Tue, 26 Apr 2011 18:20:10 +0000 (14:20 -0400)]
Rearrange moonshot to have libeap as a subproject
Pull in libeap and build against a libtool convenience library for it.
Luke Howard [Tue, 26 Apr 2011 15:57:29 +0000 (17:57 +0200)]
Set libradsec checkout to
b6cbbcfa
Luke Howard [Fri, 22 Apr 2011 10:58:20 +0000 (12:58 +0200)]
Change krbCred member to reauthCred to better clarify purpose
Luke Howard [Fri, 22 Apr 2011 06:13:15 +0000 (08:13 +0200)]
libeap is now C++ clean, remove workaround
Luke Howard [Thu, 21 Apr 2011 18:21:19 +0000 (20:21 +0200)]
s/kerberosCtx/reauthCtx/g
Luke Howard [Tue, 19 Apr 2011 21:46:37 +0000 (23:46 +0200)]
sync sp with upstream - composite name support
Luke Howard [Tue, 19 Apr 2011 21:41:04 +0000 (23:41 +0200)]
sync sp with upstream
Luke Howard [Tue, 19 Apr 2011 21:24:41 +0000 (23:24 +0200)]
update for changed addToken() API
Luke Howard [Tue, 19 Apr 2011 18:49:28 +0000 (20:49 +0200)]
send a composite name token instead of a sec context to shib
Luke Howard [Tue, 19 Apr 2011 16:58:38 +0000 (18:58 +0200)]
Allow composite names in GSS_C_NT_EXPORT_NAME