Sam Hartman [Tue, 10 May 2011 14:33:59 +0000 (10:33 -0400)]
Update openssh package
Sam Hartman [Tue, 10 May 2011 14:32:28 +0000 (10:32 -0400)]
Update firefox package
Sam Hartman [Tue, 10 May 2011 12:52:18 +0000 (08:52 -0400)]
Updates for DVD image
moonshot [Mon, 4 Apr 2011 18:46:29 +0000 (14:46 -0400)]
Hack: force complete to be true
The version of the mech glue we're using requires complete for gss_userok.
That's a bug but it is easier to work around that here than to fix in the mechglue
Sam Hartman [Tue, 10 May 2011 00:32:25 +0000 (20:32 -0400)]
Autoreconf mod-auth-kerb
Sam Hartman [Tue, 10 May 2011 00:22:08 +0000 (20:22 -0400)]
Don't cast get_provider to const when not ssigning to a const variable
Sam Hartman [Tue, 10 May 2011 00:21:49 +0000 (20:21 -0400)]
Remove inappropriate const from cast
Sam Hartman [Mon, 9 May 2011 21:13:36 +0000 (17:13 -0400)]
Update mod_auth_kerb to include debian install fixes
Sam Hartman [Mon, 9 May 2011 18:40:57 +0000 (14:40 -0400)]
Update firefox ext
Sam Hartman [Mon, 9 May 2011 18:33:10 +0000 (14:33 -0400)]
Add firefox
Sam Hartman [Mon, 9 May 2011 18:32:44 +0000 (14:32 -0400)]
Update mod auth gss
Sam Hartman [Mon, 9 May 2011 16:19:14 +0000 (12:19 -0400)]
Update firefox extension
Sam Hartman [Mon, 9 May 2011 15:31:20 +0000 (11:31 -0400)]
Add firefox
Sam Hartman [Mon, 9 May 2011 14:28:38 +0000 (10:28 -0400)]
Add firefox module
Sam Hartman [Mon, 9 May 2011 14:26:30 +0000 (10:26 -0400)]
Support epoch
Sam Hartman [Wed, 4 May 2011 23:58:40 +0000 (19:58 -0400)]
debian libeap: pull in patch to enable tls
Sam Hartman [Wed, 4 May 2011 22:42:45 +0000 (18:42 -0400)]
Enable TLS in libeap
* Enable TLS in libeap
* Force mutual authentication
moonshot [Mon, 4 Apr 2011 18:47:27 +0000 (14:47 -0400)]
hack: force mutual to be true
Force mutual to be true for the vm-integ brach so ssh works
Sam Hartman [Sat, 30 Apr 2011 21:37:03 +0000 (17:37 -0400)]
Update shibboleth
Sam Hartman [Sat, 30 Apr 2011 13:03:44 +0000 (09:03 -0400)]
Build openssh for now
Sam Hartman [Fri, 29 Apr 2011 23:23:46 +0000 (19:23 -0400)]
fix typo
Sam Hartman [Fri, 29 Apr 2011 22:37:23 +0000 (18:37 -0400)]
Update libradsec
Sam Hartman [Fri, 29 Apr 2011 22:18:19 +0000 (18:18 -0400)]
Add --tar-file for buildbot integration to debian-builder
Sam Hartman [Wed, 27 Apr 2011 19:33:40 +0000 (15:33 -0400)]
Enable gssapi configure option
Sam Hartman [Wed, 27 Apr 2011 18:48:08 +0000 (14:48 -0400)]
Shibboleth sp and resolver need gss libraries
Sam Hartman [Wed, 27 Apr 2011 18:37:54 +0000 (14:37 -0400)]
Depend on libfreeradius-dev
Sam Hartman [Wed, 27 Apr 2011 17:48:28 +0000 (13:48 -0400)]
Merge remote branch 'origin/master' into debian
Conflicts:
libradsec
moonshot/libeap
source_packages
Sam Hartman [Wed, 27 Apr 2011 17:42:22 +0000 (13:42 -0400)]
Remove newline from source_packages
Sam Hartman [Wed, 27 Apr 2011 17:41:58 +0000 (13:41 -0400)]
Depend on libjansson-dev
Sam Hartman [Wed, 27 Apr 2011 17:40:56 +0000 (13:40 -0400)]
Update libradsec
Luke Howard [Wed, 27 Apr 2011 16:59:22 +0000 (18:59 +0200)]
reinstate -DEAP_XXX defines for now
Sam Hartman [Wed, 27 Apr 2011 16:19:02 +0000 (12:19 -0400)]
Renames for resolver package
Sam Hartman [Wed, 27 Apr 2011 16:15:32 +0000 (12:15 -0400)]
Update libradsec
Luke Howard [Wed, 27 Apr 2011 16:08:47 +0000 (18:08 +0200)]
remove mech_eap/libeap from build packages and replace with moonshot
Luke Howard [Wed, 27 Apr 2011 15:44:38 +0000 (17:44 +0200)]
cleanup autogen.sh
Luke Howard [Wed, 27 Apr 2011 15:13:13 +0000 (17:13 +0200)]
fix mech_eap build on OS X
Luke Howard [Wed, 27 Apr 2011 15:01:32 +0000 (17:01 +0200)]
update libeap for CONFIG_FIPS fix
Luke Howard [Wed, 27 Apr 2011 14:45:14 +0000 (16:45 +0200)]
Merge branch 'master' of ssh://moonshot.suchdamage.org:822/srv/git/moonshot
Luke Howard [Wed, 27 Apr 2011 14:44:29 +0000 (16:44 +0200)]
export gssspi_authorize_localname
Luke Howard [Wed, 27 Apr 2011 14:42:16 +0000 (16:42 +0200)]
remove @EAP_LDFLAGS@, no longer exists
Sam Hartman [Wed, 27 Apr 2011 14:23:16 +0000 (10:23 -0400)]
Update libeap
Luke Howard [Wed, 27 Apr 2011 14:11:21 +0000 (16:11 +0200)]
include gssspi_authorize_localname
Luke Howard [Wed, 27 Apr 2011 14:11:05 +0000 (16:11 +0200)]
silent-rules unknown with my version of automake
Luke Howard [Wed, 27 Apr 2011 14:10:49 +0000 (16:10 +0200)]
move autogen.sh to top level
Luke Howard [Wed, 27 Apr 2011 14:10:05 +0000 (16:10 +0200)]
add gssspi_authorize_localname() stub
Sam Hartman [Wed, 27 Apr 2011 13:51:43 +0000 (09:51 -0400)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/moonshot
Sam Hartman [Wed, 27 Apr 2011 13:50:02 +0000 (09:50 -0400)]
autoreconf for libradsec
Sam Hartman [Wed, 27 Apr 2011 13:42:28 +0000 (09:42 -0400)]
autoreconf
Sam Hartman [Wed, 27 Apr 2011 13:41:24 +0000 (09:41 -0400)]
debian directory
Sam Hartman [Tue, 26 Apr 2011 20:53:34 +0000 (16:53 -0400)]
Merge branch 'master' into debian
Conflicts:
libeap
Sam Hartman [Tue, 26 Apr 2011 20:48:11 +0000 (16:48 -0400)]
Update libeap location in modules
Sam Hartman [Tue, 26 Apr 2011 18:20:10 +0000 (14:20 -0400)]
Rearrange moonshot to have libeap as a subproject
Pull in libeap and build against a libtool convenience library for it.
Luke Howard [Tue, 26 Apr 2011 15:57:29 +0000 (17:57 +0200)]
Set libradsec checkout to
b6cbbcfa
Sam Hartman [Tue, 26 Apr 2011 11:45:19 +0000 (07:45 -0400)]
Mark sp native
Sam Hartman [Tue, 26 Apr 2011 11:10:59 +0000 (07:10 -0400)]
Update for new location of radsecproxy
Sam Hartman [Tue, 26 Apr 2011 11:09:30 +0000 (07:09 -0400)]
package libradsec for Debian
Sam Hartman [Mon, 25 Apr 2011 21:38:33 +0000 (17:38 -0400)]
Building resolver debian package
Sam Hartman [Mon, 25 Apr 2011 18:10:49 +0000 (14:10 -0400)]
Include debian packaging
Sam Hartman [Mon, 25 Apr 2011 17:33:27 +0000 (13:33 -0400)]
Merge remote-tracking branch 'origin/master' into debian
Conflicts:
.gitmodules
shibboleth/opensaml2
shibboleth/sp
shibboleth/xmltooling
source_packages
Luke Howard [Fri, 22 Apr 2011 10:58:20 +0000 (12:58 +0200)]
Change krbCred member to reauthCred to better clarify purpose
Luke Howard [Fri, 22 Apr 2011 06:13:15 +0000 (08:13 +0200)]
libeap is now C++ clean, remove workaround
Luke Howard [Thu, 21 Apr 2011 18:21:19 +0000 (20:21 +0200)]
s/kerberosCtx/reauthCtx/g
Luke Howard [Tue, 19 Apr 2011 21:46:37 +0000 (23:46 +0200)]
sync sp with upstream - composite name support
Luke Howard [Tue, 19 Apr 2011 21:41:04 +0000 (23:41 +0200)]
sync sp with upstream
Luke Howard [Tue, 19 Apr 2011 21:24:41 +0000 (23:24 +0200)]
update for changed addToken() API
Luke Howard [Tue, 19 Apr 2011 18:49:28 +0000 (20:49 +0200)]
send a composite name token instead of a sec context to shib
Luke Howard [Tue, 19 Apr 2011 16:58:38 +0000 (18:58 +0200)]
Allow composite names in GSS_C_NT_EXPORT_NAME
Luke Howard [Thu, 7 Apr 2011 14:55:52 +0000 (00:55 +1000)]
properly account for other package directories when building AD plugin
Luke Howard [Tue, 5 Apr 2011 01:22:13 +0000 (11:22 +1000)]
don't allow setting of binary SAML attribute values, for now
Luke Howard [Mon, 4 Apr 2011 23:49:27 +0000 (09:49 +1000)]
check syntax before decoding base64 encoded SAML attributes
Luke Howard [Mon, 4 Apr 2011 15:50:12 +0000 (01:50 +1000)]
don't return GSS_S_CREDENTIALS_EXPIRED if no expiry time
Luke Howard [Mon, 4 Apr 2011 15:41:18 +0000 (01:41 +1000)]
return GSS_S_CREDENTIALS_EXPIRED if credentials expired
Luke Howard [Mon, 4 Apr 2011 15:20:22 +0000 (01:20 +1000)]
Luke Howard [Sun, 3 Apr 2011 09:14:42 +0000 (19:14 +1000)]
automatically decode base64 encoded SAML values
Luke Howard [Sun, 3 Apr 2011 09:07:14 +0000 (19:07 +1000)]
refactor unknown attribute syntax detection
Luke Howard [Sun, 3 Apr 2011 08:32:44 +0000 (18:32 +1000)]
try to guard against multiple shibboleth library initializations
Luke Howard [Sun, 3 Apr 2011 07:57:09 +0000 (17:57 +1000)]
Don't crash if there are zero valued attributes
Luke Howard [Sat, 2 Apr 2011 01:05:31 +0000 (12:05 +1100)]
XML string memory management cleanups
Luke Howard [Sat, 2 Apr 2011 13:06:33 +0000 (00:06 +1100)]
return assertion also in display_value; do not assume value
and display_value parameters are non-NULL
Luke Howard [Fri, 1 Apr 2011 02:24:44 +0000 (13:24 +1100)]
fix incorrect usage of XMLString::transcode, assumes strings NUL termianted
Luke Howard [Fri, 1 Apr 2011 01:15:08 +0000 (12:15 +1100)]
set name type to GSS_C_NT_USER_NAME if NAI
This allows us to canonicalize the name easily to another mechanism, so it
can be used for protocol transition.
Luke Howard [Thu, 31 Mar 2011 07:55:56 +0000 (18:55 +1100)]
remove cyrus-sasl for now (again)
Luke Howard [Thu, 31 Mar 2011 07:55:25 +0000 (18:55 +1100)]
If RADIUS returns a present but empty PW_USER_NAME, treat as anonymous.
Luke Howard [Thu, 31 Mar 2011 07:54:20 +0000 (18:54 +1100)]
set GSS_C_NT_ANONYMOUS only for completely anonymous
Luke Howard [Thu, 31 Mar 2011 07:47:09 +0000 (18:47 +1100)]
indentation fix
Luke Howard [Thu, 31 Mar 2011 07:30:26 +0000 (18:30 +1100)]
Use empty name for anonymous name
Luke Howard [Wed, 30 Mar 2011 12:26:44 +0000 (23:26 +1100)]
update cyrus-sasl
Luke Howard [Wed, 30 Mar 2011 12:10:46 +0000 (23:10 +1100)]
revert cyrus-sasl to no autogenerated file version, add to build again
Luke Howard [Wed, 30 Mar 2011 11:59:49 +0000 (22:59 +1100)]
remove cyrus-sasl from build, it doesn't build now autogenerated
files are checked in
Luke Howard [Wed, 30 Mar 2011 11:32:03 +0000 (22:32 +1100)]
update cyrus-sasl with more autogenerated files
Luke Howard [Wed, 30 Mar 2011 11:14:19 +0000 (22:14 +1100)]
update cyrus-sasl, again.
Luke Howard [Wed, 30 Mar 2011 11:09:46 +0000 (22:09 +1100)]
add cyrus-sasl to build
Luke Howard [Wed, 30 Mar 2011 11:00:34 +0000 (22:00 +1100)]
update cyrus-sasl, saslauthd flags
Luke Howard [Wed, 30 Mar 2011 08:16:08 +0000 (19:16 +1100)]
update cyrus-sasl
Luke Howard [Wed, 30 Mar 2011 04:36:02 +0000 (15:36 +1100)]
exception handling-related cleanup
Luke Howard [Wed, 30 Mar 2011 04:30:37 +0000 (15:30 +1100)]
fix shib reentrancy regression in recent commit
Luke Howard [Wed, 30 Mar 2011 04:03:11 +0000 (15:03 +1100)]
allow gssEapSaveStatusInfo to reset status to NULL
Luke Howard [Wed, 30 Mar 2011 04:01:43 +0000 (15:01 +1100)]
save Shibboleth exception code in GSS per-thread status
Luke Howard [Wed, 30 Mar 2011 04:01:11 +0000 (15:01 +1100)]
refactory: s/initFrom/initWith/g
Luke Howard [Wed, 30 Mar 2011 04:00:04 +0000 (15:00 +1100)]
fix exception to GSS error code mapping