From noreply at github.com Thu Mar 21 17:23:41 2019 From: noreply at github.com (Roland C. Dowdeswell) Date: Thu, 21 Mar 2019 09:23:41 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] b2332b: add a couple of tests to test_store.c for fd, stdi... Message-ID: Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: b2332b9684a736823909a941527c9c45cf583ddb https://github.com/heimdal/heimdal/commit/b2332b9684a736823909a941527c9c45cf583ddb Author: Roland C. Dowdeswell Date: 2019-03-21 (Thu, 21 Mar 2019) Changed paths: M lib/krb5/test_store.c Log Message: ----------- add a couple of tests to test_store.c for fd, stdio w.r.t. trunc Commit: 56a32a8dbd3318e464021ac3bd2857254d0f26e3 https://github.com/heimdal/heimdal/commit/56a32a8dbd3318e464021ac3bd2857254d0f26e3 Author: Roland C. Dowdeswell Date: 2019-03-21 (Thu, 21 Mar 2019) Changed paths: M lib/krb5/store_fd.c M lib/krb5/store_stdio.c Log Message: ----------- krb5_storage: normalise truncate behaviour w.r.t. file offset We choose a semantic for the file offset during truncate operations which is to leave the offset as is unless it is off the end of the file in which case we pull it back in to the end. We update fd and stdio handling to match the {,e}mem behaviour. Commit: c827cd48f626f403cd65d20a6abac151a448ce82 https://github.com/heimdal/heimdal/commit/c827cd48f626f403cd65d20a6abac151a448ce82 Author: Roland C. Dowdeswell Date: 2019-03-21 (Thu, 21 Mar 2019) Changed paths: M lib/krb5/store_stdio.c Log Message: ----------- Optimise stdio krb5_storage by tracking offset Compare: https://github.com/heimdal/heimdal/compare/43a34f666320...c827cd48f626 From noreply at github.com Fri Mar 22 22:49:47 2019 From: noreply at github.com (Quanah Gibson-Mount) Date: Fri, 22 Mar 2019 14:49:47 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 98f904: For https://github.com/heimdal/heimdal/issues/392 Message-ID: Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 98f904036c7988f5b53a5880ad7b3cf0b3bb6f0f https://github.com/heimdal/heimdal/commit/98f904036c7988f5b53a5880ad7b3cf0b3bb6f0f Author: Quanah Gibson-Mount Date: 2019-03-22 (Fri, 22 Mar 2019) Changed paths: M lib/hx509/data/gen-req.sh M lib/hx509/data/mkcert.sh Log Message: ----------- For https://github.com/heimdal/heimdal/issues/392 Modern OpenSSL no longer has the 2038 year restriction. Update the certs to last 500 years rather than 10 years. Modern crypto requirements suggest a stronger key strength than 1024. Update to use a minimum of 4096. Fix executable bit on gen-req.sh From noreply at github.com Fri Mar 22 23:23:47 2019 From: noreply at github.com (Quanah Gibson-Mount) Date: Fri, 22 Mar 2019 15:23:47 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 2d193d: For https://github.com/heimdal/heimdal/issues/392 Message-ID: Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 2d193d380d13e0c8b3c9312c26613d58fa7837df https://github.com/heimdal/heimdal/commit/2d193d380d13e0c8b3c9312c26613d58fa7837df Author: Quanah Gibson-Mount Date: 2019-03-22 (Fri, 22 Mar 2019) Changed paths: M lib/hx509/data/openssl.1.1.cnf Log Message: ----------- For https://github.com/heimdal/heimdal/issues/392 Correctly reference the OID so gen-cert.sh works correctly From noreply at github.com Sat Mar 23 01:59:06 2019 From: noreply at github.com (Quanah Gibson-Mount) Date: Fri, 22 Mar 2019 17:59:06 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] aad5c7: Fixes https://github.com/heimdal/heimdal/issues/533 Message-ID: Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: aad5c710145053cdeaa7042d0e80db6f1748c606 https://github.com/heimdal/heimdal/commit/aad5c710145053cdeaa7042d0e80db6f1748c606 Author: Quanah Gibson-Mount Date: 2019-03-22 (Fri, 22 Mar 2019) Changed paths: M lib/hx509/data/ca.crt M lib/hx509/data/ca.key M lib/hx509/data/crl1.crl M lib/hx509/data/crl1.der M lib/hx509/data/https.crt M lib/hx509/data/https.key M lib/hx509/data/kdc.crt M lib/hx509/data/kdc.key M lib/hx509/data/no-proxy-test.crt M lib/hx509/data/no-proxy-test.key M lib/hx509/data/ocsp-req1.der M lib/hx509/data/ocsp-req2.der M lib/hx509/data/ocsp-resp1-ca.der M lib/hx509/data/ocsp-resp1-keyhash.der M lib/hx509/data/ocsp-resp1-ocsp-no-cert.der M lib/hx509/data/ocsp-resp1-ocsp.der M lib/hx509/data/ocsp-resp2.der M lib/hx509/data/ocsp-responder.crt M lib/hx509/data/ocsp-responder.key M lib/hx509/data/pkinit-ec.crt M lib/hx509/data/pkinit-ec.key M lib/hx509/data/pkinit-proxy-chain.crt M lib/hx509/data/pkinit-proxy.crt M lib/hx509/data/pkinit-proxy.key M lib/hx509/data/pkinit-pw.key M lib/hx509/data/pkinit.crt M lib/hx509/data/pkinit.key M lib/hx509/data/proxy-level-test.crt M lib/hx509/data/proxy-level-test.key M lib/hx509/data/proxy-test.crt M lib/hx509/data/proxy-test.key M lib/hx509/data/proxy10-child-child-test.crt M lib/hx509/data/proxy10-child-child-test.key M lib/hx509/data/proxy10-child-test.crt M lib/hx509/data/proxy10-child-test.key M lib/hx509/data/proxy10-test.crt M lib/hx509/data/proxy10-test.key M lib/hx509/data/revoke.crt M lib/hx509/data/revoke.key M lib/hx509/data/secp256r1TestCA.cert.pem M lib/hx509/data/secp256r1TestCA.pem M lib/hx509/data/secp256r2TestClient.cert.pem M lib/hx509/data/secp256r2TestClient.pem M lib/hx509/data/secp256r2TestServer.cert.pem M lib/hx509/data/secp256r2TestServer.pem M lib/hx509/data/sub-ca.crt M lib/hx509/data/sub-ca.key M lib/hx509/data/sub-cert.crt M lib/hx509/data/sub-cert.key M lib/hx509/data/sub-cert.p12 M lib/hx509/data/test-ds-only.crt M lib/hx509/data/test-ds-only.key M lib/hx509/data/test-enveloped-aes-128 M lib/hx509/data/test-enveloped-aes-256 M lib/hx509/data/test-enveloped-des M lib/hx509/data/test-enveloped-des-ede3 M lib/hx509/data/test-enveloped-rc2-128 M lib/hx509/data/test-enveloped-rc2-40 M lib/hx509/data/test-enveloped-rc2-64 M lib/hx509/data/test-ke-only.crt M lib/hx509/data/test-ke-only.key M lib/hx509/data/test-nopw.p12 M lib/hx509/data/test-pw.key M lib/hx509/data/test-signed-data M lib/hx509/data/test-signed-data-noattr M lib/hx509/data/test-signed-data-noattr-nocerts M lib/hx509/data/test-signed-sha-1 M lib/hx509/data/test-signed-sha-256 M lib/hx509/data/test-signed-sha-512 M lib/hx509/data/test.combined.crt M lib/hx509/data/test.crt M lib/hx509/data/test.key M lib/hx509/data/test.p12 Log Message: ----------- Fixes https://github.com/heimdal/heimdal/issues/533 Update certs to no longer be expired, last 500 years. From noreply at github.com Tue Mar 26 00:38:57 2019 From: noreply at github.com (Rod Widdowson) Date: Mon, 25 Mar 2019 16:38:57 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] f1b27d: Windows: Make getaddrinfo-test work Message-ID: Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: f1b27d77cd88033f86c54ff74d92f188a3a54fac https://github.com/heimdal/heimdal/commit/f1b27d77cd88033f86c54ff74d92f188a3a54fac Author: Rod Widdowson Date: 2019-03-25 (Mon, 25 Mar 2019) Changed paths: M lib/roken/NTMakefile M lib/roken/getaddrinfo-test.c Log Message: ----------- Windows: Make getaddrinfo-test work Before we call gettaddrinfo we have to call rx_SOCK_INIT In order to exercise the test we have to supply parameters to the command line