[Heimdal-source-changes] [heimdal/heimdal] e0bb9c: gssapi: credential store extensions (#451)
GitHub
noreply at github.com
Tors Jan 3 21:38:41 CET 2019
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: e0bb9c10cad0fd98245caecf8af8fca855b2df49
https://github.com/heimdal/heimdal/commit/e0bb9c10cad0fd98245caecf8af8fca855b2df49
Author: Luke Howard <lukeh at padl.com>
Date: 2019-01-03 (Thu, 03 Jan 2019)
Changed paths:
M lib/gssapi/Makefile.am
M lib/gssapi/NTMakefile
M lib/gssapi/gssapi/gssapi.h
M lib/gssapi/gssapi/gssapi_oid.h
M lib/gssapi/gssapi_mech.h
M lib/gssapi/krb5/acquire_cred.c
M lib/gssapi/krb5/add_cred.c
M lib/gssapi/krb5/duplicate_cred.c
M lib/gssapi/krb5/external.c
M lib/gssapi/krb5/gkrb5_err.et
M lib/gssapi/krb5/inquire_cred.c
M lib/gssapi/krb5/store_cred.c
M lib/gssapi/libgssapi-exports.def
M lib/gssapi/mech/cred.h
M lib/gssapi/mech/gss_acquire_cred.c
R lib/gssapi/mech/gss_acquire_cred_ext.c
A lib/gssapi/mech/gss_acquire_cred_from.c
M lib/gssapi/mech/gss_acquire_cred_with_password.c
M lib/gssapi/mech/gss_add_cred.c
A lib/gssapi/mech/gss_add_cred_from.c
M lib/gssapi/mech/gss_add_cred_with_password.c
M lib/gssapi/mech/gss_cred.c
M lib/gssapi/mech/gss_duplicate_cred.c
M lib/gssapi/mech/gss_mech_switch.c
M lib/gssapi/mech/gss_oid.c
M lib/gssapi/mech/gss_store_cred.c
A lib/gssapi/mech/gss_store_cred_into.c
M lib/gssapi/netlogon/external.c
M lib/gssapi/ntlm/acquire_cred.c
M lib/gssapi/ntlm/duplicate_cred.c
M lib/gssapi/ntlm/external.c
M lib/gssapi/oid.txt
M lib/gssapi/spnego/cred_stubs.c
M lib/gssapi/spnego/external.c
M lib/gssapi/test_acquire_cred.c
M lib/gssapi/test_add_store_cred.c
M lib/gssapi/test_context.c
M lib/gssapi/version-script.map
M tests/gss/check-spnego.in
Log Message:
-----------
gssapi: credential store extensions (#451)
Implement the GSS-API credential store API extensions defined by MIT here:
https://k5wiki.kerberos.org/wiki/Projects/Credential_Store_extensions
Note: we kill off gss_acquire_cred_ext() here. This was never a public API,
although mechanisms could have implemented it and I briefly used it in my
BrowserID prototype mechanism. gss_acquire_cred_ext_from() occupies the place
in the dispatch table where gss_acquire_cred_ext() used to, but this structure
was never visible outside Heimdal (i.e. it is only used by internal
mechanisms);
(Mechanisms that need to accept arbitrary key/value dictionaries from
applications should now implement gss_acquire_cred_from().)
Commit: 83f15553e0d12d0f849cfc2581a7d9acf0982e21
https://github.com/heimdal/heimdal/commit/83f15553e0d12d0f849cfc2581a7d9acf0982e21
Author: Luke Howard <lukeh at padl.com>
Date: 2019-01-03 (Thu, 03 Jan 2019)
Changed paths:
M lib/gssapi/Makefile.am
M lib/gssapi/NTMakefile
A lib/gssapi/mech/cred.c
M lib/gssapi/mech/cred.h
M lib/gssapi/mech/gss_accept_sec_context.c
M lib/gssapi/mech/gss_acquire_cred_from.c
M lib/gssapi/mech/gss_add_cred_from.c
M lib/gssapi/mech/gss_canonicalize_name.c
M lib/gssapi/mech/gss_cred.c
M lib/gssapi/mech/gss_delete_sec_context.c
M lib/gssapi/mech/gss_duplicate_cred.c
M lib/gssapi/mech/gss_duplicate_name.c
M lib/gssapi/mech/gss_import_name.c
M lib/gssapi/mech/gss_init_sec_context.c
M lib/gssapi/mech/gss_inquire_context.c
M lib/gssapi/mech/gss_inquire_cred.c
M lib/gssapi/mech/gss_inquire_cred_by_mech.c
M lib/gssapi/mech/gss_names.c
M lib/gssapi/mech/gss_release_cred.c
M lib/gssapi/mech/gss_release_name.c
M lib/gssapi/mech/gss_set_cred_option.c
M lib/gssapi/mech/name.h
Log Message:
-----------
gssapi: import mechglue allocation utility functions from Heimdal-520
Apple's Heimdal impelmentation uses a number of utility functions for
allocating names and credentials, to avoid calling malloc or calloc directly.
Import them.
Commit: e9b3b2326d93efbfe83c4f6175fc5ade5e18a750
https://github.com/heimdal/heimdal/commit/e9b3b2326d93efbfe83c4f6175fc5ade5e18a750
Author: Luke Howard <lukeh at padl.com>
Date: 2019-01-03 (Thu, 03 Jan 2019)
Changed paths:
M lib/gssapi/mech/context.c
M lib/gssapi/mech/context.h
M lib/gssapi/mech/gss_accept_sec_context.c
M lib/gssapi/mech/gss_acquire_cred_from.c
M lib/gssapi/mech/gss_add_cred_from.c
M lib/gssapi/mech/gss_canonicalize_name.c
M lib/gssapi/mech/gss_delete_name_attribute.c
M lib/gssapi/mech/gss_display_name_ext.c
M lib/gssapi/mech/gss_display_status.c
M lib/gssapi/mech/gss_duplicate_cred.c
M lib/gssapi/mech/gss_export_name_composite.c
M lib/gssapi/mech/gss_export_sec_context.c
M lib/gssapi/mech/gss_get_name_attribute.c
M lib/gssapi/mech/gss_import_name.c
M lib/gssapi/mech/gss_import_sec_context.c
M lib/gssapi/mech/gss_init_sec_context.c
M lib/gssapi/mech/gss_inquire_context.c
M lib/gssapi/mech/gss_inquire_cred_by_mech.c
M lib/gssapi/mech/gss_inquire_cred_by_oid.c
M lib/gssapi/mech/gss_inquire_name.c
M lib/gssapi/mech/gss_inquire_sec_context_by_oid.c
M lib/gssapi/mech/gss_names.c
M lib/gssapi/mech/gss_pname_to_uid.c
M lib/gssapi/mech/gss_pseudo_random.c
M lib/gssapi/mech/gss_set_cred_option.c
M lib/gssapi/mech/gss_set_name_attribute.c
M lib/gssapi/mech/gss_set_sec_context_option.c
Log Message:
-----------
gssapi: remove non-mech status from _gss_mg_error() from Heimdal-520
_gss_mg_error() should only handle mechanism-specific status codes which are
returned in minor_status. major_status has a global namespace.
Compare: https://github.com/heimdal/heimdal/compare/a7d42cdf6b05...e9b3b2326d93
**NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the Heimdal-source-changes
mailing list