Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Properly report certificate retrieval failures to calling application | Timothy Pearson | 2015-10-02 | 1 | -19/+20 |
| | |||||
* | Remove any chance of passwords persisting in deallocated main memory after ↵ | Timothy Pearson | 2015-10-01 | 1 | -1/+2 |
| | | | | application termination | ||||
* | Use correct permissive flag | Timothy Pearson | 2015-09-30 | 1 | -1/+2 |
| | |||||
* | Fix FTBFS on ancient Heimdal versions | Timothy Pearson | 2015-09-30 | 2 | -0/+5 |
| | |||||
* | Add deactivated krb5 PKCS login line | Timothy Pearson | 2015-09-29 | 1 | -3/+18 |
| | |||||
* | Write out remaining appdefaults entries on client | Timothy Pearson | 2015-09-29 | 1 | -3/+6 |
| | |||||
* | Allow Kerberos ticket init via cryptographic card | Timothy Pearson | 2015-09-29 | 4 | -9/+91 |
| | |||||
* | Write missing appdefaults section on client machines | Timothy Pearson | 2015-09-29 | 2 | -0/+16 |
| | |||||
* | Add PKI subject mapping to user principals | Timothy Pearson | 2015-09-29 | 1 | -1/+90 |
| | | | | Fix long-standing inability to clear user principal attribute fields | ||||
* | Convert the last methods using the kadmin utility to the Heimdal C API | Timothy Pearson | 2015-09-29 | 2 | -68/+131 |
| | |||||
* | Move keytab export to native Heimdal API | Timothy Pearson | 2015-09-29 | 2 | -357/+241 |
| | |||||
* | Convert service add to C API | Timothy Pearson | 2015-09-28 | 2 | -126/+13 |
| | |||||
* | Remove dead code from prior commit | Timothy Pearson | 2015-09-28 | 1 | -121/+0 |
| | |||||
* | Convert machine add to kadmin API | Timothy Pearson | 2015-09-28 | 2 | -92/+248 |
| | |||||
* | Fix local kadmin access | Timothy Pearson | 2015-09-28 | 3 | -15/+97 |
| | |||||
* | Start to move away from using the kadmin binary to using the kadmin client API | Timothy Pearson | 2015-09-27 | 3 | -92/+118 |
| | |||||
* | Fix a few minor issues with PKI certificate generation | Timothy Pearson | 2015-09-24 | 1 | -3/+12 |
| | |||||
* | Minor fixup to cert generation code | Timothy Pearson | 2015-09-19 | 1 | -1/+1 |
| | |||||
* | Extend PKCS certificate generation routines | Timothy Pearson | 2015-09-19 | 2 | -36/+48 |
| | | | | This breaks the ABI | ||||
* | Add PKCS methods | Timothy Pearson | 2015-09-18 | 2 | -4/+107 |
| | |||||
* | Clean up revoked certificates when done updating CRL | Timothy Pearson | 2015-09-04 | 1 | -0/+14 |
| | |||||
* | Fix up certificate expiry detection | Timothy Pearson | 2015-09-04 | 1 | -1/+1 |
| | |||||
* | Add certificate store attribute access method | Timothy Pearson | 2015-09-03 | 2 | -0/+69 |
| | |||||
* | Add additional CRL manipulation methods | Timothy Pearson | 2015-09-03 | 2 | -36/+109 |
| | |||||
* | Store CRL expiry in LDAP | Timothy Pearson | 2015-09-03 | 2 | -0/+38 |
| | |||||
* | Add CRL generation | Timothy Pearson | 2015-09-03 | 2 | -31/+197 |
| | |||||
* | Implement several methods required for PKI certificate management | Timothy Pearson | 2015-09-02 | 2 | -8/+120 |
| | |||||
* | Extend user key and certificate generation methods | Timothy Pearson | 2015-09-01 | 2 | -40/+219 |
| | |||||
* | Fix CN/DN ordering | Timothy Pearson | 2015-08-31 | 1 | -3/+7 |
| | |||||
* | Properly set CRL URL and fix up a few other glitches | Timothy Pearson | 2015-08-31 | 1 | -14/+20 |
| | |||||
* | Allow CRL URL to be set via configuration file | Timothy Pearson | 2015-08-31 | 1 | -0/+2 |
| | |||||
* | Fix up Kerberos PKI certificate generation | Timothy Pearson | 2015-08-31 | 2 | -10/+270 |
| | |||||
* | Allow certificate expiry to be set | Timothy Pearson | 2015-08-25 | 2 | -4/+45 |
| | |||||
* | Extend CA expiry to 1 year | Timothy Pearson | 2015-08-24 | 2 | -2/+6 |
| | |||||
* | Fix incorrect login causing PAM fatal error message | Timothy Pearson | 2015-08-23 | 1 | -1/+1 |
| | |||||
* | Fix security hole when Kerberos credential caching is enabled | Timothy Pearson | 2014-06-07 | 1 | -1/+1 |
| | | | | The prior PAM stack configuration, while unfortunately present in many online examples, allows storing of an arbitrary cached password for non-Kerberos users by simply entering it twice | ||||
* | Make bonding and unbonding methods slightly more robust | Timothy Pearson | 2014-01-07 | 1 | -1/+37 |
| | |||||
* | Fix LDAP CA root file configuration | Timothy Pearson | 2014-01-06 | 2 | -3/+14 |
| | |||||
* | Look for CA file in correct location on bonded machines | Timothy Pearson | 2014-01-06 | 1 | -11/+11 |
| | |||||
* | Add missing LDFLAGS causing FTBFS | Francois Andriot | 2013-08-23 | 1 | -1/+1 |
| | |||||
* | Do not replicate olcGlobal by default | Timothy Pearson | 2013-07-16 | 2 | -3/+5 |
| | |||||
* | Fix incorrect certificate CA file in ldap client configuration | Timothy Pearson | 2013-07-11 | 1 | -1/+1 |
| | |||||
* | Use shared realm certificate file name to allow syncrepl to work | Timothy Pearson | 2013-07-11 | 1 | -6/+6 |
| | |||||
* | Use more precise syncrepl configuration | Timothy Pearson | 2013-07-11 | 1 | -2/+2 |
| | |||||
* | Fix failure to use provided error string handler in getRealmCAMaster | Timothy Pearson | 2013-07-02 | 1 | -1/+1 |
| | |||||
* | Fix syncrepl retry timeout and enable hdb replication | Timothy Pearson | 2013-07-02 | 1 | -18/+45 |
| | |||||
* | Properly set up syncrepl | Timothy Pearson | 2013-07-02 | 1 | -81/+85 |
| | |||||
* | Add missing data fields to LDAPMasterReplicationInfo structure | Timothy Pearson | 2013-07-01 | 2 | -1/+121 |
| | |||||
* | Add a number of methods to enable multi-master replication | Timothy Pearson | 2013-06-27 | 2 | -105/+626 |
| | |||||
* | Fix failure when long Kerberos commands are used | Timothy Pearson | 2013-06-26 | 1 | -12/+13 |
| | | | | This failure was due to an obscure ASCII sequence used in the output of kadmin |