search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
first · prev · next
gsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify_pad()
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Check for overflow in _gsskrb5_get_mech()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Check buffer length against...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Check the result of _gsskrb5_get_mech()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Avoid undefined behaviour in...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Don't pass NULL pointers to...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Use constant-time memcmp() in...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttongsskrb5: CVE-2022-3437 Use constant-time memcmp() for...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-11-15 Joseph Suttonkrb5: CVE-2022-42898 PAC parse integer overflows
Joseph Sutton <josephsutton@catalyst.net.nz>.
 commit | commitdiff | tree
2022-09-27 Joseph Suttonlib/krb5: Fix leak in error path
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-09-16 Joseph Suttonkadm5: Correctly set userAccountControl bits
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-09-16 Joseph Suttonlib/krb5: Avoid undefined pointer arithmetic
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-04-30 Joseph SuttonUse constant-time memcmp when comparing sensitive buffers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-04-30 Joseph Suttonhcrypto: Use memset_s() when clearing sensitive buffers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-04-30 Joseph Suttonhcrypto: Fix typo when clearing context structure
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-03-12 Joseph Suttonroken: Fix time_t overflow checking
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-03-08 Joseph Suttonkdc: Add function to add encrypted padata
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-03-08 Joseph Suttonlib/krb5: Make parameters to PAC functions 'const'
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-01-18 Joseph Suttonheimdal:base: Don't perform arithmetic on a NULL pointer
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-01-18 Joseph Suttonheimdal: Avoid overflow when performing bitwise shift...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2022-01-17 Joseph Suttonkdc: Still prefer encryption types with "not default...
commit | commitdiff | tree
2021-12-20 Joseph Suttonkdc: Return error code from _kdc_check_pac() with an...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-20 Joseph Suttonkdc: Fix NULL pointer dereference on failure to verify...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-17 Joseph Suttonkdc: Check PAC of armor tickets
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-17 Joseph Suttonkdc: Don't return PREAUTH_FAILED if encrypted challenge...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Optionally allow missing additional ticket PAC...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Add krb5_is_enctype_old() to determine whether...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Verify PAC in TGT provided for user-to-user authentication
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Check name in request against name in user-to...
commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Use sname from request rather than user-to-user...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Move fetching krbtgt entry to before enctype selection
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Check return code
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Avoid races and multiple DB lookups in s4u2self...
commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Optionally require that PAC be be present
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Check PAC of armor tickets
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-16 Joseph Suttonkdc: Make check_PAC() and verify_flags() accessible...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-15 Joseph Suttonkdc: Don't advertise padata types that will not be...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkdc: Don't keep trying keys for encrypted-challenge...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkdc: Check authdata in ticket rather than in request...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkdc: Add support for explicit armoring from MS-KILE
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkdc: Allow RODC-issued armor tickets
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonheimdal: Make _krb5_pac_get_kdc_checksum_info() into...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkdc: Fix leak
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonkrb5: Check asprintf return value
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-14 Joseph Suttonasn1: Fix binary search off-by-one read
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-08 Joseph Suttons4/heimdal/lib/krb5/pac.c: Align PAC buffers to match...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-07 Joseph Suttonheimdal:kdc: Match Windows error code for unsupported...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-07 Joseph Suttonheimdal:kdc: Properly check for unsupported critical...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
2021-12-07 Joseph Suttonheimdal: Initialise KDC reply
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 commit | commitdiff | tree
Heimdal