summaryrefslogtreecommitdiff
path: root/auth/kerberos/gssapi_pac.c
AgeCommit message (Collapse)AuthorFilesLines
2012-07-30auth/kerberos: Do not do pointer arithmatic on a void *Andrew Bartlett1-1/+1
Found with -Werror=pointer-arith Andrew Bartlett
2012-06-06auth-kerberos: avoid crash with MIT krb5 1.10.0 in gss_get_name_attribute()Alexander Bokovoy1-2/+18
gss_get_name_attribute() can return unintialized pac_display_buffer and later gss_release_buffer() will crash on attempting to release it. The fix on MIT krb5 side is in 1.10.1, reported in both Debian and MIT upstream: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658514 http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7087 We need to initialize variables before using gss_get_name_attribute() Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed Jun 6 18:22:51 CEST 2012 on sn-devel-104
2012-04-25lib/replace: split out GSSAPI from lib/replace/system/kerberos.h into ↵Alexander Bokovoy1-1/+0
lib/replace/system/gssapi.h With waf build include directories are defined by dependencies specified to subsystems. Without proper dependency <gssapi/gssapi.h> cannot be found for embedded Heimdal builds when there are no system-wide gssapi/gssapi.h available. Split out GSSAPI header includes in a separate replacement header and use that explicitly where needed. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed Apr 25 00:18:33 CEST 2012 on sn-devel-104
2012-04-23Make krb5 wrapper library common so they can be used all overSimo Sorce1-2/+47
2012-04-12auth-krb: Move pac related util functions in a single place.Simo Sorce1-0/+1
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12auth-krb: Make functions static.Simo Sorce1-1/+0
The remaining gssapi_parse functions were used exclusively in gensec_krb5. Move them there and make them static. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12auth-krb: Use simpler method to extract keytype.Simo Sorce1-19/+12
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-03-08auth/kerberos: Fall back to gsskrb5_get_subkey if we did not get the key typeAndrew Bartlett1-4/+23
The key type OID is optional, but we require that information to determine if we should use NEW_SPNEGO. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Mar 8 11:53:57 CET 2012 on sn-devel-104
2012-03-08auth/kerberos: Ensure we do not print invalid memory in failure caseAndrew Bartlett1-4/+1
This codeblock may not have any set->elements, so we should not print them. Copy&paste in the original code. Andrew Bartlett
2012-02-17auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett1-0/+113
gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
2011-06-15auth/kerberos/gssapi_pac: fix compiler warningsStefan Metzmacher1-6/+5
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 15 19:06:24 CEST 2011 on sn-devel-104
2011-05-07Fix Samba3 on OpenIndiana.Gordon Ross1-0/+24
I'd like Samba to use the native OpenLDAP and MIT Kerberos libs. Attached are some patches to do that. (relative to git master) It does not build for me without these. (OpenIndiana is an off-shoot of OpenSolaris See http://www.openindiana.org) Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat May 7 02:20:14 CEST 2011 on sn-devel-104
2011-04-27auth/kerberos Add check for gss_inquire_sec_context_by_oidAndrew Bartlett1-4/+10
Not all kerberos distributions have this function. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Apr 27 07:39:08 CEST 2011 on sn-devel-104
2011-04-27auth/kerberos: Create common helper to get the verified PAC from GSSAPIAndrew Bartlett1-0/+123
This only works for Heimdal and MIT Krb5 1.8, other versions will get an ACCESS_DEINED error. We no longer manually verify any details of the PAC in Samba for GSSAPI logins, as we never had the information to do it properly, and it is better to have the GSSAPI library handle it. Andrew Bartlett
generated by cgit (git 2.34.1) at 2024-11-03 04:13:58 +0000