summaryrefslogtreecommitdiff
path: root/auth/kerberos
AgeCommit message (Collapse)AuthorFilesLines
2012-03-08auth/kerberos: Fall back to gsskrb5_get_subkey if we did not get the key typeAndrew Bartlett1-4/+23
The key type OID is optional, but we require that information to determine if we should use NEW_SPNEGO. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Mar 8 11:53:57 CET 2012 on sn-devel-104
2012-03-08auth/kerberos: Ensure we do not print invalid memory in failure caseAndrew Bartlett1-4/+1
This codeblock may not have any set->elements, so we should not print them. Copy&paste in the original code. Andrew Bartlett
2012-02-17auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett1-0/+113
gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
2012-01-12auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksumAndrew Bartlett1-6/+3
2012-01-11auth/kerberos: Remove unused headers from gssapi_parse.cAndrew Bartlett1-2/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-12-29auth/kerberos: Rename memory contexts for greater clarityAndrew Bartlett1-34/+34
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29auth/kerberos: Make pac_data_out in kerberos_decode_pac() optionalAndrew Bartlett1-3/+32
2011-12-28auth/kerberos: Move gssapi_parse.c to the top levelAndrew Bartlett2-2/+121
This will help with writing a gensec module for the s3 gse layer. Andrew Bartlett
2011-10-06Add missing com_err dependenciesEwoud Kohl van Wijngaarden1-1/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Oct 6 02:10:21 CEST 2011 on sn-devel-104
2011-06-15auth/kerberos/gssapi_pac: fix compiler warningsStefan Metzmacher1-6/+5
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jun 15 19:06:24 CEST 2011 on sn-devel-104
2011-05-07Fix Samba3 on OpenIndiana.Gordon Ross1-0/+24
I'd like Samba to use the native OpenLDAP and MIT Kerberos libs. Attached are some patches to do that. (relative to git master) It does not build for me without these. (OpenIndiana is an off-shoot of OpenSolaris See http://www.openindiana.org) Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat May 7 02:20:14 CEST 2011 on sn-devel-104
2011-04-27auth/kerberos Add check for gss_inquire_sec_context_by_oidAndrew Bartlett1-4/+10
Not all kerberos distributions have this function. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Apr 27 07:39:08 CEST 2011 on sn-devel-104
2011-04-27auth/kerberos Move all the PAC handling functions to auth/kerberosAndrew Bartlett2-1/+365
2011-04-27auth/kerberos: Create common helper to get the verified PAC from GSSAPIAndrew Bartlett2-0/+126
This only works for Heimdal and MIT Krb5 1.8, other versions will get an ACCESS_DEINED error. We no longer manually verify any details of the PAC in Samba for GSSAPI logins, as we never had the information to do it properly, and it is better to have the GSSAPI library handle it. Andrew Bartlett