Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
We should treat most gensec related structures private.
It's a long way, but this is a start.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Several functions use the same logic as kerberos_pac_logon_info. Move
kerberos_pac_logon_info to common code and reuse it to remove the code
duplication.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This helps clarify the role of this structure and wrapper function.
The purpose here is to provide helper functions to the lib/param
loadparm_context that point back at the s3 lp_ functions. This allows
a struct loadparm_context to be passed to any point in the code, and
always refer to the correct loadparm system. If this has not been
set, the variables loaded in the lib/param code will be returned.
As requested by Michael Adam.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Apr 24 15:04:14 CEST 2012 on sn-devel-104
|
|
|
|
This removes the last user of ads_verify_ticket(), and means that we
only have one code path to verify an incoming krb5 (GSSAPI) ticket.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
This uses the source3 PAC code (originally from Samba4) with some
small changes to restore functionality needed by the torture tests,
and to have a common API.
Andrew Bartlett
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
|
|
Guenther
|
|
|
|
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.
This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
Guenther
|
|
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.
Guenther
|
|
Jeremy.
|
|
Now that cli_krb5_get_ticket() already handles S4U2SELF impersonation, remove
smb_krb5_get_tkt_from_creds() which is not required anymore.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
|
|
|
|
Guenther
|
|
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
|
|
Guenther
(This used to be commit 5483f5fb44bb2138a1348c05845a2b8f3588697a)
|
|
(while keeping all the trans krb5 lib support)
Guenther
(This used to be commit c06e507737bb07ff995876e49341de3f60b0da35)
|
|
Guenther
(This used to be commit f7100156a7df7ac3ae84e45a47153b38d9375215)
|
|
Jeremy.
(This used to be commit 1b7cc80c61ccbf766801080f5a3f0260f40ccc17)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
Guenther
(This used to be commit e70bf0ecc3ec6d3ba8ba384024bbdf9a783072ea)
|
|
Guenther
(This used to be commit 029bf26f8a571ae060f7be60fd3e8c61d86004f7)
|
|
domain local group.
Fix a typo in the PAC debugging routine
(This used to be commit b0b66b2e7af133b199868b946fad70016e1cefbd)
|
|
renew,
pac).
Guenther
(This used to be commit 4cada7c1485c9957e553d6e75cb6f30f4338489f)
|
|
Guenther
(This used to be commit 7d321aad83cb7b9cc766bc89a886676337a2bad8)
|
|
Guenther
(This used to be commit d4c87c792a955be7d5ef59fc683fc48e3d8afe16)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit 22a3ea40ac69fa3722abf28db845ab284a65ad97)
|
|
we were calling PRS_ALLOC_MEM with zero count.
Jeremy.
(This used to be commit 9a10736e6fa276ca4b0726fbb7baf0daafbdc46d)
|
|
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
|
|
uint8 array and copy as such. Gunther please check (sorry
I reverted your earlier fix).
Jeremy.
(This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
|
|
overrun. Spoke to Jerry about the correct fix. Will add
this after.
Jeremy.
(This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
|
|
PAC_LOGON_NAME structure. This was broken on big-endian machines
(Solaris SPARC and ppc). Fixes Bug #3330.
Jerry, this should be in 3.0.21c.
Guenther
(This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
|
|
Guenther
(This used to be commit a8d5d6b845efb62e73e281549528376f3ee74211)
|