Age | Commit message (Collapse) | Author | Files | Lines |
|
and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>.
(This used to be commit 8304ccba7346597425307e260e88647e49081f68)
|
|
warnings
for clock-skew errors.
Guenther
(This used to be commit 53c99d415d605ab03e3646f6096aff794457dd33)
|
|
string.
Jeremy.
(This used to be commit fe30a523dfc77cc373145624246fd3ad5c62b9ac)
|
|
The gss_import_name() broke as we switched from the internal MIT OID
"gss_nt_krb5_principal" to "GSS_KRB5_NT_PRINCIPAL_NAME" and didn't switch from
passing the krb5_principal (or better: a pointer to that, see MIT's "*HORRIBLE*
bug") to pass the string principal directly.
Jerry, Jeremy, neither I could figure out the need of passing in a
krb5_principal at all nor could I reproduce the crash you were seeing.
I sucessfully tested the code (now importing a string) with MIT 1.2.7, 1.3.6,
1.4.3, 1.5.1, 1.6.1 and Heimdal 0.7.2, 1.0, 1.0.1.
Guenther
(This used to be commit cb2dc715e33467c8b588161e816e72a948f6860c)
|
|
Guenther
(This used to be commit 2dea9464bba76af4315a8207ccd3e564ec19d146)
|
|
Guenther
(This used to be commit f31949ec3456134de474a0219a8cd5dcd15adea6)
|
|
not yet or
no longer valid) there is no point to bother the keytab routines.
Guenther
(This used to be commit 7e4dcf8e7ecfd35668e86e22bed5a9280ae83959)
|
|
in any
case.
(This used to be commit 287604a1c7dc7dede4b278de92ad8233f597d0b6)
|
|
This prevents a segfault when get_kdc_ip_string() is called
with sitename == NULL.
Michael
(This used to be commit 58d31e057b57bc69a96e63aabba9aa1da5418d83)
|
|
Guenther
(This used to be commit af90c6949c929c82d4390b2f87a420bd598275dd)
|
|
environment.
Guenther
(This used to be commit 7f42fe4e08c0899f5e8addbc5135d87af193ee68)
|
|
in the
"not_defined_in_RFC4178@please_ignore" case to make at least LDAP SASL binds
succeed with windows server 2008.
Guenther
(This used to be commit f5b3de4d3069eaa750240e3422bac5cb169b6c0a)
|
|
Guenther
(This used to be commit b83626676ca37437e62b826923fbd1d985eb7ce6)
|
|
winbindd.
Guenther
(This used to be commit 6cf7187e88b4d4c1dfe90fcab459e39a0dbd3a11)
|
|
locator plugin
into a tiny winbindd DsGetDcName client. This still does not solve the case of
using the locator from within winbindd itself but at least gencache.tdb and
others are no longer corrupted.
Guenther
(This used to be commit 908e7963b8b2dd9b149f526a53dbb5dc7662bbef)
|
|
Also add dns query functions to find GCs and DCs by GUID.
Guenther
(This used to be commit cc469157f6684ec507bf1c3a659fc36a53d304a1)
|
|
Guenther
(This used to be commit a669ac2bc45dc6f261a789050a021d625c083829)
|
|
Guenther
(This used to be commit e70bf0ecc3ec6d3ba8ba384024bbdf9a783072ea)
|
|
Guenther
(This used to be commit 029bf26f8a571ae060f7be60fd3e8c61d86004f7)
|
|
Guenther
(This used to be commit 1142f3df546cbf4780c6f54667f7ed31b1a7621b)
|
|
Heimdal doesn't accept all OIDs and gss_import_name() fails with
GSS_S_BAD_NAMETYPE using this one. Use the GSS_KRB5_NT_PRINCIPAL_NAME OID
instead (which works with at least MIT 1.6.1 and Heimdal 1.0.1).
Guenther
(This used to be commit f783b32b65ee50e3730ae2d039ca04c9fc5a201a)
|
|
(This used to be commit 461974d2cc18c729f152356a9c30cc776f288906)
|
|
domain local group.
Fix a typo in the PAC debugging routine
(This used to be commit b0b66b2e7af133b199868b946fad70016e1cefbd)
|
|
- with the "GSSAPI" sasl mech the plain, sign or seal negotiation
is independed from the req_flags and ret_flags
- verify the server supports the wrapping type we want
- better handling on negotiated buffer sizes
metze
(This used to be commit d0ec7323870ca16b28d458ff5f7dacce278b7d54)
|
|
metze
(This used to be commit 29e2d8e044c9213643a2f5f29891ce853a839347)
|
|
metze
(This used to be commit a5e1f9fd293fab26d664a72ee652eb8ca72128b7)
|
|
libraries support wrapping hooks...
metze
(This used to be commit 581a1d3a20ffed42ccc7f35f163fd343ed12ccd3)
|
|
also for the "GSSAPI" sasl mech.
- also use the ads_kinit_password() fallback logic
from the "GSS-SPNEGO" sasl mech.
metze
(This used to be commit cbaf44de1e1f8007dc4ca249791ea30d2902c7c4)
|
|
construct the principal
metze
(This used to be commit b545667d2a45a79bba05c9fe9e93a19951d60af7)
|
|
metze
(This used to be commit 83de27968d434d67d23851b0c285221c870ff75e)
|
|
Possible values are "plain" (default), "sign" or "seal".
metze
(This used to be commit 26ccbad7212e9acd480b98789f04b71c1e940ea8)
|
|
Heimdal.
Guenther
(This used to be commit 7755ad750facc44b6a5df2136cb536547048cd48)
|
|
(This used to be commit ea5f53eac81e8a969587eb3996b16a1afd948877)
|
|
sign and seal...
metze
(This used to be commit 4a4fc8cccbcbe17eebcefcd0107f7de60d751f5c)
|
|
Jeremy, Günther, please review!
Thanks,
Volker
(This used to be commit 000e096c277a71ca30c1c109aae62241ad466bee)
|
|
metze
(This used to be commit 34ab84aceb86195743abd26c46a631640409725e)
|
|
metze
(This used to be commit 85d6cd3dfb5cbd9e899957265e352583ff608ed4)
|
|
renew,
pac).
Guenther
(This used to be commit 4cada7c1485c9957e553d6e75cb6f30f4338489f)
|
|
Guenther
(This used to be commit 7d321aad83cb7b9cc766bc89a886676337a2bad8)
|
|
Guenther
(This used to be commit d4c87c792a955be7d5ef59fc683fc48e3d8afe16)
|
|
(This used to be commit 8716edf157bf8866328f82eb6cf25e71af7fea15)
|
|
Guenther
(This used to be commit 1a5c8780ae79e5ae4e6a36bfb66cd92ae7d3aa88)
|
|
NOTE: only for the "GSSAPI" SASL mech yet
metze
(This used to be commit a079b66384b15e9d569dded0d9d6bd830e1a6dfa)
|
|
NOTE: windows servers are broken with sign only...
metze
(This used to be commit 408bb2e6e2171196a2bd314db181d9b124e931a1)
|
|
metze
(This used to be commit 2075c05b3d8baa7d6d8510cd962471a5781740a6)
|
|
- read/write returning 0 means EOF and we need to return direct
metze
(This used to be commit 885d557ae746c318df0aabc0a03dce1587918cce)
|
|
Guenther
(This used to be commit 1a62c731c6259bf4285d3735bff8b191002553f7)
|
|
- pass down sign or seal hooks
- some sasl wrapping fixes
metze
(This used to be commit 8c64ca3394489b28034310fe64d6998e49827196)
|
|
metze
(This used to be commit 65ce6fa21adec704b3cde30c57001e5620f048e4)
|
|
metze
(This used to be commit 7d8518ebd9470062b499b7074a940e14520e99f2)
|