summaryrefslogtreecommitdiff
path: root/source3/libsmb/clikrb5.c
AgeCommit message (Collapse)AuthorFilesLines
2009-11-12s3-kerberos: avoid using ERROR_TABLE_BASE_krb5 without checking.Günther Deschner1-0/+4
Guenther
2009-11-12s3-kerberos: add smb_krb5_principal_get_realm().Günther Deschner1-0/+25
Guenther
2009-11-06Revert "s3-kerberos: add smb_krb5_parse_name_flags()."Günther Deschner1-18/+0
This reverts commit 17ef153b68795fec681f9ce17c198236aba2b1c2.
2009-11-06s3-kerberos: support S4U2SELF impersionation through cli_krb5_get_ticket().Günther Deschner1-5/+20
Guenther
2009-11-06s3-kerberos: use smb_krb5_get_credentials in ads_krb5_mk_req.Günther Deschner1-4/+7
Guenther
2009-11-06s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg.Günther Deschner1-2/+4
Guenther
2009-11-06s3-kerberos: add smb_krb5_get_{creds,credentials} incl. support for S4U2SELF ↵Günther Deschner1-1/+270
impersonation. Guenther
2009-11-06s3-kerberos: add smb_krb5_parse_name_flags().Günther Deschner1-0/+18
Guenther
2009-10-16s3: fixed krb5 build problem on ubuntu karmicAndrew Tridgell1-0/+9
Karmic has MIT krb5 1.7-beta3, which has the symbol krb5_auth_con_set_req_cksumtype but no prototype for it. See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531635
2009-07-16More conversions of NULL -> talloc_autofree_context()Jeremy Allison1-2/+2
so we at least know when we're using a long-lived context. Jeremy.
2009-06-04clikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry.Jelmer Vernooij1-3/+8
Both functions exist in MIT Kerberos >= 1.7, but only krb5_free_keytab_entry_contents has a prototype.
2009-04-07s3:kerberos Rework smb_krb5_unparse_name() to take a talloc contextAndrew Bartlett1-11/+12
Signed-off-by: Günther Deschner <gd@samba.org>
2009-03-20s3-krb5: Fix Coverity #722 (RESOURCE_LEAK).Günther Deschner1-12/+18
Guenther
2009-02-17Don't miss an absolute pathname as a kerberos keytab path. From Glenn Machin ↵Jeremy Allison1-0/+5
<gmachin@sandia.gov>. Jeremy.
2009-01-21Memory leaks and other fixes found by Coveritytodd stecher1-5/+5
2008-10-22s3-asn1: make all of s3 asn1 code do a proper asn1_init() first.Günther Deschner1-26/+36
Guenther
2008-10-22s3: use shared asn1 code.Günther Deschner1-2/+2
Guenther
2008-10-11Cope with changed signature of http_timestring().Jelmer Vernooij1-2/+2
2008-09-10Fix blocker bug 5745 kerberos authentication with (lib)smbclient is broken.Jeremy Allison1-2/+14
Jeremy. (This used to be commit a59bd0e4854117a8646f4d388a0f7285362d5ba2)
2008-08-31Remove a duplicate retval checkVolker Lendecke1-8/+2
Jeremy, please check! (This used to be commit 6579005e6490f1a99b3860627ba51decaeb864bd)
2008-08-29kerberos: use KRB5_KT_KEY macro where appropriate.Günther Deschner1-15/+5
Guenther (This used to be commit a042dffd7121bda3dbc9509f69fcfae06ed4cc22)
2008-08-29kerberos: move the KRB5_KEY* macros to header file.Günther Deschner1-12/+0
Guenther (This used to be commit c28fa17ffffee3e6fd4897c9c6b4937388a19600)
2008-08-18Fix length error in wrapping spnego blobIgor Mammedov1-1/+1
(This used to be commit 16ee95494ba495c5f5ff8779206f380db1067b2d)
2008-08-11fix build warning.Günther Deschner1-1/+1
Guenther (This used to be commit 85021d6a459c957cc276a93c3515029244f52677)
2008-08-08One more build fix. Ensure we have KRB5_AUTH_CONTEXT_USE_SUBKEY defined ↵Jeremy Allison1-3/+3
before we compile the new code. Jeremy. (This used to be commit 7686752c5b015b15a6729631ba4aeedd25ebc659)
2008-08-08Try and fix the build for systems that don't have ↵Jeremy Allison1-3/+3
krb5_auth_con_set_req_cksumtype(). Jeremy. (This used to be commit 8598e7b06ec57ca6fcde863270e6bb0e2de9993e)
2008-08-08Add Derrick Schommer's <dschommer@F5.com> kerberos delegation patch. SomeJeremy Allison1-2/+184
work by me and advice by Love. Jeremy. (This used to be commit ecc3838e4cb5d0c0769ec6d9a34a877ca584ffcc)
2008-08-04clikrb5: don't use krb5_keyblock_init() when no salt is specifiedStefan Metzmacher1-35/+30
If the caller wants to create a key with no salt we should not use krb5_keyblock_init() (only used when using heimdal) because it does sanity checks on the key length. metze (This used to be commit c83de77b750837a110611d7023c4cf71d2d0bab1)
2008-06-26Fix return of uninitialized variable.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 384052f546af8c1c6848c03cad4f2ba618ba7209)
2008-06-24kerberos: add smb_krb5_keytab_name().Günther Deschner1-0/+22
Guenther (This used to be commit c273ce8798062d1b55100411f3e92a01bdbf611c)
2008-06-24kerberos: make smb_krb5_kt_add_entry public, allow to pass keys without ↵Günther Deschner1-18/+38
salting them. Guenther (This used to be commit 7c4da23be1105dc224033b21eb486e7fcdc7d9c5)
2008-06-17clikrb5: remove unrequired create_kerberos_key_from_string_direct() prototype.Günther Deschner1-10/+10
Guenther (This used to be commit ec86852fc6ce2d88ad5835c8fcb337c68fd6f6bc)
2008-05-20Cleanup size_t return values in callers of convert_string_allocateTim Prouty1-3/+6
This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
2008-02-17Use new IDL based PAC structures in clikrb5.cGünther Deschner1-7/+7
Guenther (This used to be commit 3b0135d57e1e70175a5eec49b603a2e5f700c770)
2007-12-12Make heimdal and MIT happy when iterating through auth data.Günther Deschner1-3/+3
Guenther (This used to be commit 507247dcbf0ef02825a6c5c5f313813714df2d99)
2007-12-12Vista SP1-rc1 appears to break against Samba-3.0.27aGuenther Deschner1-3/+3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jason, Jason Haar wrote: > Patched 3.0.28, compiled, installed and here's the log file. > > Hope it helps. BTW I don't think it matters, but this is on 32bit > CentOS4.5 systems. yes, it helps. Thanks for that. Very interesting, there are two auth data structures where the first one is a PAC and the second something unknown (yet). Can you please try the attached fix ? It should make it work again. Guenther - -- Günther Deschner GPG-ID: 8EE11688 Red Hat gdeschner@redhat.com Samba Team gd@samba.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHX9ZESOk3aI7hFogRAivSAJ9bMcD+PcsIzjYYLtAUoLNfVVEl1QCfV/Qd MPsZW4G31VOVu64SPjgnJiI= =Co+H -----END PGP SIGNATURE----- (This used to be commit c9adc07ca2a3bb1e0ea98e3b4f68e1a87e5c0196)
2007-12-07Remove next_token - all uses must now be next_token_talloc.Jeremy Allison1-9/+8
No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-10-29Fix the setup_kaddr() call to cope with IPv6.Jeremy Allison1-8/+34
This is the last obvious change I can see. At this point we can start claiming IPv6 support (Hurrah !:-). Jeremy. (This used to be commit bda8c0bf571c994b524a9d67eebc422033d17094)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison1-2/+2
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-14/+14
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23651: Always, always, always compile before commit...Günther Deschner1-1/+1
Guenther (This used to be commit accb40446ad3f872c5167fc2306d892553293b7b)
2007-10-10r23650: Fix remaining callers of krb5_kt_default().Günther Deschner1-3/+3
Guenther (This used to be commit b9d7a2962a472afb0c6b8e3ac5c2c819d4af2b39)
2007-10-10r23649: Fix the build (by moving smb_krb5_open_keytab() to clikrb5.c).Günther Deschner1-1/+137
Guenther (This used to be commit 19020d19dca7f34be92c8c2ec49ae7dbde60f8c1)
2007-10-10r23609: Removing more redundant codepaths out of smb_krb5_renew_ticket().Günther Deschner1-38/+26
Thanks Volker for the pointer hint :) Guenther (This used to be commit eb1ec508ace3a5eeb53cf47be44047bd9228cd19)
2007-10-10r23588: Some more cleanups and error checks in the krb5 renew function.Günther Deschner1-6/+12
Guenther (This used to be commit 277e07c8553e2ed20bc95493cdc996be43feb6bd)
2007-10-10r23587: Cleanup redundant code in the krb5 renew function.Günther Deschner1-23/+16
Guenther (This used to be commit 0b9acc8610ae2ba9c42168e9ceb2e9ea8bc2f5bd)
2007-10-10r23586: Fix heimdal path in the krb5 renew routine when we need to compose ↵Günther Deschner1-1/+5
the tgt string ourselves. Guenther (This used to be commit 1e4a7af99303fb17ebca499ff7e0a017a2017754)
2007-10-10r23582: Fix event based krb5 ticket refreshing in winbindd.Günther Deschner1-5/+5
We were incorrectly using the renew_till timestamp instead of the renewed ticket's endtime to calculate the next refreshing date. Guenther (This used to be commit aa3511a5b5e6a96a02110a7ad0ab1d43e6d25766)