samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2007-10-10	r11452: Update Heimdal to current lorikeet, including removing the ccache side	Andrew Bartlett	1	-0/+1
	of the gsskrb5_acquire_cred hack. Add support for delegated credentials into the auth and credentials subsystem, and specifically into gensec_gssapi. Add the CIFS NTVFS handler as a consumer of delegated credentials, when no user/domain/password is specified. Andrew Bartlett (This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
2007-10-10	r11401: A simple hack to have our central credentials system deny sending LM	Andrew Bartlett	1	-0/+1
	authentication for user@realm logins and machine account logins. This should avoid various protocol downgrade attacks. Andrew Bartlett (This used to be commit 76c2d204d0a1ec66d1ef3c935688c7571b051f46)
2007-10-10	r11358: Ensure domains are always upper-case as well. Helps NTLMv2.	Andrew Bartlett	1	-1/+4
	Andrew Bartlett (This used to be commit 82527491b2212d34b676be1e26cc875ae2828e42)
2007-10-10	r11220: Add the ability to handle the salt prinicpal as part of the	Andrew Bartlett	1	-0/+1
	credentials. This works with the setup/secrets.ldif change from the previous patch, and pretty much just re-invents the keytab. Needed for kpasswdd work. Andrew Bartlett (This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
2007-10-10	r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5	Andrew Bartlett	1	-0/+27
	authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10	r11058: remove useless talloc context	Stefan Metzmacher	1	-4/+1
	metze (This used to be commit d9d3fe1b8aa34f5d87b73b94253b4230303cba76)
2007-10-10	r10981: Pull code to decide between and implement NTLMv2, NTLM and LM	Andrew Bartlett	1	-13/+0
	authentication out of the various callers and into the kitchen sink.. err, credentials subsystem. This should ensure consistant logic, as well as get us one step closer to security=server operation in future. Andrew Bartlett (This used to be commit 09c95763301c0f7770d56462e8af4169b8c171fb)
2007-10-10	r10596: Move the credentials code into it's own subsystem, and push it under ↵	Andrew Bartlett	1	-0/+562
	auth/ Andrew Bartlett (This used to be commit 2e76a4b8efd59c496d64241d654538d3222545c6)