summaryrefslogtreecommitdiff
path: root/source4/auth/credentials
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11452: Update Heimdal to current lorikeet, including removing the ccache sideAndrew Bartlett3-3/+113
of the gsskrb5_acquire_cred hack. Add support for delegated credentials into the auth and credentials subsystem, and specifically into gensec_gssapi. Add the CIFS NTVFS handler as a consumer of delegated credentials, when no user/domain/password is specified. Andrew Bartlett (This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
2007-10-10r11440: Actually check the right thing for 'is this a machine account' ↵Andrew Bartlett1-1/+1
(thanks metze). Andrew Bartlett (This used to be commit 848831a1559d6569359bd6fb4993ccbef6ad86d8)
2007-10-10r11401: A simple hack to have our central credentials system deny sending LMAndrew Bartlett4-0/+19
authentication for user@realm logins and machine account logins. This should avoid various protocol downgrade attacks. Andrew Bartlett (This used to be commit 76c2d204d0a1ec66d1ef3c935688c7571b051f46)
2007-10-10r11358: Ensure domains are always upper-case as well. Helps NTLMv2.Andrew Bartlett1-1/+4
Andrew Bartlett (This used to be commit 82527491b2212d34b676be1e26cc875ae2828e42)
2007-10-10r11313: TypoAndrew Bartlett1-1/+1
(This used to be commit 204185576c6a4df5e43e5a97cb13227407c09e6e)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-4/+4
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11220: Add the ability to handle the salt prinicpal as part of theAndrew Bartlett4-4/+20
credentials. This works with the setup/secrets.ldif change from the previous patch, and pretty much just re-invents the keytab. Needed for kpasswdd work. Andrew Bartlett (This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
2007-10-10r11209: We can't read the priorSecret unless we ask for it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit ee9a93688d31d8da91b81e9b0f6fac3fa4894c13)
2007-10-10r11204: Allow us to read credentials from secrets.ldb without aAndrew Bartlett1-6/+2
secureChannelType (non machine join records). Andrew Bartlett (This used to be commit 3dddf497ccf246af435e6e2802d8f3745f2e4fd3)
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett4-8/+142
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r11058: remove useless talloc contextStefan Metzmacher1-4/+1
metze (This used to be commit d9d3fe1b8aa34f5d87b73b94253b4230303cba76)
2007-10-10r10982: Move credentials.h into auth/credentials, and add flags needed byAndrew Bartlett1-0/+81
previous patch. Andrew Bartlett (This used to be commit 2c537d47ba99885c6462016342b1cc29df4c54c5)
2007-10-10r10981: Pull code to decide between and implement NTLMv2, NTLM and LMAndrew Bartlett3-14/+193
authentication out of the various callers and into the kitchen sink.. err, credentials subsystem. This should ensure consistant logic, as well as get us one step closer to security=server operation in future. Andrew Bartlett (This used to be commit 09c95763301c0f7770d56462e8af4169b8c171fb)
2007-10-10r10597: And add the .mk files for the new credentials subsystem.Andrew Bartlett1-0/+11
Andrew Bartlett (This used to be commit 51a0275a0e7ffc940f2403f3c74a00b3936a07f4)
2007-10-10r10596: Move the credentials code into it's own subsystem, and push it under ↵Andrew Bartlett3-0/+1103
auth/ Andrew Bartlett (This used to be commit 2e76a4b8efd59c496d64241d654538d3222545c6)