samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2007-10-10	r6882: Put in configure tests and #ifdef to keep Samba building on older ↵	Andrew Bartlett	1	-0/+2
	Heimdal. Andrew Bartlett (This used to be commit f2e926192595c74bd9cc8a3343e0fcf27a1de38b)
2007-10-10	r6803: Try to bring in the correct GSSAPI headers for the krb5 mech. This	Andrew Bartlett	1	-8/+10
	should allow us to ditch the local static storage for OIDs, as well as fix the build on non-heimdal platforms. Andrew Bartlett (This used to be commit a7e2ecfac9aaacd673e3583b62139e4f4e114429)
2007-10-10	r6800: A big GENSEC update:	Andrew Bartlett	1	-107/+154
	Finally remove the distinction between 'krb5' and 'ms_krb5'. We now don't do kerberos stuff twice on failure. The solution to this is slightly more general than perhaps was really required (as this is a special case), but it works, and I'm happy with the cleanup I achived in the process. All modules have been updated to supply a NULL-terminated list of OIDs. In that process, SPNEGO code has been generalised, as I realised that two of the functions should have been identical in behaviour. Over in the actual modules, I have worked to remove the 'kinit' code from gensec_krb5, and placed it in kerberos/kerberos_util.c. The GSSAPI module has been extended to use this, so no longer requires a manual kinit at the command line. It will soon loose the requirement for a on-disk keytab too. The general kerberos code has also been updated to move from error_message() to our routine which gets the Heimdal error string (which may be much more useful) when available. Andrew Bartlett (This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
2007-10-10	r6767: Fix compiler warning.	Tim Potter	1	-0/+1
	(This used to be commit 45a0692be10a03032f9a4e26da3de08696c03464)
2007-10-10	r6740: make gensec_gssapi.c compile again	Andrew Tridgell	1	-1/+1
	(This used to be commit 6d15e9511115cc30ee213ec91320a2dccde15b8f)
2007-10-10	r6737: Explain these error returns a bit better.	Andrew Bartlett	1	-2/+5
	Andrew Bartlett (This used to be commit 77d054c65aeecfc0d1156d750f7b8025cb154d3a)
2007-10-10	r6733: GSS_C_DCE_STYLE is not available for most builds	Stefan Metzmacher	1	-0/+5
	metze (This used to be commit 3536029e8fb1da1ca689e0b7aa1f3edfb7967790)
2007-10-10	r6730: register gensec_krb5 also with the drcrpc auth type	Stefan Metzmacher	1	-0/+1
	metze (This used to be commit 491d7804f5f5bdfb43ae09b81c2cbc34fab2246d)
2007-10-10	r6728: Microsoft relies very strongly on getting the OIDs it expects, so we	Andrew Bartlett	1	-1/+31
	must register the 'MS' OID for the domain join to progress. Andrew Bartlett (This used to be commit c8fbda6bfd96d5d57cd52bc15d8695547effe2e3)
2007-10-10	r6727: One more step down the long march to the 'Kerberos domain join'.	Andrew Bartlett	1	-6/+344
	This patch allows a suitably patched Heimdal GSSAPI library (detected in configure) to supply to us the session keys, and further compleats the gensec_gssapi module. This is tested for CIFS, but fails for LDAP at this point (that is what I'll work on next). We currently fill out the 'session info' from the SAM, like gensec_krb5 does, but both will need to use the PAC extraction functions in the near future. Andrew Bartlett (This used to be commit 937ee361615a487af9e0279145e75b6c27720a6b)
2007-10-10	r6113: Move GENSEC and the kerberos code out of libcli/auth, and into	Andrew Bartlett	1	-0/+376
	auth/gensec and auth/kerberos. This also pulls the kerberos configure code out of libads (which is otherwise dead), and into auth/kerberos/kerberos.m4 Andrew Bartlett (This used to be commit e074d63f3dcf4f84239a10879112ebaf1cfa6c4f)