summaryrefslogtreecommitdiff
path: root/source4/auth/kerberos/krb5_init_context.c
AgeCommit message (Collapse)AuthorFilesLines
2010-11-14s4-auth: fixed infinite loop in krb5 authAndrew Tridgell1-1/+1
we were continually trying the first address returned, instead of moving to the next address Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Nov 14 04:11:28 UTC 2010 on sn-devel-104
2010-11-14s4-auth: fixed crash in krb5 authAndrew Tridgell1-2/+1
remote_addr was used after free
2010-11-05s4-kerberos Mention the remote address we fail to contact the KDC onAndrew Bartlett1-1/+10
2010-11-04s4-auth: unconditionally set previous_evAndrew Tridgell1-3/+1
we need the caller to know when the previous_ev was NULL Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-11s4-credentials Add explicit event context handling to Kerberos calls (only)Andrew Bartlett1-18/+107
By setting the event context to use for this operation (only) onto the krb5_context just before we call that operation, we can try and emulate the specification of an event context to the actual send_to_kdc() This eliminates the specification of an event context to many other cli_credentials calls, and the last use of event_context_find() Special care is taken to restore the event context in the event of nesting in the send_to_kdc function. Andrew Bartlett
2010-10-11s4-kerberos Remove unused parameterAndrew Bartlett1-2/+1
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-2/+2
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-01-31s4:kdc streamline context initializationSimo Sorce1-36/+51
Allow other plugins to init the context without having it try to grab sockets or set samba specific logging.
2010-01-28cleanup: remove trailing spaces and tabsSimo Sorce1-37/+37
2010-01-16s4-kerberos: raise the general kerberos debug level to 3Andrew Tridgell1-1/+1
level 2 for every krb request is a bit much
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer1-9/+4
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
2009-02-02s4:auth/kerberos: s/private/private_dataStefan Metzmacher1-10/+10
metze
2009-01-03s4:auth/kerberos: convert to tevent_* apiStefan Metzmacher1-13/+12
metze
2009-01-03s4:socket: use a socket_wrapper aware function to auto close the fd event ↵Stefan Metzmacher1-4/+5
for sockets metze
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher1-6/+6
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-18s4:lib/socket: socket_connect_send() and socket_connect_ev() should only ↵Stefan Metzmacher1-2/+1
wrok with addresses metze
2008-11-02Remove two debug parameters, not used anywhere.Jelmer Vernooij1-6/+2
Andrew, I was pretty sure these could be removed but if not, please let me know.
2008-09-24Cosmetic corrections for the KERBEROS libraryMatthias Dieter Wallnöfer1-2/+2
This commit applies some cosmetic corrections for the KERBEROS library.
2008-08-01auth/kerberos: we don't need to include heimdal private headersStefan Metzmacher1-2/+0
metze (This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
2008-08-01build with the new heimdal versionStefan Metzmacher1-1/+2
(This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
2007-12-21r26449: Support configuration without a known configuration dir.Jelmer Vernooij1-1/+1
(This used to be commit d3643c2152a490952e59ee15b7a62ad3ad465462)
2007-12-21r26397: Fix circular dependency in samba-socket.Jelmer Vernooij1-1/+1
(This used to be commit 801c8c766cb6a104751be8829593e0e123508134)
2007-12-21r26376: Add context for libcli_resolve.Jelmer Vernooij1-1/+2
(This used to be commit 459e1466a411d6f83b7372e248566e6e71c745fc)
2007-12-21r26335: Specify name_resolve_order to socket code.Jelmer Vernooij1-1/+2
(This used to be commit b03e5d00110be3f1fe5809dad4eb6ca5cea7463d)
2007-12-21r26233: Pass loadparm context when creating krb5 contexts.Jelmer Vernooij1-5/+6
(This used to be commit 7780bf285fdfc30f89409d0436bad0d4b6de5cd4)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+1
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25430: Add the loadparm context to all parametric options.Jelmer Vernooij1-3/+3
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-3/+3
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25035: Fix some more warnings, use service pointer rather than service ↵Jelmer Vernooij1-3/+3
number in more places. (This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r22987: Clarify how the events are handled in the kerberos code, andAndrew Bartlett1-7/+17
standardise with the rest of the code. Andrew Bartlett (This used to be commit 3aa9d70723d4377d29e33281b640499193b06c69)
2007-10-10r22969: fix some more places where we could end up with more than one eventAndrew Tridgell1-2/+1
context. We now have an event context on the torture_context, and we can also get one from the cli_credentials structure (This used to be commit c0f65eb6562e13530337c23e3447a6aa6eb8fc17)
2007-10-10r22967: Move to the TCP packet interface for the krb5_send_to_kdc plugin.Andrew Bartlett1-108/+95
This replaces a lump of hand-crafted code with the generic packet system used in the rest of Samba4. (I started this while chasing down the epoll bug, which turned out to be seperate) (This used to be commit 2a7dec4e5dc453f509493f80fc1270416f30a36e)
2007-10-10r22961: use EVENT_FD_AUTOCLOSE and SOCKET_FLAG_NOCLOSE to fix up some hairyAndrew Tridgell1-1/+4
problems with order of socket closing in krb5 (This used to be commit 46a7d83c2b49798c6c5389c13ec2b9785c47b85b)
2007-10-10r22635: make it possible to not turn off dns canonicalization of hostnamesStefan Metzmacher1-1/+2
with krb5:set_dns_canonicalize=yes needed for the drsuapi replication, but we should fix this with a kdc locator plugin ... metze (This used to be commit f0a12355bcfab47663e62f3d8ae820815210cdc5)
2007-10-10r22602: s/HAVE_SOCKET_IPV6/HAVE_IPV6/ to match the define used by Heimdal.Jelmer Vernooij1-1/+1
(This used to be commit 5ff665b6531fdb4c7e56c49b7f923546d93b384c)
2007-10-10r20988: Call out to Heimdal's krb5.conf processing to configure many aspectsAndrew Bartlett1-1/+28
of KDC behaviour. This should allow PKINIT to be turned on and managed with reasonable sanity. This also means that the krb5.conf in the same directory as the smb.conf will always have priority in Samba4, which I think will be useful. Andrew Bartlett (This used to be commit a50bbde81b010bc5d06e3fc3417ade44627eb771)
2007-10-10r20639: Commit part 1 of 2.Andrew Bartlett1-2/+0
This patch updates our build system and glue to support a new snapshot of lorikeet-heimdal. We now procude a [SUBSYTEM] in the ans1_deps.pl script, and can depend on that in the heimdal_build/config.mk. This is much easier than listing every generated .o file individually. This required some small changes to the build system, due to the way the parent directory was handled for the output of scripts. I've also cleaned up et_deps.pl to handle cleaning up it's generated files on clean. The PAC glue in Heimdal has changed significantly: we no longer have a custom hack in the KDC, instead we have the windc plugin interface. As such, pac-glue.c is much smaller. In the future, when I'm confident of the new code, we will also be able to 'downsize' auth/kerberos/kerberos_pac.c. (I'll include the updated copy of heimdal in the next chekin, to make it clearer what's changed in Samba4 itself). Andrew Bartlett (This used to be commit 75fddbbc0811010a28ca5bb597b573b3f10ef6d6)
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett1-21/+11
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r15988: try to fix the build on au2 IRIX 6.4Stefan Metzmacher1-1/+1
metze (This used to be commit 9e93e6f5fb654e4162bbc039306a4b79003e22d7)
2007-10-10r15876: Fix build on IPv6-less systems.Jelmer Vernooij1-0/+2
(This used to be commit 180925659fad50ff82693284587ae4e735458c6b)
2007-10-10r15853: started the process of removing the warnings now thatAndrew Tridgell1-6/+3
talloc_set_destructor() is type safe. The end result will be lots less use of void*, and less calls to talloc_get_type() (This used to be commit 6b4c085b862c0932b80b93e316396a53b993544c)
2007-10-10r15356: Remove unused 'flags' argument from socket_send() and friends.Andrew Bartlett1-4/+4
This is in preperation for making TLS a socket library. Andrew Bartlett (This used to be commit a312812b92f5ac7e6bd2c4af725dbbbc900d4452)
2007-10-10r15258: Another attempt at fixing getaddrinfo on IRIXJelmer Vernooij1-0/+1
(This used to be commit 13d0cec018185d768b762ff3afc0224f307b8112)
2007-10-10r14306: fixed two break errorsAndrew Tridgell1-2/+2
(This used to be commit 03da4fbcdd66982de8eb376f9f00da97d730c97f)
2007-10-10r14202: Oops. When removing a header, we need to replace it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit d1ca106f05ad71b8aa514bf87a4267d61d9dcbf8)
2007-10-10r14201: I don't think including roken is going to be a good solution. Let'sAndrew Bartlett1-2/+0
try and find the real solution. Andrew Bartlett (This used to be commit a512d5dd258797cdb41018923502cb4998f1edfe)
2007-10-10r13844: Remove _PUBLIC_ for now as the proto script seems to make false ↵Jelmer Vernooij1-1/+1
assumptions about the data type being known. (This used to be commit 991bec80e4f20c9fac9ab5c45b0fdf6d048cda66)
2007-10-10r13842: Make some more functions public.Jelmer Vernooij1-1/+1
(This used to be commit aac1b99b362993352d80692afa55c38fc851c016)