summaryrefslogtreecommitdiff
path: root/source4/auth/kerberos
AgeCommit message (Expand)AuthorFilesLines
2007-10-10r10364: Turn gensec:gssapi on by default, except for a login of the formAndrew Bartlett1-1/+1
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-0/+6
2007-10-10r10337: This grubby little hack is the implementation of a concept discussedAndrew Bartlett1-0/+5
2007-10-10r10286: This patch is ugly and disgusting, but for now it works better than t...Andrew Bartlett5-118/+158
2007-10-10r10174: This patch implements generic PAC verification, without assumptionsAndrew Bartlett1-23/+98
2007-10-10r10155: Add more notes on required gsskrb5 functions.Andrew Bartlett1-2/+7
2007-10-10r10145: Allow a variable length signature, so we can support signing withAndrew Bartlett1-17/+7
2007-10-10r10066: This is the second in my patches to work on Samba4's kerberos support,Andrew Bartlett4-222/+149
2007-10-10r10035: This patch removes the need for the special case hackAndrew Bartlett3-34/+65
2007-10-10r10021: More kerberos notes.Andrew Bartlett1-3/+20
2007-10-10r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinkingJelmer Vernooij1-1/+1
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett2-50/+18
2007-10-10r9693: Move the smb_krb5_context setup code to use the new pattern ofAndrew Bartlett1-5/+7
2007-10-10r9681: We don't need the full smb_krb5_context here, so just pass the krb5_co...Andrew Bartlett2-7/+7
2007-10-10r9648: this fixes the krb5 based login with the pac. The key to this whole sa...Andrew Tridgell2-1/+8
2007-10-10r9415: Remove old kerberos code (including salt guessing code) that has onlyAndrew Bartlett2-695/+2
2007-10-10r9196: - add a note about the Canonicalize KDCOPtion flagStefan Metzmacher1-0/+15
2007-10-10r9165: Fix inverted error check in untested code path. (My untested code...)Andrew Bartlett1-1/+1
2007-10-10r9084: 'resign' the sample PAC for the validation of the signature algorithms.Andrew Bartlett2-91/+190
2007-10-10r8460: removed the unused function krb5_locate_kdc(). It causes a build failu...Andrew Tridgell2-62/+0
2007-10-10r8252: Steal metze's thunder, and prove that with a few small tweaks, we canAndrew Bartlett1-2/+2
2007-10-10r8250: More PAC work. We now sucessfully verify the KDC signature from my DCAndrew Bartlett2-22/+34
2007-10-10r8164: - match the ordering w2k3 uses for the PAC_BUFFER:Stefan Metzmacher1-15/+16
2007-10-10r8156: I found out that the unknown[2] field of the unknown[4] array is a len...Stefan Metzmacher1-6/+4
2007-10-10r8148: - make the PAC generation code a bit more readable and add some outof ...Stefan Metzmacher1-62/+81
2007-10-10r8110: More PAC work. I still can't get WinXP to accept the PAC, but we areAndrew Bartlett2-39/+73
2007-10-10r8001: Also fill in the krbtgt checksum, and make sure to put the rightAndrew Bartlett2-5/+25
2007-10-10r7993: Further work on the Krb5 PAC.Andrew Bartlett4-23/+184
2007-10-10r7991: I forgot to free the keyblock once we are done with it.Andrew Bartlett1-0/+1
2007-10-10r7989: Allow the use of hashed passwords in the kerberos client and server,Andrew Bartlett2-17/+137
2007-10-10r7980: Forgot to add kerberos_pac.c to this config.mk file.Andrew Bartlett1-0/+1
2007-10-10r7979: Metze reminded me to try one more combination, and we can now verifyAndrew Bartlett1-32/+14
2007-10-10r7978: A start again on PAC verification. I have noticed that the kerberosAndrew Bartlett2-50/+35
2007-10-10r7968: Pull the PAC from within GSSAPI, rather than only when using our ownAndrew Bartlett2-1/+214
2007-10-10r7863: removed an unused variableAndrew Tridgell1-1/+0
2007-10-10r7862: Updates to the Kerberos notes, based on recent changes and discoveries.Andrew Bartlett1-19/+90
2007-10-10r7843: Use the new Heimdal gsskrb_acquire_creds API. This has the rightAndrew Bartlett1-0/+2
2007-10-10r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytabAndrew Bartlett5-107/+213
2007-10-10r7687: Some more tests that must be done only when krb5_config is absent.Andrew Bartlett1-4/+5
2007-10-10r7638: krb5_closelog in heimdal-0.7 not longer leaks memory, so remove that c...Love Hörnquist Åstrand1-4/+0
2007-10-10r7637: Another useful Heimdal feature we need.Andrew Bartlett1-0/+5
2007-10-10r7509: With the update to Heimdal 20050612 we no longer need krb5_freelog(),Andrew Bartlett3-3/+2
2007-10-10r7352: the internal heimdal build change. This changes quite a few things:Andrew Tridgell1-0/+2
2007-10-10r7306: Use a consistant #define for detecting support for the Heimdal krb5Andrew Bartlett2-5/+5
2007-10-10r7303: autodetect the libkdc and our kdc supportStefan Metzmacher1-7/+28
2007-10-10r7291: Additional notes on what we require from a kerberos implementation.Andrew Bartlett1-1/+36
2007-10-10r7285: It appears that MIT Kerberos does not have the log redirectionAndrew Bartlett3-2/+23
2007-10-10r7270: A big revamp to the way we handle kerberos errors in Samba4. We nowAndrew Bartlett4-17/+124
2007-10-10r7258: Fix the final linking error with libkdc - we need to link libhdb as well.Andrew Bartlett1-0/+1
2007-10-10r7257: Ensure the error message can never be uninitialised.Andrew Bartlett1-0/+1