Age | Commit message (Expand) | Author | Files | Lines |
2007-10-10 | r10364: Turn gensec:gssapi on by default, except for a login of the form | Andrew Bartlett | 1 | -1/+1 |
2007-10-10 | r10348: Add scons scripts for remaining subsystems. Most subsystems build now, | Jelmer Vernooij | 1 | -0/+6 |
2007-10-10 | r10337: This grubby little hack is the implementation of a concept discussed | Andrew Bartlett | 1 | -0/+5 |
2007-10-10 | r10286: This patch is ugly and disgusting, but for now it works better than t... | Andrew Bartlett | 5 | -118/+158 |
2007-10-10 | r10174: This patch implements generic PAC verification, without assumptions | Andrew Bartlett | 1 | -23/+98 |
2007-10-10 | r10155: Add more notes on required gsskrb5 functions. | Andrew Bartlett | 1 | -2/+7 |
2007-10-10 | r10145: Allow a variable length signature, so we can support signing with | Andrew Bartlett | 1 | -17/+7 |
2007-10-10 | r10066: This is the second in my patches to work on Samba4's kerberos support, | Andrew Bartlett | 4 | -222/+149 |
2007-10-10 | r10035: This patch removes the need for the special case hack | Andrew Bartlett | 3 | -34/+65 |
2007-10-10 | r10021: More kerberos notes. | Andrew Bartlett | 1 | -3/+20 |
2007-10-10 | r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinking | Jelmer Vernooij | 1 | -1/+1 |
2007-10-10 | r9728: A *major* update to the credentials system, to incorporate the | Andrew Bartlett | 2 | -50/+18 |
2007-10-10 | r9693: Move the smb_krb5_context setup code to use the new pattern of | Andrew Bartlett | 1 | -5/+7 |
2007-10-10 | r9681: We don't need the full smb_krb5_context here, so just pass the krb5_co... | Andrew Bartlett | 2 | -7/+7 |
2007-10-10 | r9648: this fixes the krb5 based login with the pac. The key to this whole sa... | Andrew Tridgell | 2 | -1/+8 |
2007-10-10 | r9415: Remove old kerberos code (including salt guessing code) that has only | Andrew Bartlett | 2 | -695/+2 |
2007-10-10 | r9196: - add a note about the Canonicalize KDCOPtion flag | Stefan Metzmacher | 1 | -0/+15 |
2007-10-10 | r9165: Fix inverted error check in untested code path. (My untested code...) | Andrew Bartlett | 1 | -1/+1 |
2007-10-10 | r9084: 'resign' the sample PAC for the validation of the signature algorithms. | Andrew Bartlett | 2 | -91/+190 |
2007-10-10 | r8460: removed the unused function krb5_locate_kdc(). It causes a build failu... | Andrew Tridgell | 2 | -62/+0 |
2007-10-10 | r8252: Steal metze's thunder, and prove that with a few small tweaks, we can | Andrew Bartlett | 1 | -2/+2 |
2007-10-10 | r8250: More PAC work. We now sucessfully verify the KDC signature from my DC | Andrew Bartlett | 2 | -22/+34 |
2007-10-10 | r8164: - match the ordering w2k3 uses for the PAC_BUFFER: | Stefan Metzmacher | 1 | -15/+16 |
2007-10-10 | r8156: I found out that the unknown[2] field of the unknown[4] array is a len... | Stefan Metzmacher | 1 | -6/+4 |
2007-10-10 | r8148: - make the PAC generation code a bit more readable and add some outof ... | Stefan Metzmacher | 1 | -62/+81 |
2007-10-10 | r8110: More PAC work. I still can't get WinXP to accept the PAC, but we are | Andrew Bartlett | 2 | -39/+73 |
2007-10-10 | r8001: Also fill in the krbtgt checksum, and make sure to put the right | Andrew Bartlett | 2 | -5/+25 |
2007-10-10 | r7993: Further work on the Krb5 PAC. | Andrew Bartlett | 4 | -23/+184 |
2007-10-10 | r7991: I forgot to free the keyblock once we are done with it. | Andrew Bartlett | 1 | -0/+1 |
2007-10-10 | r7989: Allow the use of hashed passwords in the kerberos client and server, | Andrew Bartlett | 2 | -17/+137 |
2007-10-10 | r7980: Forgot to add kerberos_pac.c to this config.mk file. | Andrew Bartlett | 1 | -0/+1 |
2007-10-10 | r7979: Metze reminded me to try one more combination, and we can now verify | Andrew Bartlett | 1 | -32/+14 |
2007-10-10 | r7978: A start again on PAC verification. I have noticed that the kerberos | Andrew Bartlett | 2 | -50/+35 |
2007-10-10 | r7968: Pull the PAC from within GSSAPI, rather than only when using our own | Andrew Bartlett | 2 | -1/+214 |
2007-10-10 | r7863: removed an unused variable | Andrew Tridgell | 1 | -1/+0 |
2007-10-10 | r7862: Updates to the Kerberos notes, based on recent changes and discoveries. | Andrew Bartlett | 1 | -19/+90 |
2007-10-10 | r7843: Use the new Heimdal gsskrb_acquire_creds API. This has the right | Andrew Bartlett | 1 | -0/+2 |
2007-10-10 | r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytab | Andrew Bartlett | 5 | -107/+213 |
2007-10-10 | r7687: Some more tests that must be done only when krb5_config is absent. | Andrew Bartlett | 1 | -4/+5 |
2007-10-10 | r7638: krb5_closelog in heimdal-0.7 not longer leaks memory, so remove that c... | Love Hörnquist Åstrand | 1 | -4/+0 |
2007-10-10 | r7637: Another useful Heimdal feature we need. | Andrew Bartlett | 1 | -0/+5 |
2007-10-10 | r7509: With the update to Heimdal 20050612 we no longer need krb5_freelog(), | Andrew Bartlett | 3 | -3/+2 |
2007-10-10 | r7352: the internal heimdal build change. This changes quite a few things: | Andrew Tridgell | 1 | -0/+2 |
2007-10-10 | r7306: Use a consistant #define for detecting support for the Heimdal krb5 | Andrew Bartlett | 2 | -5/+5 |
2007-10-10 | r7303: autodetect the libkdc and our kdc support | Stefan Metzmacher | 1 | -7/+28 |
2007-10-10 | r7291: Additional notes on what we require from a kerberos implementation. | Andrew Bartlett | 1 | -1/+36 |
2007-10-10 | r7285: It appears that MIT Kerberos does not have the log redirection | Andrew Bartlett | 3 | -2/+23 |
2007-10-10 | r7270: A big revamp to the way we handle kerberos errors in Samba4. We now | Andrew Bartlett | 4 | -17/+124 |
2007-10-10 | r7258: Fix the final linking error with libkdc - we need to link libhdb as well. | Andrew Bartlett | 1 | -0/+1 |
2007-10-10 | r7257: Ensure the error message can never be uninitialised. | Andrew Bartlett | 1 | -0/+1 |