summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc/misc.c
AgeCommit message (Collapse)AuthorFilesLines
2010-12-01s4:heimdal: import lorikeet-heimdal-201012010201 (commit ↵Andrew Bartlett1-15/+6
81fe27bcc0148d410ca4617f8759b9df1a5e935c)
2010-11-12heimdal Return HDB_ERR_NOT_FOUND_HERE to the callerAndrew Bartlett1-3/+3
This means that no reply packet should be generated, but that instead the user of the libkdc API should forward the packet to a real KDC, that has a full database. Andrew Bartlett
2010-10-03s4:heimdal: import lorikeet-heimdal-201010022046 (commit ↵Andrew Bartlett1-7/+17
1bea031b9404b14114b0272ecbe56e60c567af5c)
2010-09-29heimdal Add support for extracting a particular KVNO from the databaseAndrew Bartlett1-0/+8
This should allow master key rollover. (but the real reason is to allow multiple krbtgt accounts, as used by Active Directory to implement RODC support) Andrew Bartlett
2010-03-27s4:heimdal: import lorikeet-heimdal-201003262338 (commit ↵Andrew Bartlett1-2/+0
f4e0dc17709829235f057e0e100d34802d3929ff)
2009-11-13s4:heimdal: import lorikeet-heimdal-200911122202 (commit ↵Andrew Bartlett1-2/+3
9291fd2d101f3eecec550178634faa94ead3e9a1)
2009-08-05s4:heimdal: import lorikeet-heimdal-200908050050 (commit ↵Andrew Bartlett1-2/+6
8714779fa7376fd9f7761587639e68b48afc8c9c) This also adds a new hdb-glue.c file, to cope with Heimdal's uncondtional enabling of SQLITE. (Very reasonable, but not required for Samba4's use). Andrew Bartlett
2009-06-30s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookupsAndrew Bartlett1-0/+22
The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail list user principal name) in an AS-REQ. Evidence from the wild (Win2k8 reportadely) indicates that this is instead valid for all types of requests. While this is now handled in heimdal/kdc/misc.c, a flag is now defined in Heimdal's hdb so that we can take over this handling in future (once we start using a system Heimdal, and if we find out there is more to be done here). Andrew Bartlett
2008-10-28s4: import lorikeet-heimdal-200810271034Stefan Metzmacher1-28/+28
metze
2008-08-26heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patchesStefan Metzmacher1-1/+1
This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo. metze (This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53)
2008-08-01heimdal: update to lorikeet-heimdal rev 801Stefan Metzmacher1-5/+6
metze (This used to be commit d6c54a66fb23c784ef221a3c1cf766b72bdb5a0b)
2007-10-10r23678: Update to current lorikeet-heimdal (-r 767), which should fix theAndrew Bartlett1-4/+7
panics on hosts without /dev/random. Andrew Bartlett (This used to be commit 14a4ddb131993fec72316f7e8e371638749e6f1f)
2007-10-10r23456: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit ae0f81ab235c72cceb120bcdeb051a483cf3cc4f)
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett1-1/+37
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r15481: Update heimdal/ to match current lorikeet-heimdal.Andrew Bartlett1-6/+6
This includes many useful upstream changes, many of which should reduce warnings in our compile. It also includes a change to the HDB interface, which removes the need for Samba4/lorikeet-heimdal to deviate from upstream for hdb_fetch(). The new flags replace the old entry type enum. (This required the rework in hdb-ldb.c included in this commit) Andrew Bartlett (This used to be commit ef5604b87744c89e66e4d845f45b23563754ec05)
2007-10-10r14198: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)
2007-10-10r12269: Update to current lorikeet-heimdal. This changed the way the hdbAndrew Bartlett1-62/+5
interface worked, so hdb-ldb.c and the glue have been updated. Andrew Bartlett (This used to be commit 8fd5224c6b5c17c3a2c04c7366b7e367012db77e)
2007-10-10r11536: Add a hook for client-principal access control to hdb-ldb, re-usingAndrew Bartlett1-0/+56
the code in auth/auth_sam.c for consistancy. This will also allow us to have one place for a backend directory hook. I will use a very similar hook to add the PAC. Andrew Bartlett (This used to be commit 4315836cd8c94eb8340c4050804face4d0066810)
2007-10-10r8302: import mini HEIMDAL into the treeHeimdal Import User1-0/+84
(This used to be commit 118be28a7aef233799956615a99d1a2a74dac175)