summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/krb5
AgeCommit message (Collapse)AuthorFilesLines
2010-04-09s4-krb5: Fix typos in comment.Karolin Seeger1-1/+1
Karolin
2010-03-27s4:heimdal: import lorikeet-heimdal-201003262338 (commit ↵Andrew Bartlett9-34/+103
f4e0dc17709829235f057e0e100d34802d3929ff)
2010-03-27s4:heimdal: import lorikeet-heimdal-201001120029 (commit ↵Andrew Bartlett78-1049/+2082
a5e675fed7c5db8a7370b77ed0bfa724196aa84d)
2010-03-16kerberos - set the memory to "0"s before freeing the password to prevent ↵Matthias Dieter Wallnöfer1-2/+6
security issues
2010-03-16heimdal - remove unused variableMatthias Dieter Wallnöfer1-1/+0
2010-03-16heimdal - fix overlapped identifiers in the "krb5" libraryMatthias Dieter Wallnöfer3-11/+11
2010-03-16heimdal - free always "ctx->password" when it isn't needed anymoreMatthias Dieter Wallnöfer1-1/+3
"strdup" does always create a new object in the memory (through "malloc") which needs to be freed if it isn't used anymore.
2010-02-15s4-heimdal: Fix typos in comment.Karolin Seeger1-1/+1
Karolin
2009-12-14heimdal: work around differences between GNU and XSI strerror_r()Andrew Tridgell1-2/+10
This is a fairly ugly workaround, but then again, strerror_r() is a very ugly mess.
2009-12-08s4-heimdal: fixed a use-after-free heimdal bugAndrew Tridgell1-0/+1
This caused samba4kinit to segfault on some systems
2009-12-08krb5: Fix leaked hx509_context pointerKamen Mazdrashki1-0/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-17s4:heimdal: import lorikeet-heimdal-200911170333 (commit ↵Andrew Bartlett2-13/+7
b532c294d974cead40a1183c71be644c6ccc2832) This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
2009-11-13s4:heimdal: import lorikeet-heimdal-200911122202 (commit ↵Andrew Bartlett17-351/+641
9291fd2d101f3eecec550178634faa94ead3e9a1)
2009-11-13s4:heimdal: import lorikeet-heimdal-200909210500 (commit ↵Andrew Bartlett18-289/+1309
290db8d23647a27c39b97c189a0b2ef6ec21ca69)
2009-08-06s4:heimdal: import lorikeet-heimdal-200908052208 (commit ↵Andrew Bartlett2-13/+1
370a73a74199a5a55188340906e15fd795f67a74) This removes some of the portability changes made to code under heimdal/ If these are still required, then we will re-add them with code under heimdal_build/ (so that we can simply 'drop in' future heimdal releases). Andrew Bartlett
2009-08-05s4:heimdal: import lorikeet-heimdal-200908050050 (commit ↵Andrew Bartlett12-175/+218
8714779fa7376fd9f7761587639e68b48afc8c9c) This also adds a new hdb-glue.c file, to cope with Heimdal's uncondtional enabling of SQLITE. (Very reasonable, but not required for Samba4's use). Andrew Bartlett
2009-07-17s4:heimdal: import lorikeet-heimdal-200907162216 (commit ↵Andrew Bartlett2-1/+18
d09910d6803aad96b52ee626327ee55b14ea0de8) This includes in particular changes to the KDC to resolve bug 6272, originally by Matthieu Patou <mat+Informatique.Samba@matws.net>. We need to sort the AuthorizationData elements to put the PAC first, or else WinXP breaks when browsed from Win2k8. Andrew Bartlett
2009-07-16s4:heimdal: import lorikeet-heimdal-200907152325 (commit ↵Andrew Bartlett4-87/+201
2bef9cd5378c01e9c2a74d6221761883bd11a5c5)
2009-07-03heimdal: don't include <ifaddrs.h> without knowing it's thereBjörn Jacke1-0/+2
this is 73dbbe0d54 re-added. abartlet, please pick this to lorikeet.
2009-06-12s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett91-2729/+4331
904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
2009-02-24Fix the build. Looks like no one ever compiled this on a systemJeremy Allison1-0/+12
with a libintl.h before. Jeremy.
2009-02-24Start fixing Solaris build failures.Jeremy Allison1-1/+1
Jeremy.
2009-01-31heimdal: void functions should not return a valueStefan Metzmacher1-1/+1
metze
2009-01-30heimdal: don't include <ifaddrs.h> without knowing it's thereStefan Metzmacher1-0/+2
metze
2008-11-02Use standard heimdal function for finding interfaces - libreplace provides ↵Jelmer Vernooij1-0/+292
support for the underlying functions now.
2008-10-28s4: import lorikeet-heimdal-200810271034Stefan Metzmacher90-4028/+5197
metze
2008-10-20Add samba4kpasswd and rkpty binariesAndrew Bartlett1-0/+66
smaba4kpasswd will be used to test the kpasswdd componet of the KDC (which is up until now untested), and rkpty is an expect-like wrapper we can use to blackbox that utility. Andrew Bartlett
2008-09-03Merge krb5_cksumtype_to_enctype from Heimdal svn -r 23719Andrew Bartlett1-32/+70
(This used to be commit cc1df3c002e6af25add3c8ae20e7efc2ab6f2fa8)
2008-08-28Don't wipe the PAC checksums, the caller may actually need them.Andrew Bartlett1-14/+0
(This used to be commit 9db5a966fce0b71a0d2167b4aff70cc081abc1cc)
2008-08-26heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patchesStefan Metzmacher90-830/+1096
This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo. metze (This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53)
2008-08-26heimdal_build: autogenerate the heimdal private/proto headersStefan Metzmacher2-4624/+0
Now it's possible to just use a plain heimdal tree in source/heimdal/ without any pregenerated files. metze (This used to be commit da333ca7113f78eeacab4f93b401f075114c7d88)
2008-08-26heimdal: remove unused old filesStefan Metzmacher1-458/+0
metze (This used to be commit 94cef56212d7d7c1150aea760dba24bda7190442)
2008-08-26heimdal_build: add a fake sqlite keytab implementationStefan Metzmacher1-2/+0
This remove a difference against lorikeet-heimdal. metze (This used to be commit 4314df3561dfe60228db0af220549300b0137c85)
2008-08-14Revert "krb5: always generate the acceptor subkey as the same enctype as the ↵Stefan Metzmacher1-3/+0
used service key" This reverts commit dbb94133e0313cae933d261af0bf1210807a6d11. As we fixed gensec_gssapi to only return a session key when it's have the correct session key, this hack isn't needed anymore. metze (This used to be commit 697cd1896bccaa55ee422f17d9312d787ca699ed)
2008-08-08krb5: always generate the acceptor subkey as the same enctype as the used ↵Stefan Metzmacher1-0/+3
service key With this patch samba4 can use gsskrb5_get_subkey() to get the session key. metze (This used to be commit dbb94133e0313cae933d261af0bf1210807a6d11)
2008-08-01heimdal: update to lorikeet-heimdal rev 801Stefan Metzmacher64-1565/+2803
metze (This used to be commit d6c54a66fb23c784ef221a3c1cf766b72bdb5a0b)
2008-03-19Merge lorikeet-heimdal -r 787 into Samba4 tree.Andrew Bartlett44-487/+1969
Andrew Bartlett (This used to be commit d88b530522d3cef67c24422bd5182fb875d87ee2)
2007-10-10r24614: Merge with current lorikeet-heimdal. This brings us one step closerAndrew Bartlett16-128/+242
to an alpha release. Andrew Bartlett (This used to be commit 30e02747d511630659c59eafec8d28f58605943b)
2007-10-10r23678: Update to current lorikeet-heimdal (-r 767), which should fix theAndrew Bartlett15-175/+481
panics on hosts without /dev/random. Andrew Bartlett (This used to be commit 14a4ddb131993fec72316f7e8e371638749e6f1f)
2007-10-10r23456: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett93-331/+683
Andrew Bartlett (This used to be commit ae0f81ab235c72cceb120bcdeb051a483cf3cc4f)
2007-10-10r22191: Add a samba4kinit binary to the build, so I can test using an existingAndrew Bartlett2-0/+253
ccache, as well as PKINIT. Andrew Bartlett (This used to be commit 440b8d9e4b09d5e8c943504ade85c17f752fe705)
2007-10-10r21438: create the PAC element in the same order as w2k3,Stefan Metzmacher1-7/+7
maybe there's some broken code in windows which relies on this... love: can you merge this to heimdal? metze (This used to be commit b64abf9113a939308dc9e92ff7ddaad7be6ab551)
2007-10-10r20640: Commit part 2/2Andrew Bartlett24-171/+1637
Update Heimdal to match current lorikeet-heimdal. This includes integrated PAC hooks, so Samba doesn't have to handle this any more. This also brings in the PKINIT code, hence so many new files. Andrew Bartlett (This used to be commit 351f7040f7bb73b9a60b22b564686f7c2f98a729)
2007-10-10r19681: Update to current lorikeet-heimdal. I'm looking at using the realmAndrew Bartlett8-13/+491
lookup plugin, the new PAC validation code as well as Heimdal's SPNEGO implementation. Andrew Bartlett (This used to be commit 05421f45ed7811697ea491e26c9d991a7faa1a64)
2007-10-10r19663: merge changes from lorikeet heimdal:Stefan Metzmacher1-22/+52
support for netbios domain based realms metze (This used to be commit dcec6eebf1b474ae3055449efebf491b1106a458)
2007-10-10r19644: Merge up to current lorikeet-heimdal, incling addingAndrew Bartlett4-48/+81
gsskrb5_set_default_realm(), which should fix mimir's issues. Andrew Bartlett (This used to be commit 8117e76d2adee163925a29df872015ff5021a1d3)
2007-10-10r19633: Merge to lorikeet-heimdal, removing krb5_rd_req_return_keyblock in ↵Andrew Bartlett6-83/+304
favour of a more tasteful replacement. Remove kerberos_verify.c, as we don't need that code any more. Replace with code for using the new krb5_rd_req_ctx() borrowed from Heimdal's accecpt_sec_context.c Andrew Bartlett (This used to be commit 13c9df1d4f0517468c80040d3756310d4dcbdd50)
2007-10-10r19606: Remove generated filesAndrew Bartlett3-463/+0
Andrew Bartlett (This used to be commit 7b7e1fe15358d9ed1893305fbf8a1010293ed772)
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett35-741/+1888
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r18826: Allow 'enterprise' principal names to log in.Andrew Bartlett5-14/+30
These principals do not need to be in the same realm as the rest of the ticket, the full principal name is in the first componet of the ASN.1. Samba4's backend will handle getting this to the 'right' place. Andrew Bartlett (This used to be commit 90b01b8af21609e2e5c8b6bd8cab8bd393844acf)