Age | Commit message (Collapse) | Author | Files | Lines |
|
To enable, set:
[libdefaults]
dns_lookup_realm = true
dns_lookup_kdc = true
in your /etc/krb5.conf.
In the future I may override the krb5.conf and set this on by default
in Samba4.
Andrew Bartlett
(This used to be commit 32fb50d02560123b8d0ab13346041806c062f9bf)
|
|
to Heimdal CVS as of 2005-08-27).
Andrew Bartlett
(This used to be commit 913924a4997f5e14c503f87510cbd8e4bfd965a9)
|
|
Delete test_crypto_wrapping.c, previously included but unbuilt.
Andrew Bartlett
(This used to be commit d5fb30fb0cef330e0947969f0c9afc1f58fc4c7d)
|
|
This is my first attempt at this, so there may be a few rough edges.
Andrew Bartlett
(This used to be commit 9a1d2f2fec67930975da856a2d365345cec46216)
|
|
metze
(This used to be commit fe5e61a25278d9e74158afd0e3b2bd31f71e43c8)
|
|
metze
(This used to be commit 1008459a98a8232f039b87c91443d653858e0500)
|
|
this should fix the build on sun1
metze
(This used to be commit 06c2aaa50061229cc5082733a8fa58080a5c4305)
|
|
two compilers used for generating the rest of the heimdal files)
(This used to be commit f6b240125a3c5c15ce60f1de89a4575569eceb1e)
|
|
- make some stuff easier
metze
(This used to be commit 14b92e8a085f7d1a011b1663bf2a2728a907b0af)
|
|
metze
(This used to be commit 126875392082f1378316c981ed576934794415d9)
|
|
(This used to be commit 2b15c74f201d7fad11f1c50dd91b27b78b221550)
|
|
for now
(This used to be commit 343e33c13ff5a67b463c2f7c18e0a6590d75f8ab)
|
|
the asn1 and error table files.
This removes the need for HEIMDAL_EXTERNAL
(This used to be commit 2f481ac93c0151b82dab737d49ae8d0d3cbbbbbe)
|
|
(This used to be commit 670a7a8de570a9c89ea09bb473d9b1d8cabf6830)
|
|
(This used to be commit 810fa4f762458202adee3f2fd5b13e74eae7781f)
|
|
(This used to be commit 903d963ca8fdefa23eaa77b5117d90b6b84866ab)
|
|
(This used to be commit 87f7098ee3a24be202b6aaa1ab2a4e44b7b89975)
|
|
fails in the ejs floating point code.
(This used to be commit 30e1b6140e9f6246cb66eef7cf108d1ccf62bd40)
|
|
- added target specific flags to get the #include order right for
com_err and asn1 files in heimdal
(This used to be commit c721c8ca380db756ae2ccf3711be894bab8d5318)
|
|
(This used to be commit 72a769b6d1a1ce5f8a19010074960b692b4755db)
|
|
this should fix the -lsocket problem on solaris
(This used to be commit 4c462cdab318e69b1ee84837246700ecb36eafca)
|
|
this removes the need for recursive make for heimdal, which is a big
win. It should also make it easier/cleaner to build ldb/tdb/appweb etc
in both in-tree and out-of-tree forms by allowing us to specify
different CFLAGS (and thus different include paths) per directory or
file
(This used to be commit b2f9b8aa32426198aa21a703ab4f1d59fb77e512)
|
|
that uses the Samba
interfaces list. This makes heimdal obey the 'interfaces=' smb.conf option, and should also
fix the portability problems with the heimdal code
(This used to be commit ba621d1c554e135f449a144019b84719a086e04f)
|
|
heimdal tool build
(This used to be commit 39c6cf91fb75dc5d7d14922f70b8be8dc15169e1)
|
|
(This used to be commit 2cab29c1e730cf2c8d109513bdb9094769e41a2a)
|
|
Jelmer, when you get a chance can we discuss how to fix this properly?
(This used to be commit 2564cd962b9a972d1ff7d603a9e5ab1c705b2386)
|
|
Andrew Bartlett
(This used to be commit 6a9b6373273f135fe012a6603707d77c2a65e9fa)
|
|
metze
(This used to be commit a2a8aa322d722bd8a1ab672eacfe2f812d621f84)
|
|
We now generate the PAC, and can verifiy both our own PAC and the PAC
from Win2k3.
This commit adds the PAC generation code, spits out the code to get
the information we need from the NETLOGON server back into a auth/
helper function, and adds a number of glue functions.
In the process of building the PAC generation code, some hints in the
Microsoft PAC specification shed light on other parts of the code, and
the updates to samr.idl and netlogon.idl come from those hints.
Also in this commit:
The Heimdal build package has been split up, so as to only link the
KDC with smbd, not the client utils.
To enable the PAC to be veified with gensec_krb5 (which isn't quite
dead yet), the keyblock has been passed back to the calling layer.
Andrew Bartlett
(This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
|
|
'mock GSSAPI'.
Many thanks to Luke Howard for the work he has done on Heimdal for
XAD, to provide the right API hooks in GSSAPI.
Next step is to verify the signatures, and to build the PAC for the
KDC end.
Andrew Bartlett
(This used to be commit 2e82743c98e563e97c5a215d09efa0121854d0f7)
|
|
This will however still be useful when we have crypt() based
authentication.
Andrew Bartlett
(This used to be commit 005e2c0cfed11010685ebc3f3a69cf9f484c958a)
|
|
(This used to be commit 3fe00b61147e09159ef02328a7f1d8f7805abf0d)
|
|
- if you want kerberos now, you need to unpack a lorikeet heimdal
tree in source/heimdal/. If source/heimdal/ does not exist at
configure time then all kerberos features are disabled. You cannot
use an external kerberos library for now. That may change later.
- moved lib/replace/ config stuff to lib/replace/ and create a
lib/replace/replace.h. That allows the heimdal build to use our
portability layer, and prevenets duplicate definitions of functions
like strlcat()
- if you do enable heimdal, then you will need to do 'make
HEIMDAL_EXTERNAL' before you build Samba. That should be fixed once
I explain the problem to jelmer (the problem is the inability to
set a depend without also dragging in the object list of the
dependency. We need this for building the heimdal asn1 compiler and
et compiler.
- disabled all of the m4 checks for external kerberos libraries. I
left them in place in auth/kerberos/, but disabled it in
configure.in
some of the heimdal_build/ code is still very rough, for example I
don't correctly detect the correct awk, flex, bison replacements for
heimdal_build/build_external.sh. I expect to fix that stuff up over
the next few days.
(This used to be commit d4648249b2c7fc8b5e7c0fc8d8f92ae043b5691f)
|
|
(This used to be commit e6a2174050bb55afb32d54b8cfe12c7358bf98f2)
|