| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Here we can fetch the right key, and check if the PAC is likely to be signed by a key that
we know. We cannot check the KDC signature on incoming trusts.
Andrew Bartlett
|
|
As mit_samba_update_pac_data() doesn't support adding
S4U_DELEGATION_INFO to the pac (and I have no clue how to add that)
we should disable S4U2Proxy until this is implemented.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jun 28 20:35:19 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
This context is used in ldb, and ldb modules apparently abort if nesting is not
allowed.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Mon Feb 7 20:58:02 CET 2011 on sn-devel-104
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Dec 12 15:20:46 CET 2010 on sn-devel-104
|
|
this prevents us having two lp_ctx contexts in these tools which leads
to bizarre behaviour
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
This includes rewriting the PAC if the original krbtgt isn't to be
trusted, and reading different entries from the DB for the krbtgt
depending on the krbtgt number.
Andrew Bartlett
|
|
This means we just set up the system_session etc in one place
and don't diverge between the MIT and Heimdal plugins.
We also now determine if we are an RODC and store some details
that we will need later.
Andrew Bartlett
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
I can see no reason not to just let this go with the talloc tree that
created it, and avoid a talloc_free with references.
Andrew Bartlett
|
|
|
|
For now, this shares the 'if it's the same host' system with the
constrained delegation code.
Andrew Bartlett
|
|
|
