summaryrefslogtreecommitdiff
path: root/source4/libcli/auth/kerberos_verify.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4355: More work from the elves on Christmas eve:Andrew Bartlett1-88/+96
- Update Samba4's kerberos code to match the 'salting' changes in Samba3 (and many other cleanups by jra). - Move GENSEC into the modern era of talloc destructors. This avoids many of the memory leaks in this code, as we now can't somehow 'forget' to call the end routine. - This required fixing some of the talloc hierarchies. - The new krb5 seems more sensitive to getting the service name right, so start actually setting the service name on the krb5 context. Andrew Bartlett (This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
2007-10-10r4045: readd krb5 support defaulted to disableStefan Metzmacher1-1/+3
use: gensec:krb5=yes gensec:ms_krb5=yes to enable it or -k on the client tools on the command line metze (This used to be commit 0ae5794cf44933d2554e0356baaca24c7a784f71)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-1/+2
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3443: the next stage in the include files re-organisation.Andrew Tridgell1-0/+2
I have created the include/system/ directory, which will contain the wrappers for the system includes for logical subsystems. So far I have created include/system/kerberos.h and include/system/network.h, which contain all the system includes for kerberos code and networking code. These are the included in subsystems that need kerberos or networking respectively. Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C file, instead each C module includes the include/system/XXX.h file for the logical system support it needs, and the details are kept isolated in include/system/ This patch also creates a "struct ipv4_addr" which replaces "struct in_addr" in our code. That avoids every C file needing to import all the system networking headers. (This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
2007-10-10r3128: Return the correct error code for a secrets/kerberos login, butAndrew Bartlett1-7/+15
skipping 'bad encryption type'. Andrew Bartlett (This used to be commit 4efb87eb03acfa888d455e4ca0aff18bda7f7ba5)
2007-10-10r3115: Bugfixes and extra debug in our kerberos verify code.Andrew Bartlett1-19/+19
Andrew Bartlett (This used to be commit 9f19aae0c0812b156054385ef77785971488e21c)
2007-10-10r2432: more string function updates.Andrew Tridgell1-1/+1
btw, the reason I want to use strncasecmp() instead of StrnCaseCmp() is that the Samba internal functions are built to deal with multi-byte, whereas in the cases I am converting we know we are dealing with solely ascii string constants, so going via the slow conversion libraries is pointless. (This used to be commit cef08d5789277bdaa25d5bf0e7cfca8615230f1b)
2007-10-10r2286: Fixes towards krb5 logins into Samba's CIFS server.Andrew Bartlett1-3/+16
These fixes aim particularly at allowing PAC-less logins, as I don't yet generate a PAC in the lorikeet-heimdal KDC. This is for the benifit of a Kerbeors-enabled domain join, which seems to be progressing quite well! Andrew Bartlett (This used to be commit f5a381094dd5bcbd795a134bc4b8b89901b5e3eb)
2007-10-10r1794: fix the build MIT krb5Stefan Metzmacher1-3/+2
metze (This used to be commit fe655d047434422eae77486e5fd7fa51eb942677)
2007-10-10r1770: here's the krb5 server code,Stefan Metzmacher1-20/+55
there're some cleanups needed and we need to verify the PAC correctly and create the auth_session_info correctly... metze (This used to be commit d8fe497097ee49611bb05c4a2fed36912d8e16b4)
2007-10-10r1630: - fixed the replacement timegm() function to work correctly for DST ↵Andrew Tridgell1-1/+1
changes - got rid of global_myname(), using lp_netbios_name() instead (This used to be commit e8d4b390884e487163d81f66a5a7ac1de1305d9a)
2007-10-10r1448: Indent this so proto doesn't pick it up.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 1164be10af8e1b47824df391196ec37c395a4040)
2007-10-10r1437: Intermediate commit of krb5 for GENSEC.Andrew Bartlett1-40/+9
The session key in the client is wrong, we don't do signing/sealing and we are sending raw Kerberos, not GSSAPI. But it's a start, and if we continue to have to call Krb5 directly, this will be the basis. I also intend to provide an alternate implementation, using just GSSAPI. Andrew Bartlett (This used to be commit eb0dd4a821dc3dbe370aea9a9c9fb05cf2592e4d)
2007-10-10r1418: Merge Samba 3.0's recent kerberos changes into Samba4. None of thisAndrew Bartlett1-101/+213
is used yet. Andrew Bartlett (This used to be commit 7596f311c9a18314716f64476030ce3dfcdd98bb)
2007-10-10r1198: Merge the Samba 3.0 ntlm_auth, including the kerberos and SPENGO parts.Andrew Bartlett1-0/+266
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend to refactor them into the same format as NTLMSSP. Andrew Bartlett (This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)