Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-12-20 | Fixes for automatic ticket renewal | Sumit Bose | 1 | -2/+15 | |
- do not recreate the ccache file when renewing the TGT - use user principal name as hash key instead of ccfile name - let krb5_child return Kerberos error codes | |||||
2010-12-08 | Fix build issue with older Kerberos library | Sumit Bose | 1 | -2/+2 | |
2010-12-07 | Add support for FAST in krb5 provider | Sumit Bose | 1 | -4/+309 | |
2010-12-07 | Refactor krb5_child to make helpers more flexible | Sumit Bose | 1 | -20/+36 | |
2010-12-03 | krb5_child returns TGT lifetime | Sumit Bose | 1 | -0/+29 | |
2010-12-03 | Add krb5_lifetime option | Sumit Bose | 1 | -1/+15 | |
2010-12-03 | Add krb5_renewable_lifetime option | Sumit Bose | 1 | -1/+17 | |
2010-12-03 | Check authtok type for krb5 auth and chpass | Sumit Bose | 1 | -0/+12 | |
2010-12-03 | Add a renew task to krb5_child | Sumit Bose | 1 | -0/+87 | |
2010-12-03 | Send authtok_type to krb5_child | Sumit Bose | 1 | -0/+2 | |
2010-11-04 | Add krb5_kuserok() access check to krb5_child | Sumit Bose | 1 | -17/+73 | |
2010-11-04 | Make krb5_setup() public | Sumit Bose | 1 | -3/+3 | |
2010-09-23 | Use new MIT krb5 API for better password expiration warnings | Sumit Bose | 1 | -0/+51 | |
2010-09-08 | Dead assignments cleanup in providers code | Jan Zeleny | 1 | -1/+0 | |
Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586 | |||||
2010-06-16 | Standardize on correct spelling of "principal" for krb5 | Stephen Gallagher | 1 | -3/+3 | |
https://fedorahosted.org/sssd/ticket/542 | |||||
2010-06-14 | Remove krb5_changepw_principal option | Jakub Hrozek | 1 | -12/+22 | |
Fixes: #531 | |||||
2010-06-09 | Add a missing initializer | Sumit Bose | 1 | -1/+1 | |
2010-06-06 | Initialize pam_data in Kerberos child. | Sumit Bose | 1 | -1/+1 | |
2010-05-26 | Handle Krb5 password expiration warning | Sumit Bose | 1 | -55/+122 | |
2010-03-25 | Allow arbitrary-length PAM messages | Stephen Gallagher | 1 | -19/+6 | |
The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432 | |||||
2010-03-12 | Add krb5_kpasswd option | Sumit Bose | 1 | -0/+7 | |
2010-03-03 | Improve safe alignment buffer handling macros | Simo Sorce | 1 | -15/+15 | |
Make the counter optional so that alignment safe macros can be used also where there is no counter to update. Change arguments names so that they are not deceiving (ptr normlly identify a pointer) Turn the memcpy substitute into an inline function so that passing a pointer to rp and checking for it doesn't make the compiler spit lots of warnings. | |||||
2010-02-23 | Handle expired passwords like other PAM modules | Sumit Bose | 1 | -1/+1 | |
So far we handled expired password during authentication. Other PAM modules typically detect expired password during account management and return PAM_NEW_AUTHTOK_REQD if the password is expired and should be changed. The PAM library then calls the change password routines. To meet these standards pam_sss is change accordingly. As a result it is now possible to update an expired password via ssh if sssd is running with PasswordAuthentication=yes. One drawback due to limitations of PAM is that the user now has to type his current password again before setting a new one. | |||||
2010-02-19 | Remove unneeded items from struct pam_data | Sumit Bose | 1 | -39/+32 | |
2010-02-18 | Rename server/ directory to src/ | Stephen Gallagher | 1 | -0/+1030 | |
Also update BUILD.txt |