summaryrefslogtreecommitdiff
path: root/src/providers/krb5/krb5_renew_tgt.c
AgeCommit message (Collapse)AuthorFilesLines
2013-09-23krb5: save canonical upn to sysdbSumit Bose1-1/+1
If the returned TGT contains a different user principal name (upn) than used in the request, i.e. the upn was canonicalized, we currently save it to sysdb into the same attribute where the upn coming from an LDAP server is stored as well. This means the canonical upn might be overwritten when the user data is re-read from the LDAP server. To avoid this this patch add a new attribute to sysdb where the canonical upn is stored and makes sure it is used when available. Fixes https://fedorahosted.org/sssd/ticket/2060
2013-09-11Fix formating of variables with type: size_tLukas Slebodnik1-1/+2
2013-06-27KRB5: guess UPN for subdomain usersJakub Hrozek1-1/+1
2013-04-02Making the authtok structure really opaque.Lukas Slebodnik1-3/+2
Definition of structure sss_auth_token was removed from header file authtok.h and there left only declaration of this structure. Therefore only way how to use this structure is to use accessory function from same header file. To creating new empty authotok can only be used newly created function sss_authtok_new(). TALLOC context was removed from copy and setter functions, because pointer to stuct sss_auth_token is used as a memory context. All declaration of struct sss_auth_token variables was replaced with pointer to this structure and related changes was made in source code. Function copy_pam_data can copy from argument src which was dynamically allocated with function create_pam_data() or zero initialized struct pam_data allocated on stack. https://fedorahosted.org/sssd/ticket/1830
2013-03-13Fix initialization of multiple variablesOndrej Kos1-2/+1
2013-01-21Remove sysdb as a be context structure memberSimo Sorce1-2/+2
The sysdb context is already available through the 'domain' structure.
2013-01-10Change pam data auth tokens.Simo Sorce1-13/+5
Use the new authtok abstraction and interfaces throught the code.
2012-12-20krb5 tgt renewal: fix usage of ldb_dn_get_component_val()Sumit Bose1-4/+4
For some reason I was under the impression that the DN components are counted backwards in libldb. This patch corrects this.
2012-10-26Use find_or_guess_upn() where neededSumit Bose1-10/+28
2012-10-26check_ccache_files: search sub-domains as wellSumit Bose1-4/+14
If sssd is configured to renew Kerberos tickets automatically ticket of sub-domain uses should be renewed as well.
2011-08-15sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny1-2/+1
The patch also updates code using modified functions. Tests have also been adjusted.
2011-06-02Add online callback only once for TGT renewalSumit Bose1-25/+44
2011-05-02Return pam data to the renewal item if renewal failsSumit Bose1-4/+9
A previous patch changed a talloc_steal() into a talloc_move(). Now it is not enough to change the parent memory context with talloc_steal to give back the data, but it has to be assigned back too. Additionally this patch uses the missing pam data as an indication that a renewal request for this data is currently running.
2011-02-22Check ccache file for renewable TGTs at startupSumit Bose1-0/+138
2011-02-18Remove renewal item if it is not re-addedSumit Bose1-1/+34
2010-12-20Fixes for automatic ticket renewalSumit Bose1-23/+56
- do not recreate the ccache file when renewing the TGT - use user principal name as hash key instead of ccfile name - let krb5_child return Kerberos error codes
2010-12-03Add support for automatic Kerberos ticket renewalSumit Bose1-0/+380
generated by cgit (git 2.34.1) at 2024-05-14 14:07:59 +0000