summaryrefslogtreecommitdiffstats
path: root/src/providers/krb5/krb5_child.c
Commit message (Collapse)AuthorAgeFilesLines
* Fixes for automatic ticket renewalSumit Bose2010-12-201-2/+15
| | | | | | - do not recreate the ccache file when renewing the TGT - use user principal name as hash key instead of ccfile name - let krb5_child return Kerberos error codes
* Fix build issue with older Kerberos librarySumit Bose2010-12-081-2/+2
|
* Add support for FAST in krb5 providerSumit Bose2010-12-071-4/+309
|
* Refactor krb5_child to make helpers more flexibleSumit Bose2010-12-071-20/+36
|
* krb5_child returns TGT lifetimeSumit Bose2010-12-031-0/+29
|
* Add krb5_lifetime optionSumit Bose2010-12-031-1/+15
|
* Add krb5_renewable_lifetime optionSumit Bose2010-12-031-1/+17
|
* Check authtok type for krb5 auth and chpassSumit Bose2010-12-031-0/+12
|
* Add a renew task to krb5_childSumit Bose2010-12-031-0/+87
|
* Send authtok_type to krb5_childSumit Bose2010-12-031-0/+2
|
* Add krb5_kuserok() access check to krb5_childSumit Bose2010-11-041-17/+73
|
* Make krb5_setup() publicSumit Bose2010-11-041-3/+3
|
* Use new MIT krb5 API for better password expiration warningsSumit Bose2010-09-231-0/+51
|
* Dead assignments cleanup in providers codeJan Zeleny2010-09-081-1/+0
| | | | | | | Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586
* Standardize on correct spelling of "principal" for krb5Stephen Gallagher2010-06-161-3/+3
| | | | https://fedorahosted.org/sssd/ticket/542
* Remove krb5_changepw_principal optionJakub Hrozek2010-06-141-12/+22
| | | | Fixes: #531
* Add a missing initializerSumit Bose2010-06-091-1/+1
|
* Initialize pam_data in Kerberos child.Sumit Bose2010-06-061-1/+1
|
* Handle Krb5 password expiration warningSumit Bose2010-05-261-55/+122
|
* Allow arbitrary-length PAM messagesStephen Gallagher2010-03-251-19/+6
| | | | | | | | | The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432
* Add krb5_kpasswd optionSumit Bose2010-03-121-0/+7
|
* Improve safe alignment buffer handling macrosSimo Sorce2010-03-031-15/+15
| | | | | | | | | Make the counter optional so that alignment safe macros can be used also where there is no counter to update. Change arguments names so that they are not deceiving (ptr normlly identify a pointer) Turn the memcpy substitute into an inline function so that passing a pointer to rp and checking for it doesn't make the compiler spit lots of warnings.
* Handle expired passwords like other PAM modulesSumit Bose2010-02-231-1/+1
| | | | | | | | | | | | | So far we handled expired password during authentication. Other PAM modules typically detect expired password during account management and return PAM_NEW_AUTHTOK_REQD if the password is expired and should be changed. The PAM library then calls the change password routines. To meet these standards pam_sss is change accordingly. As a result it is now possible to update an expired password via ssh if sssd is running with PasswordAuthentication=yes. One drawback due to limitations of PAM is that the user now has to type his current password again before setting a new one.
* Remove unneeded items from struct pam_dataSumit Bose2010-02-191-39/+32
|
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+1030
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-05-23 10:59:34 +0000