summaryrefslogtreecommitdiffstats
path: root/source3/libsmb/clikrb5.c
Commit message (Collapse)AuthorAgeFilesLines
* Make krb5 wrapper library common so they can be used all overSimo Sorce2012-04-231-1597/+0
|
* clikrb5: Move pure krb wrapper functions from libads to clikrb5.Simo Sorce2012-04-121-0/+142
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s3-krb5 Remove unused get_kvno_from_ap_req()Andrew Bartlett2012-04-031-13/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5 Remove unused get_enctype_from_ap_reqAndrew Bartlett2012-04-031-10/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: Remove unused smb_krb5_get_keyinfo_from_ap_req()Andrew Bartlett2012-04-031-26/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: Remove unused get_key_from_keytabAndrew Bartlett2012-04-031-59/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: remove unused unwrap_pac()Andrew Bartlett2012-04-031-48/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: remove unused get_auth_data_from_tktAndrew Bartlett2012-04-031-66/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: Remove unused get_authtime_from_tktAndrew Bartlett2012-04-031-9/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: Remove unused krb5_rd_req_return_keyblock_from_keytabAndrew Bartlett2012-04-031-55/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-krb5: Remove unused get_principal_from_tktAndrew Bartlett2012-04-031-9/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-libsmb: Remove unused kerberos_set_creds_enctype()Andrew Bartlett2012-02-101-11/+0
| | | | | | | | Also remove the unused configure tests for krb5_c_enctype_compare. Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html Andrew Bartlett
* s3-libsmb: Remove unused kerberos_compatible_enctypesAndrew Bartlett2012-02-101-10/+0
| | | | | | | | Also remove the unused configure tests for krb5_c_enctype_compare. Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html Andrew Bartlett
* s3-libsmb: Remove unused smb_krb5_mk_error()Andrew Bartlett2012-02-101-37/+0
| | | | | | | | Also remove now-unused configure checks for krb5_mk_error(). Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html Andrew Bartlett
* s3-libsmb: Remove obsolete smb_krb5_locate_kdc.Andreas Schneider2012-02-091-89/+0
| | | | | | | Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Feb 9 14:58:57 CET 2012 on sn-devel-104
* krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett2012-01-101-20/+0
|
* krb5: Require krb5_get_renewed_creds be available to build with krb5Andrew Bartlett2012-01-101-49/+4
|
* krb5: Require krb5_get_init_creds_opt_alloc/free for build with krb5Andrew Bartlett2012-01-101-29/+0
| | | | | | This also assumes the modern API with a krb5_context argument. Andrew Bartlett
* krb5: Require krb5_fwd_tgt_creds to be available to build with krb5Andrew Bartlett2012-01-101-3/+3
|
* krb5: Require krb5_c_enctype_compare is available to build with krb5Andrew Bartlett2012-01-101-4/+0
|
* s3-libsmb: Don't duplicate kerberos service tickets.Andreas Schneider2011-12-151-5/+0
| | | | | | | | | | | This fixes bug #8628. Each time we do a client connection. Each time we call to function to get the service ticket from the cache we duplicate it. So with each connection we end up with one or three duplicated tickets. Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Thu Dec 15 19:30:42 CET 2011 on sn-devel-104
* s3:clikrb5: fix the build with newer heimdal versionsStefan Metzmacher2011-07-141-0/+4
| | | | | | | | | | krb5_get_default_in_tkt_etypes() requires a 3rd argument if KRB5_PDU_NONE is available. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jul 14 21:21:13 CEST 2011 on sn-devel-104
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-1/+1
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* More const fixes. Remove CONST_DISCARD.Jeremy Allison2011-05-061-1/+1
|
* More const fixes for compiler warnings from the waf build.Jeremy Allison2011-05-051-59/+67
|
* libcli/auth: Move more kerberos wrapping in commonAndrew Bartlett2011-04-201-228/+0
| | | | | | | These functions are required to get the krb5 PAC parsing and verfication in common. Andrew Bartlett
* libcli/auth Move krb5 wrapper functions from s3 into commonAndrew Bartlett2011-04-141-74/+0
| | | | | | | | | This requires a small rework of the build system to ensure that the correct #define statements are made in both the s3 and top level builds. We now define the various HAVE_ macros in config.h at all times, using heimdal_build/wscript_configure when that is in use. Andrew Bartlett
* s3-libsmb: put namequery headers to nmblib.hGünther Deschner2011-03-301-0/+1
| | | | | | | We might find a better name for it and merge other namequery related things as well here... Guenther
* s3-build: only include asn1 headers where actually needed.Günther Deschner2011-03-161-0/+1
| | | | Guenther
* s3:libsmb: use 16 zero bytes as channel binding checksum in the gssapi ↵Stefan Metzmacher2010-12-231-20/+10
| | | | | | | | | | | | | | checksum (bug #7883) This fixes SMB session setups with kerberos against some closed source SMB servers. The new behavior matches heimdal and mit. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Dec 23 09:38:43 CET 2010 on sn-devel-104
* s3: Remove two talloc_autofree_context() callsVolker Lendecke2010-09-261-2/+2
| | | | Both allocated blobs are freed in their routines
* s3-krb5 Fix Kerberos on FreeBSD with Samba4 DCsAndrew Bartlett2010-09-111-3/+1
| | | | | | | | | | | | | The idea of this patch is: Don't support a mix of different kerberos features. Either we should prepare a GSSAPI (8003) checksum and mark the request as such, or we should use the old behaviour (a normal kerberos checksum of 0 data). Sending the GSSAPI checksum data, but without marking it as GSSAPI broke Samba4, and seems well outside the expected behaviour, even if Windows accepts it. Andrew Bartlett
* s3-kerberos: try to fix the build w/o kerberos support.Günther Deschner2010-08-301-1/+7
| | | | Guenther
* s3-krb5 Only build ADS support if arcfour-hmac-md5 is availableAndrew Bartlett2010-08-131-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Modern Kerberos implementations have either defines or enums for these key types, which makes doing #ifdef difficult. This shows up in files such as libnet_samsync_keytab.c, the bulk of which is not compiled on current Fedora 12, for example. The downside is that this makes Samba unconditionally depend on the arcfour-hmac-md5 encryption type at build time. We will no longer support libraries that only support the DES based encryption types. However, the single-DES types that are supported in common with AD are already painfully weak - so much so that they are disabled by default in modern Kerberos libraries. If not found, ADS support will not be compiled in. This means that our 'net ads join' will no longer set the ACB_USE_DES_KEY_ONLY flag, and we will always try to use arcfour-hmac-md5. A future improvement would be to remove the use of the DES encryption types totally, but this would require that any ACB_USE_DES_KEY_ONLY flag be removed from existing joins. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
* s3-krb5: include krb5pac.h where needed.Günther Deschner2010-08-061-0/+1
| | | | Guenther
* Fix bug 7583 - Smbclient fails to kerberos connect to a Alfresco JLAN CIFS ↵Jeremy Allison2010-07-231-152/+151
| | | | | | | | | | Server Correctly calculate the gssapi channel binding checkum. Jeremy Signed off by: simo <idra@samba.org>
* s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keysSimo Sorce2010-07-201-10/+17
|
* misc: cleanup get_krb5_smb_session_key()Simo Sorce2010-07-201-8/+15
|
* misc: cleanup cli_krb5_get_ticket()Simo Sorce2010-07-201-21/+20
|
* s3: fix build on Heimdal based systems like NetBSD5Björn Jacke2010-06-051-3/+3
|
* s3: remove authdata.hGünther Deschner2010-06-031-1/+8
| | | | Guenther
* s3-kerberos: add a missing reference to authdata headers.Günther Deschner2009-11-271-0/+1
| | | | Guenther
* s3-kerberos: only use krb5 headers where required.Günther Deschner2009-11-271-3/+1
| | | | | | | This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther
* s3-kerberos: Fix Bug #6929: build with recent heimdal.Günther Deschner2009-11-271-1/+1
| | | | | | | Heimdal changed the KRB5_DEPRECATED define (which now may not take an identifier for activation) in new releases (like 1.3.1). Guenther
* s3-kerberos: avoid using ERROR_TABLE_BASE_krb5 without checking.Günther Deschner2009-11-121-0/+4
| | | | Guenther
* s3-kerberos: add smb_krb5_principal_get_realm().Günther Deschner2009-11-121-0/+25
| | | | Guenther
* Revert "s3-kerberos: add smb_krb5_parse_name_flags()."Günther Deschner2009-11-061-18/+0
| | | | This reverts commit 17ef153b68795fec681f9ce17c198236aba2b1c2.
* s3-kerberos: support S4U2SELF impersionation through cli_krb5_get_ticket().Günther Deschner2009-11-061-5/+20
| | | | Guenther
* s3-kerberos: use smb_krb5_get_credentials in ads_krb5_mk_req.Günther Deschner2009-11-061-4/+7
| | | | Guenther
* s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg.Günther Deschner2009-11-061-2/+4
| | | | Guenther
generated by cgit (git 2.34.1) at 2025-09-25 17:46:25 +0000