summaryrefslogtreecommitdiffstats
path: root/source/libsmb/clikrb5.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix unused variable warning when ENCTYPE_ARCFOUR_HMAC is not defined.Tim Potter2003-02-251-0/+2
|
* Clean up non-krb5 breakages from my modifications to luke howard's patch.Andrew Bartlett2003-02-241-7/+1
| | | | Andrew Bartlett
* Patch from Luke Howard to add mutual kerberos authentication, and SMB sessionAndrew Bartlett2003-02-241-9/+47
| | | | | | keys for kerberos authentication. Andrew Bartlett
* Fix IRIX build...void fn can't return another void fnJim McDonough2003-02-211-1/+2
|
* Can't return SAFE_FREE...put on its own line.Jim McDonough2003-02-191-1/+2
|
* Correct way to keep fucntion from proto.hJim McDonough2003-02-191-7/+4
|
* Get non-krb systems to compile. How the heck do I keep something from being ↵Jim McDonough2003-02-191-8/+9
| | | | sucked into proto.h?
* Try to get heimdal working with HEAD.Jim McDonough2003-02-191-4/+34
| | | | | | | | | | | - Provide generic functions for - get valid encryption types - free encryption types - Add encryption type parm to generic function create_kerberos_key_from_string() - Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c I think this should work for both MIT and heimdal, in HEAD. If all goes smooth, I'll move it over to 3.0 soon...
* Antti Andreimann <Antti.Andreimann@mail.ee> has done some changes to enableAndrew Bartlett2003-02-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | users w/o full administrative access on computer accounts to join a computer into AD domain. The patch and detailed changelog is available at: http://www.itcollege.ee/~aandreim/samba This is a list of changes in general: 1. When creating machine account do not fail if SD cannot be changed. setting SD is not mandatory and join will work perfectly without it. 2. Implement KPASSWD CHANGEPW protocol for changing trust password so machine account does not need to have reset password right for itself. 3. Command line utilities no longer interfere with user's existing kerberos ticket cache. 4. Command line utilities can do kerberos authentication even if username is specified (-U). Initial TGT will be requested in this case. I've modified the patch to share the kinit code, rather than copying it, and updated it to current CVS. The other change included in the original patch (local realms) has been left out for now. Andrew Bartlett
* Stop tpot from trampling over my Heimdal fixes by moving some of themJeremy Allison2003-01-301-0/+122
| | | | | to HEAD :-). Jeremy.
* Fixup proto generation to not include krb5 specific symbolsJeremy Allison2003-01-211-5/+5
| | | | | if no kerberos selected. Noticed by Metze. Jeremy.
* More fixes getting us closer to full Heimdal compile....Jeremy Allison2003-01-211-0/+20
| | | | Jeremy.
* should be HAVE_KRB5_SET_REAL_TIME (HAVE_ was missing)...fix the buildJim McDonough2003-01-201-1/+1
|
* Merge in more of the SuSE patches for Heimdal. These changes show howJeremy Allison2003-01-191-0/+29
| | | | | | to add a function without an explicit #ifdef HEIMDAL which I'm trying to avoid. Jeremy.
* One more const. Andrew, you seem to have krb5 :-)Volker Lendecke2003-01-021-1/+1
| | | | Volker
* BIG patch...Andrew Bartlett2003-01-021-1/+1
| | | | | | | | | | | | | | | | This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett
* fix segfaultGerald Carter2002-11-151-1/+3
|
* Fixed compiler error when HAVE_KRB5 not defined.Tim Potter2002-09-181-1/+1
|
* Add clock skew handling to our kerberos code. This allows us to cope withAndrew Tridgell2002-09-171-1/+13
| | | | the DC being out of sync with the local machine.
* don't use ENCTYPE_ARCFOUR_HMAC unless the kerberos lib supports itAndrew Tridgell2002-09-041-5/+4
|
* convert the LDAP/SASL code to use GSS-SPNEGO if possibleAndrew Tridgell2002-08-301-1/+7
| | | | | | | | | | | | | | | | we now do this: - look for suported SASL mechanisms on the LDAP server - choose GSS-SPNEGO if possible - within GSS-SPNEGO choose KRB5 if we can do a kinit - otherwise use NTLMSSP This change also means that we no longer rely on having a gssapi library to do ADS. todo: - add TLS/SSL support over LDAP - change to using LDAP/SSL for password change in ADS
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* added trusted realm support to ADS authenticationAndrew Tridgell2001-12-191-2/+2
| | | | | | the method used for checking if a domain is a trusted domain is very crude, we should really call a backend fn of some sort. For now I'm using winbindd to do the dirty work.
* fixed some krb5 ifdefsAndrew Tridgell2001-11-281-1/+1
|
* added "net join" commandAndrew Tridgell2001-11-241-0/+7
| | | | this completes the first stage of the smbd ADS support
* Ok, I know it's a language thing and it shouldn't matter.... but a kerberosJeremy Allison2001-10-211-6/+6
| | | | | name is a "principal", not a principle. English majors will complain :-). Jeremy.
* Fix for compilation on non-krb5 systemsAndrew Bartlett2001-10-211-1/+1
|
* made smbclient cope better with arbitrary principle formsAndrew Tridgell2001-10-211-7/+5
|
* better krb5 error handling (thanks andrewb!)Andrew Tridgell2001-10-201-7/+16
|
* the beginnings of kerberos support in smbd. It doesn't work yet, butAndrew Tridgell2001-10-181-3/+1
| | | | | it should give something for others to hack on and possibly find what I'm doing wrong.
* fix heimdal compilationAndrew Tridgell2001-10-161-1/+2
|
* added NTLMSSP authentication to libsmb. It seems to work well so I have ↵Andrew Tridgell2001-10-121-213/+8
| | | | enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM
* improve the error handling in the ASN1 code a bitAndrew Tridgell2001-10-111-14/+22
|
* added a ASN.1 parser, so now I can properly parse the negTokenInitAndrew Tridgell2001-10-111-59/+120
| | | | | | | | | packet which means I can extract the service and realm, so we should now work with realms other than the local realm. it also means we now check the list of OIDs given by the server just in case it says that it doesn't support kerberos. In that case we should fall back to NTLMSSP but that isn't written yet.
* fixed some memory leaks, started adding asn1 decoder for server sideAndrew Tridgell2001-10-111-4/+6
|
* initial kerberos/ADS/SPNEGO support in libsmb and smbclient. ToAndrew Tridgell2001-10-111-0/+267
activate you need to: - install krb5 libraries - run configure - build smbclient - run kinit to get a TGT - run smbclient with the -k option to choose kerberos auth
generated by cgit (git 2.34.1) at 2025-09-25 22:16:18 +0000