summaryrefslogtreecommitdiffstats
path: root/source3/libads/kerberos.c
Commit message (Collapse)AuthorAgeFilesLines
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-1/+1
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
* Remove another PATH_MAX.Jeremy Allison2011-06-021-12/+27
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jun 2 02:51:06 CEST 2011 on sn-devel-104
* More const fixes for compiler warnings from the waf build.Jeremy Allison2011-05-051-2/+2
|
* s3-includes: only include system/filesys.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: Fix some nonempty blank linesVolker Lendecke2011-02-271-10/+9
|
* s3-secrets: only include secrets.h when needed.Günther Deschner2010-08-051-0/+1
| | | | Guenther
* s3: avoid global include of ads.h.Günther Deschner2010-08-051-52/+1
| | | | Guenther
* s3-build: use ndr_misc.h where needed.Günther Deschner2010-05-281-0/+1
| | | | Guenther
* s3: Remove use of iconv_convenience.Jelmer Vernooij2010-05-181-3/+2
|
* s3-kerberos: temporary fix for ipv6 in print_kdc_line().Günther Deschner2010-05-171-5/+20
| | | | | | | | | | Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill in just the kdc_name if we have it and let the krb5 lib figure out the appropriate ipv6 address ipv6 gurus, please check. Guenther
* s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().Günther Deschner2010-05-171-7/+12
| | | | Guenther
* Fix bug #7079 - cliconnect gets realm wrong with trusted domains.Jeremy Allison2010-01-301-0/+52
| | | | | | | | | | | Passing NULL as dest_realm for cli_session_setup_spnego() was always using our own realm (as for a NetBIOS name). Change this to look for the mapped realm using krb5_get_host_realm() if the destination machine name is a DNS name (contains a '.'). Could get fancier with DNS name detection (length, etc.) but this will do for now. Jeremy.
* s3-kerberos: only use krb5 headers where required.Günther Deschner2009-11-271-0/+1
| | | | | | | This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther
* s3-kerberos: fix some build warnings when building against heimdal.Günther Deschner2009-11-061-2/+2
| | | | Guenther
* Add a parameter to disable the automatic creation of krb5.conf filesVolker Lendecke2009-08-261-1/+6
| | | | | | | | | | | | | | This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of transitive AD trusts. The workaround is to add a [capaths] directive to /etc/krb5.conf, which we don't automatically put into the krb5.conf winbind creates. The alternative would have been something like a "krb5 conf include", but I think if someone has to mess with /etc/krb5.conf at this level, it should be easy to add the site-local KDCs as well. Next alternative is to correctly figure out the [capaths] parameter for all trusted domains, but for that I don't have the time right now. Sorry :-)
* Remove smb_mkstemp() - libreplace will now provide a secure mkstemp() ifJelmer Vernooij2009-04-201-1/+1
| | | | the system one is broken.
* s3:kerberos Rework smb_krb5_unparse_name() to take a talloc contextAndrew Bartlett2009-04-071-4/+4
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-krb5: Fix Coverity #762 (REVERSE_INULL).Günther Deschner2009-03-201-6/+6
| | | | Guenther
* s3: use pidl to pull a KRB5_EDATA_NTSTATUS.Günther Deschner2009-02-061-36/+6
| | | | Guenther
* s3:libads: use lock_path for creating paths to local krb5.conf filesMichael Adam2009-01-161-2/+3
| | | | | | | | instead of manually doing an asprintf with lp_lockdir() Michael squash
* s3:libads: give create_local_private_krb5_conf_for_domain() a common exit pointMichael Adam2009-01-161-30/+20
| | | | Michael
* s3: Change sockaddr util function names for consistencyTim Prouty2008-12-031-3/+3
| | | | Also eliminates name conflicts with OneFS system libraries
* Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij2008-10-231-4/+5
| | | | | otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
* kerberos: fix indent of enc type lines in generated krb5.conf files.Günther Deschner2008-09-041-3/+3
| | | | | Guenther (This used to be commit 18a26f08b6fab4119a1421a7ca59c32dde8bb8cb)
* libads: add ADS_AUTH_USER_CREDS to avoid magic overwriting of usernames.Günther Deschner2008-06-241-0/+6
| | | | | Guenther (This used to be commit b5aaf5aa0f280f69e05b613271c96473a79b812e)
* Memory leak fixes from Chere Zhou <czhou@isilon.com>.Jeremy Allison2008-05-271-0/+4
| | | | | Jeremy. (This used to be commit 201bcc8ed291b51be6f4508c6aa1cb17ce6dcbe3)
* Fix some comments to match get_kdc_ip_string()'s behaviourroot2008-05-191-1/+7
| | | | (This used to be commit 30956c784f58870ad552a3869d80f99872c31375)
* Coverity fixesMarc VanHeyningen2008-03-171-2/+4
| | | | (This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
* Fix Coverity ID 551Volker Lendecke2008-03-081-0/+2
| | | | | | | Correctly return if we can't create the temporary krb5.conf Jeremy, please check! (This used to be commit c2401811aa3d02a9e27969687b9ea035407000c3)
* Fix some warningsVolker Lendecke2008-02-251-7/+15
| | | | | warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result (This used to be commit ad37b7b0aee265a3e4d8b7552610f4b9a105434d)
* Restrict the enctypes in the generated krb5.conf files to Win2003 types.Gerald W. Carter2008-01-281-4/+8
| | | | | | | This fixes the failure observed on FC8 when joining a Windows 2008 RC1 domain. We currently do not handle user session keys correctly when the KDC uses AES in the ticket replies. (This used to be commit 8039a2518caae54bc876368c73ec493f3cd4eb73)
* Tidy up code and debug for non-default krb5 IPv6 port.Jeremy Allison2008-01-161-9/+15
| | | | | Jeremy. (This used to be commit 79b7972de4c2a8c71e37642ddf7e5bbed53dd58a)
* Fix IPv6 bug #5204, which caused krb5 DNS lookupsJeremy Allison2008-01-161-13/+56
| | | | | | for a name '[<ipv6 addr>'. Jeremy. (This used to be commit f2aa921505e49f894bfed4e5e2f9fc01918b1bb0)
* Print principal in debug statement in kerberos_kinit_password() as well.Günther Deschner2008-01-141-1/+2
| | | | | Guenther (This used to be commit 44d67e84625a2a1a93baecef0e418b48e982443b)
* While 'data' is usually 0 terminated, nothing in the spec requires that. The ↵Simo Sorce2007-12-171-1/+4
| | | | | | | correct way is to copy only 'length' bytes. Simo. (This used to be commit 814c1b0e0034fb67c7718760dfcf913904f3e7fa)
* Doh, fix typo in error exit.Jeremy Allison2007-12-151-2/+2
| | | | | Jeremy. (This used to be commit 44918f39c0598eec681eb9e5c65452f04809c375)
* Added patch originally by Andreas Schneider <anschneider@suse.de>Jeremy Allison2007-12-151-0/+52
| | | | | | | to cause us to behave like Vista when looking for remote machine principal. Modified by me. Jeremy. (This used to be commit d0e33840fb4cfc85990d3ee327428b0854a22722)
* More pstring removal....Jeremy Allison2007-11-201-9/+9
| | | | | Jeremy. (This used to be commit 809f5ab4c595740b28425e1667e395a6058b76a8)
* This is a large patch (sorry). Migrate from struct in_addrJeremy Allison2007-10-241-13/+25
| | | | | | | | | | | | | | to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
* RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison2007-10-181-12/+12
| | | | | | | | bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
* r25030: ip_srv_nonsite and count_nonsite are initialized in get_kdc_list() ↵Lars Müller2007-10-101-2/+2
| | | | | | | in any case. (This used to be commit 287604a1c7dc7dede4b278de92ad8233f597d0b6)
* r24836: Initialize some uninitialized variables.Michael Adam2007-10-101-3/+5
| | | | | | | | This prevents a segfault when get_kdc_ip_string() is called with sitename == NULL. Michael (This used to be commit 58d31e057b57bc69a96e63aabba9aa1da5418d83)
* r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell2007-10-101-2/+1
| | | | (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
* r23779: Change from v2 or later to v3 or later.Jeremy Allison2007-10-101-1/+1
| | | | | Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
* r23147: Patch #4566 from jacob berkman <jberkman@novell.com>. Pass password ↵Jeremy Allison2007-10-101-1/+2
| | | | | | | data to krb5_prompter. Jeremy. (This used to be commit 232fc5d69d44404df13f6516864352f9a5721552)
* r22666: Expand kerberos_kinit_password_ext() to return NTSTATUS codes and makeGünther Deschner2007-10-101-3/+29
| | | | | | | winbindd's kerberized pam_auth use that. Guenther (This used to be commit 0f436eab5b2e5891c341c27cb22db52a72bf1af7)
* r22664: When we have krb5_get_init_creds_opt_get_error() then try to get the ↵Günther Deschner2007-10-101-0/+121
| | | | | | | | | NTSTATUS codes directly out of the krb5_error edata. Guenther (This used to be commit dcd902f24a59288bbb7400d59c0afc0c8303ed69)
* r22663: Restructure kerberos_kinit_password_ext() error path.Günther Deschner2007-10-101-53/+33
| | | | | Guenther (This used to be commit 997ded4e3f0dc2199b9a66a9485c919c16fbabc6)
* r21779: I missd a call to krb5_get_init_creds_opt_alloc in r21778.James Peach2007-10-101-1/+1
| | | | (This used to be commit 4f6c2826aa1ac240b02122a40fe9a1ccabaaaf27)
generated by cgit (git 2.34.1) at 2025-08-28 17:15:45 +0000