summaryrefslogtreecommitdiffstats
path: root/source4/auth/kerberos
Commit message (Collapse)AuthorAgeFilesLines
* s4:kerberos Use MIT compatible names for these enc typesAndrew Bartlett2009-08-211-1/+1
| | | | | | | | | This is a small start on (ie, the only trivial part of) the work shown in: http://k5wiki.kerberos.org/wiki/Projects/Samba4_Port#Samba.27s_use_of_Heimdal_symbols.2C_with_MIT_differences (a table of all Kerberos symbols used in Samba4, and notes on where they differ from those provided with MIT Kerberos) Andrew Bartlett
* s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett2009-07-282-1/+148
| | | | | | | | | | | | It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
* Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"Stefan Metzmacher2009-07-272-148/+1
| | | | | | | | | | This reverts commit a40ce5d0d9d06f592a8885162bbaf644006b9f0f. This breaks the build... Andrew, please repush it, when it's fixed:-) metze
* s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett2009-07-272-1/+148
| | | | | | | | | | | | It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
* Rework the kerberos-notes.txt in order and formatDon Davis2009-06-301-0/+803
| | | | | | | | This reworks the notes file to be less stream-of-consciousness and more task for porting, with a very particular focus on a potential port of Samba4 to use MIT Kerberos. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* Fixed some uninitialised variablesMatthias Dieter Wallnöfer2009-06-191-5/+1
| | | | I tried hard to not change the program logic. Should fix bug #6439.
* s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett2009-06-124-12/+24
| | | | | | | | | | | 904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
* Clarify and expand the Kerberos notes made by Andrew Bartlett in 2005Donald T. Davis2009-06-101-154/+448
| | | | | | | | Compiled with Andrew over a series of phone calls and gobby sessions, with the aim of documenting Kerberos requirements for Samba to us an alternate (ie, MIT) Kerberos library. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:auth/credentials: use krb5_data_free()Stefan Metzmacher2009-03-261-5/+1
| | | | metze
* s4:auth/kerberos: s/private/private_dataStefan Metzmacher2009-02-021-10/+10
| | | | metze
* s4:auth/kerberos: convert to tevent_* apiStefan Metzmacher2009-01-032-14/+13
| | | | metze
* s4:socket: use a socket_wrapper aware function to auto close the fd event ↵Stefan Metzmacher2009-01-031-4/+5
| | | | | | for sockets metze
* s4:lib/tevent: rename structsStefan Metzmacher2008-12-292-8/+8
| | | | | | | | | | | | | | | | | | | | list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
* Rename samba-socket -> samba_socket to fix a couple more compilerJelmer Vernooij2008-12-241-1/+1
| | | | warnings.
* s4:lib/socket: socket_connect_send() and socket_connect_ev() should only ↵Stefan Metzmacher2008-12-181-2/+1
| | | | | | wrok with addresses metze
* Remove two debug parameters, not used anywhere.Jelmer Vernooij2008-11-021-6/+2
| | | | | Andrew, I was pretty sure these could be removed but if not, please let me know.
* Remove unused include param/param.h.Jelmer Vernooij2008-10-241-1/+0
|
* Make sure prototypes are always included, make some functions static andJelmer Vernooij2008-10-203-0/+4
| | | | remove some unused functions.
* Fix include paths to new location of libutil.Jelmer Vernooij2008-10-111-1/+1
|
* Cosmetic corrections for the KERBEROS libraryMatthias Dieter Wallnöfer2008-09-241-3/+1
| | | | This commit applies some cosmetic corrections for the KERBEROS library.
* Kerberos cosmetic changes: Revert a part of the patchMatthias Dieter Wallnöfer2008-09-241-1/+3
| | | | Reverts a part of the patch because it changes the function of the code (suggested by Jelmer).
* Cosmetic corrections for the KERBEROS libraryMatthias Dieter Wallnöfer2008-09-243-14/+12
| | | | This commit applies some cosmetic corrections for the KERBEROS library.
* Implement NETLOGON PAC verfication on the server-sideAndrew Bartlett2008-09-031-5/+5
| | | | | | | | This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
* Heimdal provides Kerberos PAC parsing routines. Use them.Andrew Bartlett2008-08-281-1/+122
| | | | | | | | | | | | | | This uses Heimdal's PAC parsing code in the: - LOCAL-PAC test - gensec_gssapi server - KDC (where is was already used, the support code refactored from here) In addition, the service and KDC checksums are recorded in the struct auth_serversupplied_info, allowing them to be extracted for validation across NETLOGON. Andrew Bartlett (This used to be commit 418b440a7b8cdb53035045f3981d47b078be6c1e)
* auth/kerberos: remove dependencies to internal heimdalStefan Metzmacher2008-08-012-2/+1
| | | | | metze (This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)
* auth/kerberos: we don't need to include heimdal private headersStefan Metzmacher2008-08-011-2/+0
| | | | | metze (This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
* build with the new heimdal versionStefan Metzmacher2008-08-012-1/+3
| | | | (This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
* Revert Jelmer's CFLAGS commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6cAndrew Bartlett2008-05-311-2/+0
| | | | | | | | This commit broke the build, because not all files (libreplace, popt) were updated. Andrew Bartlett (This used to be commit 3faacf4351d68a10aea78b53768571d2059772ae)
* Move CFLAGS handling out of smb_build.Jelmer Vernooij2008-05-301-0/+2
| | | | (This used to be commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c)
* Fix a bunch of dependencies.Jelmer Vernooij2008-05-181-1/+1
| | | | (This used to be commit a63f458462d207d215a6e4ef8e480b0c8daedf6a)
* Fix a couple (well, little more than that..) of typos.Jelmer Vernooij2008-05-181-1/+1
| | | | (This used to be commit a6b52119940a900fb0de3864b8bca94e2965cc24)
* Create prototype headers from Makefile directory, without smb_build in the ↵Jelmer Vernooij2008-05-181-1/+2
| | | | | | middle. (This used to be commit f4a77b96f9c17d853348b70794026e5b9e384942)
* Use variables for source directory in a couple more places.Jelmer Vernooij2008-05-181-1/+1
| | | | (This used to be commit 2860a7db5968c7007522cdb300eba390da929ab8)
* Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3Jelmer Vernooij2008-04-081-1/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: source/auth/credentials/config.mk source/auth/gensec/config.mk source/build/smb_build/makefile.pm source/heimdal_build/config.mk source/lib/events/config.mk source/lib/nss_wrapper/config.mk source/lib/policy/config.mk source/lib/registry/config.mk source/lib/socket_wrapper/config.mk source/lib/tdb/config.mk source/lib/tls/config.mk source/lib/util/config.mk source/libcli/config.mk source/libcli/ldap/config.mk source/libnet/config.mk source/librpc/config.mk source/param/config.mk source/rpc_server/config.mk source/scripting/ejs/config.mk source/smbd/process_model.mk (This used to be commit 760378e0294dd0cd4523a83448328478632d7e3d)
| * Install public header files again and include required prototypes.Jelmer Vernooij2008-04-021-1/+2
| | | | | | | | (This used to be commit 47ffbbf67435904754469544390b67d34c958343)
* | Merge v4.0-testJelmer Vernooij2008-03-281-4/+4
|\| | | | | | | (This used to be commit 977dbdeaf363c8905ed9fd0570eba4be80582833)
| * Don't require users of credentials.h to have krb5.h and gssapi.hAndrew Bartlett2008-03-171-4/+4
| | | | | | | | | | | | | | | | | | Rather than require users of Samba4's headers to have krb5-devel installed (presumably in their system paths), don't expose the minor functions which require this by default. Andrew Bartlett (This used to be commit f14737e4d2040d2f401a3b20c5e78d0d793cfc3a)
* | Move object file lists to the Makefile.Jelmer Vernooij2008-03-031-6/+9
|/ | | | (This used to be commit a7e6d2a1832db388fdafa1279f84c9a8bbfc87d6)
* Avoid use of global_loadparm.Jelmer Vernooij2008-02-212-3/+12
| | | | (This used to be commit c5a95bbe0ce55c29e135a9c6058bf192ec3bb546)
* util: Move asn1 to lib/util to trim down the number of subsystems.Jelmer Vernooij2008-01-151-1/+1
| | | | (This used to be commit 44e1cfd2d0ef62e4ee541cec00581a7151d951b3)
* r26640: Janitorial: Remove some more uses of global_loadparm.Jelmer Vernooij2008-01-011-2/+3
| | | | (This used to be commit c863f4ebde8efa1a695b4469142d6719e30bc419)
* r26639: librpc: Pass iconv convenience on from RPC connection to NDR ↵Jelmer Vernooij2008-01-011-5/+9
| | | | | | library, so it can be overridden by OpenChange. (This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
* r26638: libndr: Require explicitly specifying iconv_convenience for ↵Jelmer Vernooij2008-01-011-5/+17
| | | | | | ndr_struct_push_blob(). (This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
* r26474: Move credentials-specific kerberos file to credentials subsystem. ↵Jelmer Vernooij2007-12-211-2/+1
| | | | | | Fixes missing symbols in some of the python bindings. (This used to be commit e26d0fff6d40899113196ac35a86a9baa10cc9c2)
* r26460: Enable ldb python tests.Jelmer Vernooij2007-12-211-1/+1
| | | | (This used to be commit 25e982453142eb7d2f68c0751d641581b46fbb49)
* r26449: Support configuration without a known configuration dir.Jelmer Vernooij2007-12-211-1/+1
| | | | (This used to be commit d3643c2152a490952e59ee15b7a62ad3ad465462)
* r26397: Fix circular dependency in samba-socket.Jelmer Vernooij2007-12-211-1/+1
| | | | (This used to be commit 801c8c766cb6a104751be8829593e0e123508134)
* r26376: Add context for libcli_resolve.Jelmer Vernooij2007-12-211-1/+2
| | | | (This used to be commit 459e1466a411d6f83b7372e248566e6e71c745fc)
* r26357: Add separate subsystem for auth_sam_reply parsing.Jelmer Vernooij2007-12-212-2/+2
| | | | (This used to be commit 2d61e7c96e249d7031b709e9f727626a78e435f1)
* r26356: Remove prototype for nonexisting function.Jelmer Vernooij2007-12-211-9/+0
| | | | (This used to be commit 2c93f8ec816afb766a0365290231d83ed11ac237)
generated by cgit (git 2.34.1) at 2025-09-03 05:30:49 +0000