| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Resolves https://fedorahosted.org/sssd/ticket/2803
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
| |
Reported by clang static analyser.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
| |
As noted in the MIT KRB5 documentation, some servers send PAC with no
checksum, therefire the PAC validation should not be fatal, instead, we
should treat a failure from krb5_pac_verify as if there was no PAC at
all.
Reported on sssd-devel by Thomas Sondergaard
|
|
|
|
|
|
|
|
|
|
|
| |
This patch modifies the PAC responder so that it can be used with the AD
provider as well. The main difference is that the POSIX UIDs and GIDs
are now lookup up with the help of the SID instead of being calculated
algorithmically. This was necessary because the AD provider allows
either algorithmic mapping or reading the value from attributes stored
in AD.
Fixes https://fedorahosted.org/sssd/ticket/1558
|
|
|
|
| |
Fixes https://fedorahosted.org/sssd/ticket/1409
|
|
|