summaryrefslogtreecommitdiff
path: root/source4/kdc/mit-kdb
AgeCommit message (Expand)AuthorFilesLines
2023-08-21s4:kdc: Remove support code for older versions of MIT KerberosJoseph Sutton2-379/+1
2022-10-05lib:krb5_wrap: Add helper functions to make krb5_data structureJoseph Sutton3-14/+3
2022-07-27CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime to two minutes or lessJoseph Sutton1-1/+0
2022-04-13s4:mit-samba: Pass flags to mit_samba_get_pac()Andreas Schneider1-0/+1
2022-04-13s4:mit-samba: Pass flags to ks_get_pac()Andreas Schneider1-0/+4
2022-04-01Add missing final newline to end of c fileAndreas Schneider1-1/+1
2022-03-24s4:kdc: let samba_kdc_entry take references to sdb_entry and kdc_entryStefan Metzmacher2-2/+4
2022-03-04s4:mitkdc: Implement support for Resource Based Constrained Delegation (RBCD)Andreas Schneider3-0/+35
2022-03-04s4:mitkdc: Add support for S4U2Self & S4U2ProxyAndreas Schneider1-28/+4
2022-03-04s4:mitkdc: Add support for MIT Kerberos 1.20Andreas Schneider3-2/+140
2021-12-15s4:mitkdc: Call krb5_pac_init() in kdb_samba_db_sign_auth_data()Andreas Schneider1-0/+11
2021-12-15s4:mitkdc: Pass NULL to ks_get_pac() as the client_keyAndreas Schneider1-2/+2
2021-12-15s4:mitkdc: Add support for pac_attrs and requester_sidAndreas Schneider1-1/+8
2021-12-15s4:mitkdc: Reset errno to 0 for com_err messagesAndreas Schneider1-0/+6
2021-12-15s4:mitkdc: Use talloc_get_type_abort() in ks_get_context()Andreas Schneider1-2/+5
2021-11-29s4:mit-kdb: Reduce includes to only what's neededAndreas Schneider1-3/+6
2021-11-09CVE-2020-25719 mit-samba: Rework PAC handling in kdb_samba_db_sign_auth_data()Andreas Schneider1-25/+91
2021-11-09CVE-2020-25719 mit-samba: If we use client_princ, always lookup the db entryAndreas Schneider1-6/+75
2021-11-09CVE-2020-25719 mit-samba: Add ks_free_principal()Andreas Schneider2-0/+54
2021-11-09CVE-2020-25719 mit-samba: Make ks_get_principal() internally publicAndreas Schneider2-4/+9
2021-08-26mit-kdc: Remove build time support for KDB_API < 10Andrew Bartlett3-77/+0
2021-08-05mit-samba: Only set the function opening bracket onceAndreas Schneider1-2/+1
2021-08-05mit-samba: Define debug class for kdb moduleAndreas Schneider6-0/+18
2020-03-10mit-kdc: Explicitly reject S4U requestsIsaac Boukris1-0/+5
2020-03-10Sign and verify PAC with ticket principal instead of canon principalIsaac Boukris1-10/+2
2020-03-10Adapt sign_authdata in our KDB module for krb5 v1.18Isaac Boukris3-1/+49
2019-12-17mit-kdb: Fix license on header fileSimo Sorce1-26/+19
2018-11-28CVE-2018-16853: Do not segfault if client is not setAndreas Schneider1-0/+16
2018-11-28CVE-2018-16853: The ticket in check_policy_as can actually be a TGSIsaac Boukris1-2/+6
2018-01-19mit-kdb: support MIT Kerberos 1.16 KDB API changesAlexander Bokovoy3-15/+42
2017-07-24mit-kdb: Fix NULL pointer check after mallocAndreas Schneider1-1/+1
2017-04-29s4-kdc: Use mit_samba_reget_pac() in ks_verify_pac()Andreas Schneider1-23/+27
2017-04-29s4-kdc: Use mit_samba_get_pac() in ks_get_pac()Andreas Schneider1-22/+8
2017-04-29mit-kdb: Update KDB vtable for DAL version 6Andreas Schneider4-128/+51
2017-01-12mit-kdb: Remove unneeded memset()Andreas Schneider1-2/+0
2017-01-12mit-kdb: Use calloc() to allocate memoryAndreas Schneider1-3/+1
2016-03-17mit-kdb: Add support for KDB version 8Andreas Schneider2-0/+16
2016-03-17mit-kdb: Add support for bad password countAndreas Schneider3-1/+34
2016-03-17mit-kdb: Restrict admin/changepw principal db_entry with some flagsGünther Deschner1-0/+12
2016-03-17mit-kdb: Return 0 in kdb_samba_db_put_principal()Günther Deschner1-2/+3
2016-03-17mit-kdb: Implement KDB function to change passwordsAndreas Schneider4-1/+66
2016-03-17mit-kdb: Use calloc to initialize master keylists.Günther Deschner2-2/+2
2016-03-17mit-kdb: Add ks_get_admin_principal() and use it for kadmin users.Andreas Schneider1-3/+26
2016-03-17mit-kdb: Add ks_create_principal().Andreas Schneider1-5/+100
2016-03-17mit-kdb: Do not allow to get a kadmin ticket as a client.Andreas Schneider1-0/+4
2016-03-17mit-kdb: Add more ks_is_kadmin* functions.Andreas Schneider2-0/+43
2016-03-17mit-kdb: Use calloc so both authdata elements are zeroedGünther Deschner1-1/+1
2016-03-17mit-kdb: Do not overwrite the error code in failure case.Günther Deschner1-8/+10
2016-03-17mit-kdb: Add initial MIT KDB Samba driverAndreas Schneider8-0/+1304
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-06 18:10:35 +0000