summaryrefslogtreecommitdiff
path: root/source4/kdc
AgeCommit message (Expand)AuthorFilesLines
2023-12-08s4:kdc: Remove unused includesJoseph Sutton1-4/+0
2023-11-07s4:kdc: Don’t convey PAC buffers from an RODC‐issued PACJoseph Sutton1-1/+6
2023-11-07s4:kdc: Move return code checks closer to where the return codes are setJoseph Sutton1-4/+6
2023-11-01s4:kdc: Call kdc_request_set_e_data() instead of kdc_set_e_data()Joseph Sutton1-1/+1
2023-11-01s4:kdc: Have samba_kdc_get_device_info_blob() call samba_kdc_get_user_info_dc...Joseph Sutton1-41/+11
2023-11-01s4:kdc: Do not add Claims Valid SID twiceJoseph Sutton1-31/+3
2023-11-01s4:kdc: Add the Asserted Identity SID to the PAC only if the original RODC‐...Joseph Sutton1-7/+72
2023-11-01s4:kdc: Add Claims Valid SID to info regenerated from RODC‐issued PACsJoseph Sutton1-0/+8
2023-10-26s4:kdc: Simplify principal_comp_strcmp_int() to handle only equalityJoseph Sutton1-58/+49
2023-10-26s4:kdc: Check for overflow before calling smb_krb5_princ_component()Joseph Sutton1-0/+5
2023-10-26s4:kdc: Have principal_comp_strcmp_int() properly indicate an errorJoseph Sutton1-42/+88
2023-10-26s4:kdc: Consider a single‐component krbtgt principal to be the TGSJoseph Sutton1-1/+1
2023-10-26s4:kdc: Make use of smb_krb5_principal_is_tgs()Joseph Sutton1-2/+6
2023-10-26s4:kdc: Change signature of is_kadmin_changepw() to accommodate failure casesJoseph Sutton1-9/+31
2023-10-26s4:kdc: Have smb_krb5_principal_get_comp_string() properly indicate an errorJoseph Sutton1-30/+40
2023-10-25libcli/util: add struct tstream_context to tstream_read_pdu_blob_full_fn_tRalph Boehme2-7/+7
2023-10-25s4:kdc: Fix code spellingJoseph Sutton2-2/+2
2023-10-25s4:kdc: Add device to Authenticated Users for RBCD conditions evaluationJoseph Sutton1-0/+4
2023-10-25s4:kdc: Add device to default groups for RBCD conditions evaluationJoseph Sutton1-0/+1
2023-10-24s4:kdc: make use of tstream_bsd_fail_readv_first_error(true)Stefan Metzmacher1-0/+2
2023-10-24s4:kdc: Add device to Authenticated Users for authentication policy evaluationJoseph Sutton1-0/+4
2023-10-24s4:kdc: Add device to default groups for authentication policy evaluationJoseph Sutton1-0/+1
2023-10-19s4:kdc: Permit RODC‐issued evidence tickets for constrained delegationJoseph Sutton1-10/+2
2023-10-19s4:kdc: Add flag to indicate the upper sixteen bits of the kvno are specifiedJoseph Sutton2-2/+3
2023-10-19s4:kdc: Use HDB flag constants instead of SDB onesJoseph Sutton1-1/+1
2023-10-19s4:kdc: Always regard device info when the client performs RBCDJoseph Sutton1-1/+2
2023-10-17s4:kdc: Remove unused function int2SDBFlags()Joseph Sutton2-29/+0
2023-10-17s4:kdc: Explicitly initialize SDBFlags structuresJoseph Sutton1-2/+2
2023-10-17s4:kdc: Make ‘struct user_info_dc’ members constJoseph Sutton2-4/+7
2023-10-16s4:kdc: fix user2user tgs-requests for normal user accountsStefan Metzmacher2-4/+30
2023-10-13s4:kdc: Always regard device info when checking a server authentication policyJoseph Sutton1-1/+1
2023-10-12s4:kdc: Use claims to evaluate RBCD conditionsJoseph Sutton1-1/+20
2023-10-12s4:kdc: Use device info to evaluate RBCD conditionsJoseph Sutton1-1/+30
2023-10-12s4:kdc: Pass claims and device info into samba_kdc_check_s4u2proxy_rbcd()Joseph Sutton4-2/+10
2023-10-12s4:kdc: Rename ‘user_info_dc’ to ‘client_info’Joseph Sutton1-3/+3
2023-10-12s4:kdc: Call samba_kdc_get_user_info_dc() to get client informationJoseph Sutton1-9/+19
2023-10-12s4:kdc: Add comment regarding RODC‐issued evidence tickets for constrained ...Joseph Sutton1-0/+6
2023-10-12s4:kdc: Factor creation of user_info_dc out of samba_kdc_check_s4u2proxy_rbcd...Joseph Sutton4-19/+49
2023-10-12s4:kdc: Adapt interface to new Heimdal revisionJoseph Sutton2-12/+9
2023-10-12s4:kdc: Use claims and device info to evaluate server authentication policyJoseph Sutton1-5/+50
2023-10-12s4:kdc: Make samba_kdc_get_user_info_dc() non‐staticJoseph Sutton2-6/+13
2023-10-12s4:kdc: Use ‘claims_data’ functions to create client claims blobJoseph Sutton1-10/+19
2023-10-12s4:kdc: Use device claims to evaluate client authentication policyJoseph Sutton1-1/+15
2023-10-12s4:kdc: Use claims and device info to evaluate server authentication policyJoseph Sutton1-5/+32
2023-10-12s4:kdc: Have samba_kdc_allowed_to_authenticate_to() take claims and device infoJoseph Sutton3-2/+10
2023-10-12s4:kdc: Fetch device claims for server restrictionsJoseph Sutton1-31/+32
2023-10-12s4:kdc: Do not perform compound authentication for services without Compound ...Joseph Sutton1-1/+2
2023-10-12s4:kdc: Make samba_kdc_add_compounded_auth() staticJoseph Sutton2-3/+1
2023-10-12s4:kdc: Remove ‘compounded_auth’ parameter from samba_kdc_add_compounded_...Joseph Sutton2-26/+9
2023-10-12s4:kdc: Change the type of ‘compounded_auth’ to booleanAndrew Bartlett1-29/+30
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 05:23:10 +0000