summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc/krb5tgs.c
Commit message (Expand)AuthorAgeFilesLines
* HEIMDAL: move code from source4/heimdal* to third_party/heimdal*Stefan Metzmacher2022-01-191-2641/+0
* s4:heimdal: import lorikeet-heimdal-202201172009 (commit 5a0b45cd723628b3690e...Stefan Metzmacher2022-01-191-699/+1034
* heimdal:kdc: Do not generate extra PAC buffers for S4U2Self service ticketJoseph Sutton2021-11-301-1/+2
* heimdal:kdc: Always generate a PAC for S4U2SelfJoseph Sutton2021-11-301-6/+7
* heimdal:kdc: Adjust no-PAC error code to match WindowsJoseph Sutton2021-11-301-1/+1
* heimdal:kdc: Fix error message for user-to-userJoseph Sutton2021-11-301-1/+1
* CVE-2020-25719 heimdal:kdc: Require PAC to be presentJoseph Sutton2021-11-091-1/+4
* CVE-2020-25719 heimdal:kdc: Verify PAC in TGT provided for user-to-user authe...Joseph Sutton2021-11-091-5/+28
* CVE-2020-25719 heimdal:kdc: Check name in request against name in user-to-use...Joseph Sutton2021-11-091-1/+55
* CVE-2020-25719 heimdal:kdc: Use sname from request rather than user-to-user T...Joseph Sutton2021-11-091-58/+55
* CVE-2020-25719 heimdal:kdc: Move fetching krbtgt entry to before enctype sele...Joseph Sutton2021-11-091-35/+35
* CVE-2020-25719 heimdal:kdc: Check return codeJoseph Sutton2021-11-091-1/+4
* CVE-2020-25719 kdc: Avoid races and multiple DB lookups in s4u2self checkAndrew Bartlett2021-11-091-8/+18
* CVE-2020-25719 s4:kdc: Add KDC support for PAC_ATTRIBUTES_INFO PAC bufferJoseph Sutton2021-11-091-1/+1
* HEIMDAL:kdc: Fix transit path validation CVE-2017-6594Viktor Dukhovni2021-10-201-3/+10
* heimdal:kdc: Fix ticket signing without a PACJoseph Sutton2021-10-171-2/+4
* krb5: allow NULL parameter to krb5_pac_free()Isaac Boukris2021-10-141-2/+1
* kdc: sign ticket using Windows PACIsaac Boukris2021-10-141-167/+187
* kdc: remove KRB5SignedPath, to be replaced with PACIsaac Boukris2021-10-141-297/+0
* CVE-2021-3671 HEIMDAL kdc: validate sname in TGS-REQLuke Howard2021-09-021-0/+4
* heimdal: apply disallow-forwardable on server in TGS requestIsaac Boukris2020-06-121-0/+6
* kdc: allow checksum of PA-FOR-USER to be HMAC_MD5Isaac Boukris2020-06-111-6/+23
* CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2SelfIsaac Boukris2019-12-101-22/+36
* CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksumIsaac Boukris2019-05-141-0/+7
* HEIMDAL:kdc: make it possible to disable the principal based referral detectionStefan Metzmacher2017-03-101-1/+3
* HEIMDAL:kdc: add krb5plugin_windc_pac_pk_generate() hookStefan Metzmacher2016-07-221-1/+1
* heimdal make kvno unisgned internallyUri Simchoni2016-05-241-2/+15
* heimdal:kdc: add support for HDB_ERR_WRONG_REALMStefan Metzmacher2015-07-081-0/+26
* heimdal:kdc: generic support for 3part servicePrincipalNamesStefan Metzmacher2015-07-081-3/+2
* heimdal: remove checking of KDC PAC signature, delegate to wdc pluginAndrew Bartlett2012-01-121-12/+2
* heimdal: handle referrals for 3 part DRSUAPI SPNsAndrew Tridgell2011-10-041-1/+18
* heimdal: Try to handle the PAC checking when we are in a cross-realm environmentAndrew Bartlett2011-09-051-1/+10
* s4:heimdal: import lorikeet-heimdal-201107241840 (commit 0fdf11fa3cdb47df9f53...Stefan Metzmacher2011-07-261-4/+8
* s4:heimdal: import lorikeet-heimdal-201107150856 (commit 48936803fae4a2fb362c...Stefan Metzmacher2011-07-151-46/+58
* s4:kdc: generate the S4U_DELEGATION_INFO in the regenerated pacStefan Metzmacher2011-06-281-4/+2
* HEIMDAL:kdc: pass down the delegated_proxy_principal to the verify_pac()Stefan Metzmacher2011-06-281-14/+31
* HEIMDAL:kdc: don't allow self delegation if a backend check_constrained_deleg...Stefan Metzmacher2011-06-241-4/+4
* HEIMDAL:kdc: pass down the server hdb_entry_ex to check_constrained_delegation()Stefan Metzmacher2011-06-241-5/+19
* HEIMDAL:kdc: use the correct client realm in the EncTicketPartStefan Metzmacher2011-06-241-1/+1
* HEIMDAL:kdc: check and regenerate the PAC in the s4u2proxy caseStefan Metzmacher2011-05-181-13/+38
* HEIMDAL:kdc: pass the correct principal name for the resulting service ticketStefan Metzmacher2011-05-181-38/+36
* HEIMDAL:kdc: let check_PAC() to verify the incoming server and krbtgt cheksumsStefan Metzmacher2011-05-181-4/+7
* HEIMDAL:kdc: correctly propagate HDB_ERR_NOT_FOUND_HERE to via tgs_parse_requ...Stefan Metzmacher2011-03-041-0/+5
* heimdal Build ticket with the canonical server nameAndrew Bartlett2010-11-161-1/+1
* heimdal Fetch the client before the PAC check, but after obtaining krbtgt_outAndrew Bartlett2010-11-151-31/+30
* heimdal Fix handling of backwards cross-realm detection for Samba4Andrew Bartlett2010-11-151-18/+48
* heimdal Return HDB_ERR_NOT_FOUND_HERE to the callerAndrew Bartlett2010-11-121-5/+22
* s4:heimdal: import lorikeet-heimdal-201010022046 (commit 1bea031b9404b14114b0...Andrew Bartlett2010-10-031-4/+4
* s4:heimdal: import lorikeet-heimdal-201009250123 (commit 42cabfb5b683dbcb97d5...Matthieu Patou2010-10-031-9/+19
* heimdal use returned server entry from HDB to compare realmsAndrew Bartlett2010-10-021-1/+1
View Lorry Controller Status