samba-mirror/kdc at 3aa6aa02a84a63c634c33649521ab0423fd59994 - samba-mirror - Gitea: Git with a cup of tea

IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to Administrator. User accounts are meant only to access repo and report issues and/or generate pull requests. This is a purpose-specific Git hosting for BaseALT projects. Thank you for your understanding!

Только зарегистрированные пользователи имеют доступ к сервису! Для получения аккаунта, обратитесь к администратору.

sin/samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-18 06:04:06 +03:00

History

Andrew Bartlett 491b79d445 kdc: Rotate smart-card only underlying password in 2nd half of lifetime

This is a measure to avoid multiple servers rotating the password
but means that the maximum password age really must be set to
twice the TGT lifetime, eg a default of 20 hours.  The internet
suggestions of 1 day for this feature should work fine.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>

2024-06-10 04:27:31 +00:00

..

s4:kdc: Remove support code for older versions of MIT Kerberos

2023-08-21 23:37:29 +00:00

ad_claims.c

s4:kdc: Remove unused includes

2023-12-08 02:28:33 +00:00

ad_claims.h

s4:kdc: Remove unused function get_claims_blob_for_principal()

2023-10-12 23:13:32 +00:00

authn_policy_util.c

s4:kdc: Add device to Authenticated Users for authentication policy evaluation

2023-10-24 01:59:32 +00:00

authn_policy_util.h

s4:kdc: Add parameters for claims and device info to authn_policy_authenticate_to_service()

2023-10-01 22:45:38 +00:00

db-glue.c

kdc: Rotate smart-card only underlying password in 2nd half of lifetime

2024-06-10 04:27:31 +00:00

db-glue.h

s4:libnet: Pass SDB_F_ADMIN_DATA flag through to samba_kdc_message2entry()

2024-05-22 20:33:36 +00:00

hdb-samba4-plugin.c

CVE-2022-32744 s4:kdc: Modify HDB plugin to only look up kpasswd principal

2022-07-27 10:52:36 +00:00

hdb-samba4.c

kdc: Remove confusing duplicate open of sam.ldb to find RODC status

2024-06-10 04:27:30 +00:00

kdc-glue.c

s4:kdc: Add function to get device PAC entry from Heimdal request structure

2023-10-01 22:45:38 +00:00

kdc-glue.h

kdc: Remove confusing duplicate open of sam.ldb to find RODC status

2024-06-10 04:27:30 +00:00

kdc-heimdal.c

kdc: Use a consistent, stable time throughout the Heimdal KDC

2024-06-10 04:27:30 +00:00

kdc-proxy.c

kdc: Remove confusing duplicate open of sam.ldb to find RODC status

2024-06-10 04:27:30 +00:00

kdc-proxy.h

s4-kdc: Create a kdc-proxy.h header file

2016-06-18 23:32:27 +02:00

kdc-server.c

libcli/util: add struct tstream_context to tstream_read_pdu_blob_full_fn_t

2023-10-25 22:23:38 +00:00

kdc-server.h

kdc: Remove confusing duplicate open of sam.ldb to find RODC status

2024-06-10 04:27:30 +00:00

kdc-service-mit.c

kdc: Remove confusing duplicate open of sam.ldb to find RODC status

2024-06-10 04:27:30 +00:00

kdc-service-mit.h

s4-kdc: restore MIT KDC backend

2018-11-09 17:52:30 +01:00

kpasswd_glue.c

s4:kdc: Use newer debugging macros

2023-08-08 04:39:37 +00:00

kpasswd_glue.h

kdc: Remove pre-check for existing NT and LM hash from kpasswd

2022-03-17 01:57:38 +00:00

kpasswd-helper.c

s4:dsdb: Remove unused ‘domain_dn’ parameter

2024-02-16 02:41:36 +00:00

kpasswd-helper.h

CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd tickets

2022-07-27 10:52:36 +00:00

kpasswd-service-heimdal.c

s4:kdc: Initialize local variable just in case (CID 1596759)

2024-05-16 02:11:37 +00:00

kpasswd-service-mit.c

s4:kdc: Remove unnecessary casts

2023-08-14 04:57:34 +00:00

kpasswd-service.c

s4:kdc: Add missing newlines to logging messages

2023-08-08 04:39:37 +00:00

kpasswd-service.h

s4-kdc: Add a new kpasswd service implementation

2016-09-13 00:19:25 +02:00

ktutil.c

s4:kdc: Fix code spelling

2023-08-03 15:25:01 +00:00

mit_kdc_irpc.c

kdc: Use a consistent, stable time throughout the Heimdal KDC

2024-06-10 04:27:30 +00:00

mit_kdc_irpc.h

s4-kdc: Add MIT KRB5 based irpc service for PAC validation

2017-04-29 23:31:09 +02:00

mit_samba.c

kdc: Use a consistent, stable time throughout the Heimdal KDC

2024-06-10 04:27:30 +00:00

mit_samba.h

s4:mit-samba: Pass flags to mit_samba_get_pac()

2022-04-13 12:59:30 +00:00

pac-blobs.c

s4:kdc: Make pac_blobs_remove_blob() never fail

2023-09-14 21:35:29 +00:00

pac-blobs.h

s4:kdc: Make pac_blobs_remove_blob() never fail

2023-09-14 21:35:29 +00:00

pac-glue.c

s4-auth: Use consistant externally-supplied time in auth stack

2024-06-10 04:27:30 +00:00

pac-glue.h

s4-kdc: Add "Fresh Public Key Identity" SID if PKINIT freshness used

2024-02-28 04:45:48 +00:00

samba_kdc.h

kdc: Detect (about to) expire UF_SMARTCARD_REQUIRED accounts and rotate passwords

2024-06-10 04:27:30 +00:00

sdb_to_hdb.c

s4:kdc: Remove unnecessary assignments

2023-10-01 22:45:38 +00:00

sdb_to_kdb.c

s4:kdc: Erase key data

2023-08-14 04:57:34 +00:00

sdb.c

s4:kdc: Remove unused function int2SDBFlags()

2023-10-17 03:19:38 +00:00

sdb.h

s4:kdc: Add flag to indicate the upper sixteen bits of the kvno are specified

2023-10-19 21:37:36 +00:00

wdc-samba4.c

s4:kdc: Implement KDC plugin hardware authentication policy

2024-05-16 03:14:47 +00:00

wscript_build

kdc: Detect (about to) expire UF_SMARTCARD_REQUIRED accounts and rotate passwords

2024-06-10 04:27:30 +00:00