| b4c44ebb8997d3debb33607c123ccfd9926e0cba |
|
23-Sep-2015 |
Thomas Oulevey <thomas.oulevey@cern.ch> |
Fix memory leak in sssdpac_verify()
Resolves https://fedorahosted.org/sssd/ticket/2803
Reviewed-by: Sumit Bose <sbose@redhat.com> |
| 76faa85577e4f715af3b61ec01f522587ca30304 |
|
09-Mar-2015 |
Lukas Slebodnik <lslebodn@redhat.com> |
PAC: Fix memory leak
Reported by clang static analyser.
Reviewed-by: Sumit Bose <sbose@redhat.com> |
| 6e51d44a65b15c2f0491b0a8b452caac0bc00584 |
|
06-Aug-2014 |
Jakub Hrozek <jhrozek@redhat.com> |
PAC: krb5_pac_verify failures should not be fatal
As noted in the MIT KRB5 documentation, some servers send PAC with no
checksum, therefire the PAC validation should not be fatal, instead, we
should treat a failure from krb5_pac_verify as if there was no PAC at
all.
Reported on sssd-devel by Thomas Sondergaard |
| 92af6f25864b5c389b57d0f659686801b45ca58c |
|
06-Jun-2013 |
Sumit Bose <sbose@redhat.com> |
Enhance PAC responder for AD users
This patch modifies the PAC responder so that it can be used with the AD
provider as well. The main difference is that the POSIX UIDs and GIDs
are now lookup up with the help of the SID instead of being calculated
algorithmically. This was necessary because the AD provider allows
either algorithmic mapping or reading the value from attributes stored
in AD.
Fixes https://fedorahosted.org/sssd/ticket/1558 |
| 8d04d441e886907893e17f4d4c005b48128410ea |
|
10-Jul-2012 |
Sumit Bose <sbose@redhat.com> |
Remove resource leak in sssdpac_import_authdata
Fixes https://fedorahosted.org/sssd/ticket/1409 |
| 90fd1bbd6035cdab46faa3a695a2fb2be6508b17 |
|
21-Jun-2012 |
Sumit Bose <sbose@redhat.com> |
PAC client: add krb5 authdata plugin |