IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
c2e79fa0b64be5d51d3ef0e70bb8671cbe803657
freeipa/daemons/ipa-kdb
History
Alexander Bokovoy a1be4fc863 KDB: support external IdP configuration 
When IdP configuration is provided, take it into account:

 - idp-specific Kerberos ticket policy would be applied

 - Presence of IdP link in a Kerberos principal entry would cause KDB to
   enable `idp` pre-authentication method on KDC side.

The latter requires additional pre-authentication method supplied with
SSSD 2.7.0.

Fixes: https://pagure.io/freeipa/issue/8804

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Signed-off-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-By: Francisco Trivino <ftrivino@redhat.com>
Reviewed-By: Sumit Bose <sbose@redhat.com>
2022-05-10 15:52:41 +03:00
..
tests
ipa-kdb: store SID in the principal entry
2021-11-10 15:00:27 -05:00
ipa_kdb_audit_as.c
ipa-kdb: fix compiler warnings
2021-03-01 10:44:25 -05:00
ipa_kdb_certauth.c
ipa-kdb: reformat ipa_kdb_certauth
2021-03-01 10:44:25 -05:00
ipa_kdb_common.c
ipa-kdb: handle dates up to 2106-02-07 06:28:16
2020-12-18 20:38:40 +02:00
ipa_kdb_delegation.c
ipa-kdb: use entry DN to compare aliased entries in S4U operations
2021-11-10 15:00:27 -05:00
ipa_kdb_kdcpolicy.c
KDB: support external IdP configuration
2022-05-10 15:52:41 +03:00
ipa_kdb_mkey.c
ipa-kdb: Get/Store Master Key directly from LDAP
2011-08-26 08:24:49 -04:00
ipa_kdb_mspac_private.h
ipa-kdb: refactor KDB driver to prepare for KDB version 9
2022-01-24 17:38:24 -05:00
ipa_kdb_mspac_v6.c
ipa-kdb: refactor KDB driver to prepare for KDB version 9
2022-01-24 17:38:24 -05:00
ipa_kdb_mspac_v9.c
ipa-kdb: refactor KDB driver to prepare for KDB version 9
2022-01-24 17:38:24 -05:00
ipa_kdb_mspac.c
ipa-kdb: refactor KDB driver to prepare for KDB version 9
2022-01-24 17:38:24 -05:00
ipa_kdb_passwords.c
Add missing break statement to password quality switch
2021-01-15 10:01:28 +01:00
ipa_kdb_principals.c
KDB: support external IdP configuration
2022-05-10 15:52:41 +03:00
ipa_kdb_pwdpolicy.c
ipa-kdb: fix compiler warnings
2021-03-01 10:44:25 -05:00
ipa_kdb.c
KDB: support external IdP configuration
2022-05-10 15:52:41 +03:00
ipa_kdb.exports
Add a skeleton kdcpolicy plugin
2019-09-10 12:33:21 +03:00
ipa_kdb.h
KDB: support external IdP configuration
2022-05-10 15:52:41 +03:00
ipa-print-pac.c
Fix use of comparison functions to avoid GCC bug 95189
2021-11-23 10:31:34 +01:00
Makefile.am
ipa-kdb: fix make check
2022-03-29 14:01:29 -04:00
README
Make the coding style explicit
2020-01-15 10:00:08 +01:00
README.s4u2proxy.txt
Fix s4u2proxy README and add warning
2015-06-08 14:37:29 -04:00

README 

This is the ipa krb5kdc database backend.

As the KDB interfaces heavily with krb5, we inherit its code style as well.
However, note the following changes:

- no modelines (and different file preamble)
- return types don't require their own line
- single-statement blocks may optionally be braced
- /* and */ do not ever get their own line
- C99 for-loops are permitted (and encouraged)
- a restricted set of other C99 features are permitted

In particular, variable-length arrays, flexible array members, compound
literals, universal character names, and //-style comments are not permitted.

Use of regular malloc/free is preferred over talloc for new code.

By and large, existing code mostly conforms to these requirements.  New code
must conform to them.