summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:tls Enable GnuTLS back to version 1.4 (an into the future)Andrew Bartlett2009-07-281-1/+1
| | | | | | We think we have the bug fixed. Andrew Bartlett
* s4:kerberos Add support for user principal names in certificatesAndrew Bartlett2009-07-286-34/+123
| | | | | | | | | | | | | | This extends the PKINIT code in Heimdal to ask the HDB layer if the User Principal Name name in the certificate is an alias (perhaps just by case change) of the name given in the AS-REQ. (This was a TODO in the Heimdal KDC) The testsuite is extended to test this behaviour, and the other PKINIT certficate (using the standard method to specify a principal name in a certificate) is updated to use a Administrator (not administrator). (This fixes the kinit test). Andrew Bartlett
* s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett2009-07-2815-38/+418
| | | | | | | | | | | | It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
* Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption"Stefan Metzmacher2009-07-2710-361/+8
| | | | | | | | | | This reverts commit a40ce5d0d9d06f592a8885162bbaf644006b9f0f. This breaks the build... Andrew, please repush it, when it's fixed:-) metze
* s4:kerberos Add test to show that we actually export the keytabAndrew Bartlett2009-07-271-0/+1
| | | | | | | | | | While it is hard to prove it is correct, at least the new 'nettestuser' principal and the Administrator principal are correct. We had to fix the case of 'Administrator' in the selftest code to match the DB, as the keytab lookup is case sensitive. Andrew Bartlett
* s4:kerberos Add 'net export keytab' command for wireshark decryptionAndrew Bartlett2009-07-2710-8/+361
| | | | | | | | | | | | It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett
* s4:kdc Push context to hdb_samba4 by way of the 'name' of the DBAndrew Bartlett2009-07-276-29/+39
| | | | | | | | | | | This overloads the 'name' part of the keytab name to supply a context pointer, and so avoids 3 global variables! To do this, we had to stop putting the entry for kpasswd into the secrets.ldb. (I don't consider this a big loss, and any entry left there by an upgrade will be harmless). Andrew Bartlett
* s4:setup add 'cn' attribute to Samba4 local schemaAndrew Bartlett2009-07-271-0/+4
| | | | (We recently made the ms_schema.py script also add this attribute)
* s4:heimdal Extend the 'hdb as a keytab' codeAndrew Bartlett2009-07-271-4/+145
| | | | | | | | | | | | This extends the hdb_keytab code to allow enumeration of all the keys. The plan is to allow ktutil's copy command to copy from Samba4's hdb_samba4 into a file-based keytab used in wireshark. One day, with a few more hacks, we might even make this a loadable module that can be used directly... Andrew Bartlett
* s4:kdc Tidy up hdb_samba4 some moreAndrew Bartlett2009-07-275-63/+90
| | | | | | | | | This removes the last use of the prefix hdb_ldb and makes it clear that we pass in 3 global variables to get state information into hdb_samba4 when used as a keytab. (And that they belong to hdb_samba4, not to the KDC) Andrew Bartlett
* s4:gensec_gssapi: pass the correct oid to the gssapi layer.Stefan Metzmacher2009-07-241-4/+11
| | | | metze
* s4:gensec/spengo: make sure we send the blob with the micListMech signature ↵Stefan Metzmacher2009-07-241-1/+1
| | | | | | | | to the peer We should even do this if the submech has no more data to send. metze
* s4:ldb: add support for the new Recycle Bin Feature LDAP controlsStefan Metzmacher2009-07-232-0/+68
| | | | | | | LDB_CONTROL_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064 LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065 metze
* s4:libcli/ldap: add support for new Recycle Bin Feature LDAP ControlsStefan Metzmacher2009-07-231-0/+40
| | | | | | | LDAP_SERVER_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064 LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065 metze
* [SAMBA 4 / NETLOGON] Modify type of SAM contextsMatthias Dieter Wallnöfer2009-07-231-9/+7
| | | | | | | | | | In the SAMBA 4 DCE/RPC NETLOGON server the SAM context references have generally the type "void *". But we know that those context objects are based on the "struct ldb_context" type. We've always to cast for using a SAM/LDB call. This I didn't find very appealing and so I assigned the right (detailed) type to each "sam_ctx". Therefore, the casts could disappear. Also this change is only cosmetic.
* frstrans.idl: add new DFS-R FrsTransport interface with dummy functionsStefan Metzmacher2009-07-221-1/+8
| | | | metze
* s4:provision Fix provision on FreeBSDAndrew Bartlett2009-07-221-0/+1
| | | | | | | | | | We were missing the 'cn' attribute, which we then prepare a sorted list based on. On Linux, strcmp(NULL, NULL) does not segfault, where it does on FreeBSD. Reported by Timur I. Bakeyev <timur@com.bat.ru> Andrew Bartlett
* frsrpc.idl: make the chunk array in frsrpc_CommPktChunkCtr dynamicStefan Metzmacher2009-07-211-1/+1
| | | | | | | | We add an extra num_chunks to the frsrpc_CommPktChunkCtr structure and use hand modified ndr_push/pull functions to let it not appear on the wire. metze
* frsapi.idl: fix some unknown field namesStefan Metzmacher2009-07-211-9/+9
| | | | metze
* Re-add accidently removed shares test.Jelmer Vernooij2009-07-201-0/+74
|
* s4:kdc Add in a simple check for constrained delegation to selfAndrew Bartlett2009-07-201-1/+70
| | | | | | | | | | To do this properly, we must use the PAC, but for now this is enough to check that we are delegating to another name on the same host (which must be safe). (Windows 7 does this a lot, also noted in bug 6273) Andrew Bartlett
* [SAMBA 4 directory] Refactoring and clean up of directory structureMatthias Dieter Wallnöfer2009-07-209-81/+167
| | | | | | | | - Adds more system objects which make sense to have them in SAMBA 4 also to have them when we add more and more services related to the directory (volume support, DFS, replication service, COM...) - Make sure that "isCriticalSystemObject" and "showInAdvancedViewOnly" attributes are set correctly on each object
* Remove unnecessary imports.Jelmer Vernooij2009-07-196-14/+9
|
* Merge branch 'master' of git://git.samba.org/sambaJelmer Vernooij2009-07-1914-193/+79
|\
| * Include ntsvc NDR in libndr-standard.Jelmer Vernooij2009-07-191-8/+5
| |
| * Remove unused variable.Jelmer Vernooij2009-07-191-1/+0
| |
| * source4/lib/registry/patchfile.c(reg_diff_load): fixed possible resource leak.Slava Semushin2009-07-191-0/+1
| | | | | | | | | | | | | | | | File descriptor leaks when write(2) fails and we are returning from function. Found by cppcheck: [./source4/lib/registry/patchfile.c:319]: (error) Resource leak: fd
| * Fix typoMatthias Dieter Wallnöfer2009-07-191-1/+1
| |
| * [SAMBA 4] Some cosmetic changes for the LDB modulesMatthias Dieter Wallnöfer2009-07-192-12/+12
| | | | | | | | Some corrections which make the code a bit more readable (no functional changes here)
| * Cosmetic correctionMatthias Dieter Wallnöfer2009-07-191-1/+1
| | | | | | | | | | Changes the order of two commands. First set up the "priv" structure, then assign it to the "ntvfs" structure.
| * Merge more ndr interfaces into libndr-standard.Jelmer Vernooij2009-07-192-59/+23
| |
| * librpc: Integrate some subsystems now part of libndr-standard and integrate ↵Jelmer Vernooij2009-07-191-30/+14
| | | | | | | | ndr_dfs in libndr-standard.
| * Add missing includes.Jelmer Vernooij2009-07-192-0/+2
| |
| * Create libndr-standard, which includes the NDR marshalling code forJelmer Vernooij2009-07-193-19/+30
| | | | | | | | the "standard" set of DCE/RPC interfaces found on Windows.
| * Remove unnecessary include, update README.Jelmer Vernooij2009-07-192-4/+0
| |
| * Remove outdated status file about samba3 -> samba4 upgrade project.Jelmer Vernooij2009-07-191-68/+0
| |
* | provision: Remove unused imports.Jelmer Vernooij2009-07-191-4/+0
|/
* python: Set right ldb modules directory when using system ldb.Jelmer Vernooij2009-07-181-0/+2
|
* Actually fill in ldb modules directory.Jelmer Vernooij2009-07-181-1/+1
|
* Remove pyldb_util and simply duplicate the 5-line function it contains,Jelmer Vernooij2009-07-186-53/+21
| | | | rather than creating a separate shared library for it.
* ldb: Display SHLD_FLAGS when building.Jelmer Vernooij2009-07-181-0/+1
|
* s4-spoolss: fix the build after OsVersion changes.Günther Deschner2009-07-171-3/+6
| | | | Guenther
* Revert "s4:heimdal_build: predefine GSSAPI_DEPRECATED depending on the ↵Andrew Bartlett2009-07-171-8/+0
| | | | | | | | compiler version" This is now handled correctly in the newly imported Heimdal This reverts commit 4a754d029b0eb229b23980aa4a80dae2b485a302.
* s4:heimdal: import lorikeet-heimdal-200907162216 (commit ↵Andrew Bartlett2009-07-176-23/+60
| | | | | | | | | | | d09910d6803aad96b52ee626327ee55b14ea0de8) This includes in particular changes to the KDC to resolve bug 6272, originally by Matthieu Patou <mat+Informatique.Samba@matws.net>. We need to sort the AuthorizationData elements to put the PAC first, or else WinXP breaks when browsed from Win2k8. Andrew Bartlett
* s4:kdc Rework KDC to pull in less attributes for krbtgt lookupsAndrew Bartlett2009-07-173-31/+62
| | | | | | | | | Each attribute we request from LDB comes with a small cost, so don't lookup any more than we must for the (very) frequent krbtgt lookup case. Similarly, we don't need to build a PAC for a server (as a target), so don't ask for the PAC attributes here either. Andrew Bartlett
* s4:kdc rename functions from LDB_ to hdb_samba4Andrew Bartlett2009-07-171-71/+71
| | | | | | | The LDB_ prefix is misleading, and stomps on the LDB namespace. This is a Samba4 hdb module, and not something generic. Andrew Bartlett
* Revert "fix LSA-PRIVILEGES"Günther Deschner2009-07-171-3/+2
| | | | This reverts commit 0d9fdbceedddb08dbea8ed84e06a218d3ec562f4.
* Revert "fix LSA-TRUSTED-DOMAINS"Günther Deschner2009-07-171-3/+2
| | | | This reverts commit 3c9b26276083002124674678ac757e859fb6b20e.
* s4-smbtorture: use secinfo flags instead of numbers in lsa test.Günther Deschner2009-07-171-1/+3
| | | | Guenther
* s4:heimdal_build: predefine GSSAPI_DEPRECATED depending on the compiler versionStefan Metzmacher2009-07-161-0/+8
| | | | | | | | | | Otherwise heimdal/lib/gssapi/gssapi/gssapi.h will just define it to __attribute__ ((deprecated)) which is not supported by all compilers we care about. This should fix the build on Tru64 metze
generated by cgit (git 2.34.1) at 2025-09-26 09:12:21 +0000