summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys workStefan Metzmacher2008-07-281-3/+3
| | | | | | | | SMB signing with aes doesn't work, but still works with arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc. metze (This used to be commit 73964f069056f46f2f27fc690e42e5c91ae1fe19)
* libcli/smb2: the session key for SMB2 signing is truncated to 16 bytesStefan Metzmacher2008-07-282-7/+6
| | | | | | | | To make that work (as a client) with aes128 and aes256 krb5 keys we need to use gsskrb5_get_subkey(). metze (This used to be commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906)
* smb2srv: sign SMB2 Logoff repliesStefan Metzmacher2008-07-281-3/+17
| | | | | metze (This used to be commit 2844e361730a6bc640ea89d0e10059deca1ca867)
* smb2srv: correctly hold the signing state per sessionStefan Metzmacher2008-07-284-13/+31
| | | | | metze (This used to be commit 5b3ba3f3556e8031133128853cd2324ee3852aa1)
* libcli/smb2: fix per session signing stateStefan Metzmacher2008-07-284-17/+12
| | | | | metze (This used to be commit 8bc12dc77a59e792830d96e84a4e8d1b2c651505)
* SMB2-CONNECT: remove reference to req->session before calling ↵Stefan Metzmacher2008-07-281-1/+10
| | | | | | | smb2_logoff_recv() on the invalid session metze (This used to be commit 93203e8e318dd10b9e7096e586187eb271d42134)
* libcli/smb2: sign SMB2 Logoff requestsStefan Metzmacher2008-07-281-0/+2
| | | | | metze (This used to be commit 35ee165b146b9157b0cff49e1139a0cb37d98926)
* We don't use EXTENSIBLEOBJECT any more.Andrew Bartlett2008-07-281-3/+0
| | | | (This used to be commit 4b137085c8b89773d4639372bbffd516a41dfc8f)
* Make it even clearer what to do next in the LDAP backend setupAndrew Bartlett2008-07-281-1/+5
| | | | (This used to be commit bace931ad674b5071d53bf9c99c383f1d8957e1b)
* Always print the slapd startup commandAndrew Bartlett2008-07-281-1/+2
| | | | (This used to be commit b1d05e7d14c65133e8ab0ff9d41a26fa7e3d41d3)
* Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett2008-07-281-1/+11
|\ | | | | | | (This used to be commit 486891bb5167034e54b7477ba09e8f5f914b93e4)
| * auth/credentials: explain why we need to the enctypes for the gssapi layerStefan Metzmacher2008-07-281-1/+11
| | | | | | | | | | metze (This used to be commit 88970c4d4192635544cf63e79e929e9bb05ecb5f)
* | Remove unused variableAndrew Bartlett2008-07-281-1/+0
| | | | | | | | (This used to be commit 31a303c099e26423160010c48b305434d4cbea25)
* | Remove unused function and make sensitive directories private.Andrew Bartlett2008-07-281-22/+2
| | | | | | | | (This used to be commit e23333d16397606d38e90684d2d916b5b967cde4)
* | Fix warnings in new prefixMap codeAndrew Bartlett2008-07-281-2/+3
|/ | | | (This used to be commit b8770a4fd8408473593fa4c6600bce056183958d)
* Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpageJelmer Vernooij2008-07-2736-336/+1314
|\ | | | | | | (This used to be commit 7e90cc197c4fb2884f368cd72f391d0d8016fb96)
| * gensec_gssapi: add support for signing RPC messagesStefan Metzmacher2008-07-261-35/+12
| | | | | | | | | | metze (This used to be commit dc2847c0acb0adaede4db72a7517046b93221162)
| * lib/ldb/tools: allow -W and --realm when build from samba4Stefan Metzmacher2008-07-261-0/+1
| | | | | | | | | | metze (This used to be commit 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9)
| * auth/credentials: use the same enctypes when getting a TGT and a TGSStefan Metzmacher2008-07-261-0/+23
| | | | | | | | | | metze (This used to be commit 9fc5750156467f579ea8d7755987d091f5b579c2)
| * dsdb: add a comment about the parameter to DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OIDStefan Metzmacher2008-07-261-0/+4
| | | | | | | | | | metze (This used to be commit 2f06fbe06be2e1b77ea013ddba853ce819e58e88)
| * dsdb/schema: make more clear where we create the value for the new prefix ↵Stefan Metzmacher2008-07-261-0/+6
| | | | | | | | | | | | | | mapping metze (This used to be commit c92eb8b776c17f12622837daeb1786862f380269)
| * dsdb/schema: dsdb_write_prefixes_to_ldb() should do the reverse of ↵Stefan Metzmacher2008-07-261-52/+44
| | | | | | | | | | | | | | dsdb_read_prefixes_to_ldb() metze (This used to be commit 34ea9d4a0b1270a27412bf939d7e897a5d68d0a6)
| * dcerpc.idl: add DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN flagStefan Metzmacher2008-07-261-0/+1
| | | | | | | | | | metze (This used to be commit 131a1cfdc9a1228d9263c77bcd31b05d2946fd50)
| * mamachinepw: add better error handlingStefan Metzmacher2008-07-261-4/+20
| | | | | | | | | | metze (This used to be commit 7ac424137f62ceacf44e477f4e3805267013005b)
| * Add "mymachinepw" to fetch our machine password out of secrets.ldbVolker Lendecke2008-07-261-0/+45
| | | | | | | | (This used to be commit 4fbe16deb0e06e145f643568a699b80b431d4f42)
| * smbtorture: add --extra-user optionStefan Metzmacher2008-07-261-1/+13
| | | | | | | | | | | | | | | | This can we used to pass additional credentials to torture tests (it can be used multiple times. metze (This used to be commit 4d80dbfac27659046e0986a2af3d06999e2cb2f2)
| * Define HAVE_ASM_BYTEORDER at all timesBrad Hards2008-07-251-2/+4
| | | | | | | | (This used to be commit 396ea14732d667960091f4a2570341059914ecb6)
| * Make a new define to ensure the accoc_group_id we use is always in common.Andrew Bartlett2008-07-251-2/+4
| | | | | | | | (This used to be commit b62490e3e21b606b66e0737a403b0d170b64cddd)
| * Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett2008-07-2524-290/+1140
| |\ | | | | | | | | | (This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
| | * hdb-ldb: fix the callers after drsblobs.idl changesStefan Metzmacher2008-07-241-45/+30
| | | | | | | | | | | | | | | metze (This used to be commit 1223cd17c79d130b46b0e0ccb0f6011c92441173)
| | * password_hash: fix the callers after drsblobs.idl changesStefan Metzmacher2008-07-241-33/+41
| | | | | | | | | | | | | | | metze (This used to be commit fac7c79afae05a88ecc2a63c8eb9f2fd53ab7ce6)
| | * drsblobs.idl: unify the Primary:Kerberos and Primary:Kerberos-Newer-Keys structsStefan Metzmacher2008-07-241-29/+18
| | | | | | | | | | | | | | | metze (This used to be commit 4b79a7678571ac2f7d5f827913fdcb419f5d2e20)
| | * drsblobs.idl: give some unknowns a meaningStefan Metzmacher2008-07-241-9/+11
| | | | | | | | | | | | | | | metze (This used to be commit 231e6f5ab2dc8a3e991a9872be252cffff6f14c6)
| | * Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell2008-07-2438-387/+1326
| | |\ | | | | | | | | | | | | (This used to be commit 24309dbf4d9622fcfafa29ef98bc0459fdaa814b)
| | | * dsdb_create_prefix_mapping() implementation checks for existing prefix ↵Anatoliy Atanasov2008-07-241-36/+257
| | | | | | | | | | | | | | | | | | | | | | | | | | | | maping in ldb. if one not found it creates a mapping for it and updates the prefixMap schema attribute in ldb. (This used to be commit bbe895db7144b192981fad9ab6bbd3ebacb8d299)
| | | * Handle schema reloading request.Anatoliy Atanasov2008-07-244-4/+158
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ldif for that operation looks like this: dn: changetype: Modify add: schemaUpdateNow schemaUpdateNow: 1 It uses the rootdse's object functional attribute schemaUpdateNow. In rootdse_modify() this command is being recognized and it is send as extended operation with DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID. In the partition module its dispatched to the schema_fsmo module. The request is processed in the schema_fsmo module by schema_fsmo_extended(). (This used to be commit 39f9184ddf215f2b512319211c0a05702218ef87)
| | | * libnet_become_dc: send msDS_Behavior_Version == 3 (win2k8) in DsAddEntryMichael Adam2008-07-232-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of version 2 (win2k3). This makes the NET-API-BECOME-DC test work against windows 2003 and 2008. Michael (This used to be commit a7bfa1fb1bc6fb8e412990b7ff4c3ce9bc55099d)
| | | * libnet_become_cd: add boolean option "become_dc:force krb5" to control krb5 ↵Michael Adam2008-07-231-10/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | auth. This allows controlling whether krb5 auth is forced for the rpc bind in libnet_become_dc. It defaults to "yes". For Windows 2000, DsGetNCChanges only krb5 auth works due to a bug in Windows (it returns garbage - a positive object count is returned along with first object == NULL). For Windows 2008, on the other hand, krb5 auth does not work currently due to the lack of support for AES keys. (Metze is working on that.) Michael (This used to be commit af85aad8147b85a0b9ea2ccc66b8f04efdfe5cf3)
| | | * drsuapi: always set the pid field of the outgoing DsBindInfo to 0.Michael Adam2008-07-233-8/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael (This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
| | | * libnet_unbecome_dc: teach unbecomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam2008-07-231-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | ..to work agains w2k8. Michael (This used to be commit 97e8d5813df19cae294b6de2a880606f0f8c2c59)
| | | * libnet_become_cd: teach becomeDC_drsuapi_bind_recv() DsBindInfo48.Michael Adam2008-07-231-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | To work with w2k8. Michael (This used to be commit 7d80fab912576923c7474d77b8ed960b01296914)
| | | * dsdb: teach dreplsrv_out_drsuapi_bind_recv() knowledge of DsBindInfo48.Michael Adam2008-07-231-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | To make it work against w2k8. Michael (This used to be commit a8aea9274170a2b472c45c97a4904bd299d2a92e)
| | | * password_hash: add generation of the Primary:Kerberos-Newer-Keys blobStefan Metzmacher2008-07-231-3/+216
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | But it's still of by default until we now what triggers this generation. It could be that the value is always generated but the KDC only uses it when in a specific funtional level, but it could also be that it's only generated in a specific functional level. metze (This used to be commit 08618bbd508ede0bb9e1922fae562cffdca41cbd)
| | | * hdb-ldb: try to find Primary:Kerberos-Newer-Keys and fallback to ↵Stefan Metzmacher2008-07-231-16/+114
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Primary:Kerberos Now provide AES tickets if we find the keys in the supplementalCredentials attribute metze (This used to be commit 8300259f103f8cfe014988fad0f7ee0d49bb1ac2)
| | | * drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in ↵Stefan Metzmacher2008-07-231-0/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | supplementalCredentials metze (This used to be commit 97b7901afbccc9647ad2958d4cf12300de2655d1)
| | | * password_hash: order the supplementalCredentials Packages in the same order ↵Stefan Metzmacher2008-07-231-13/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | like windows metze (This used to be commit ca9cd81a1798fb15195566422b3cad7c282fce89)
| | | * password_hash: split the generation of krb5 keys into a different functionStefan Metzmacher2008-07-231-92/+69
| | | | | | | | | | | | | | | | | | | | metze (This used to be commit 4ad73a0bf8952783d3d9a7339c0c4fd8ca28981a)
| | | * password_hash: simplify the logic if we have cleartext we always generate ↵Stefan Metzmacher2008-07-231-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | the hashes metze (This used to be commit 5edff84429ef0d03b47a438e18861d26c97e17b6)
| | | * password_hash: fix callers after idl change for package_PrimaryKerberosStefan Metzmacher2008-07-231-7/+0
| | | | | | | | | | | | | | | | | | | | metze (This used to be commit 1bf552856f3a930c4716ceb73d9ba9adf7502d3d)
| | | * drsblobs.idl: fix unknowns in package_PrimaryKerberos idlStefan Metzmacher2008-07-231-6/+8
| | | | | | | | | | | | | | | | | | | | metze (This used to be commit da9ceb2bf17f964334d9317829d40483e2c04b10)
generated by cgit (git 2.34.1) at 2025-09-25 21:09:58 +0000