summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
...
* auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksumAndrew Bartlett2012-01-121-1/+1
|
* s4-kdc Do the KDC PAC checksum validation in the Samba pluginAndrew Bartlett2012-01-126-44/+152
| | | | | | | Here we can fetch the right key, and check if the PAC is likely to be signed by a key that we know. We cannot check the KDC signature on incoming trusts. Andrew Bartlett
* s4-kdc: use IDL constant NETLOGON_GENERIC_KRB5_PAC_VALIDATEAndrew Bartlett2012-01-121-1/+1
|
* samba-tool:dns: DNS names are case insensitiveAmitay Isaacs2012-01-121-3/+3
| | | | | Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Thu Jan 12 06:43:01 CET 2012 on sn-devel-104
* s4-rpc:dnsserver: DNS names are case insensitiveAmitay Isaacs2012-01-123-17/+17
|
* s4:auth: Make sure to check the optional auth_context hooks before using themAndrew Bartlett2012-01-111-18/+26
| | | | | | | | | | | | These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
* gensec: Rename want_flags and got_flags in gensec_gssapiAndrew Bartlett2012-01-111-26/+26
| | | | | | | | This make it clearer what type of flags these are. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: make gensec_gssapi.h commonAndrew Bartlett2012-01-111-67/+0
| | | | | | | | | This will make it easier to share elements of the GSSAPI gensec mechs, in much the same way elements of the NTLMSSP mech are shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: move gensec_util.c to the top levelAndrew Bartlett2012-01-113-104/+1
| | | | | | | | To do this some defines need to move to common_auth.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* auth: make auth4_context common to provide access to generate_session_info_pac()Andrew Bartlett2012-01-111-52/+0
| | | | | | | | | | By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett2012-01-101-4/+0
|
* krb5: Require krb5_get_renewed_creds be available to build with krb5Andrew Bartlett2012-01-101-1/+0
|
* krb5: Remove now unused checks for krb5_verify_checksumAndrew Bartlett2012-01-101-2/+0
|
* krb5: Require krb5_c_enctype_compare is available to build with krb5Andrew Bartlett2012-01-101-1/+0
|
* s4:provision: add "+dns" to server services if the dns backend is SAMBA_INTERNALMichael Adam2012-01-101-2/+7
| | | | | | | Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104
* s4:provision: add a server services line to the smb.conf template for the dcMichael Adam2012-01-101-0/+2
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s4:provision: add the possibility to provision "server services" in smb.confMichael Adam2012-01-101-2/+9
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s4:provision: improve a messageMichael Adam2012-01-101-1/+1
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* samba: check for AES encryption type defines.Günther Deschner2012-01-101-0/+2
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
* s4:python tests __init__.py - do not depend on "subprocess.check_call()"Matthias Dieter Wallnöfer2012-01-101-1/+4
| | | | | | | | | Method not present in Python 2.4 Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Jan 10 00:41:59 CET 2012 on sn-devel-104
* s4:python tests __init__.py - do not depend on "subprocess.CalledProcessError"Matthias Dieter Wallnöfer2012-01-091-6/+11
| | | | | | The class is not present in Python 2.4 Reviewed-by: Jelmer
* s4:scripting/devel: add repl_cleartext_pwd.py scriptStefan Metzmacher2012-01-091-0/+377
| | | | | | | | | | | | | | | | | | | | | | | | | | | This is useful to sync passwords from an AD domain. $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 \ 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[0] dn: CN=Test User1,CN=Users,DC=bla,DC=base cleartext_utf8: A1b2C3d4 displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA= # up to usn[16449] $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[16449] # up to usn[16449] $ metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
* s4-kerberos: remove some unused prototypes.Günther Deschner2012-01-091-22/+0
| | | | | | | | | These are defined in the krb5 abstraction headers elsewhere. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
* s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()Stefan Metzmacher2012-01-091-2/+3
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 10:28:30 CET 2012 on sn-devel-104
* ntlmssp: merge initial packet implementationsAndrew Bartlett2012-01-061-6/+25
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* samba-tool:dns: Check through all the DNS records for a matchAmitay Isaacs2012-01-061-16/+16
| | | | | | | There can be multiple dns records for a specified record type. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Fri Jan 6 02:41:22 CET 2012 on sn-devel-104
* s4-rpc:dnsserver: Do not replace @ with zone_name in update operationAmitay Isaacs2012-01-061-1/+6
| | | | This fixes the problem when updating DNS record for '@' or domain name.
* s3-librpc Use gsskrb5_get_subkey() where available to get the session keyAndrew Bartlett2012-01-051-0/+1
| | | | | | | | This allows gse_get_session_key() to work against Heimdal. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:repl_meta_data LDB module - set "isRecycled" time correctlyMatthias Dieter Wallnöfer2012-01-051-9/+8
| | | | | | | | | | "unix_to_nt_time()" which is based on "time_t" behaves differently for literals > 32 bit on 32 and 64 bit platforms. Reviewed-by: ekacnet Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
* s4:pyrpc: add 'user_session_key' getter to the connection objectStefan Metzmacher2012-01-042-1/+45
| | | | | | | | | This gets the session key from gensec for usage in DRSUAPI. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 22:31:52 CET 2012 on sn-devel-104
* s4:pygensec/tests: check that the client and server have the same session keyStefan Metzmacher2012-01-041-1/+4
| | | | metze
* s4:pygensec: add session_key() methodStefan Metzmacher2012-01-041-0/+29
| | | | metze
* LDAP-CLDAP: demonstrate that pdc name is not an unc pathStefan Metzmacher2012-01-041-0/+9
| | | | | | | | | | | | | For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 20:06:14 CET 2012 on sn-devel-104
* s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as ↵Matthias Dieter Wallnöfer2012-01-041-0/+5
| | | | | | UNC path Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:cldap_server/netlogon.c: it is wrong to specify "\\" in front of the hostnameStefan Metzmacher2012-01-041-2/+6
| | | | | | | | | | | | For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. Bases on a patch from Matthias Dieter Wallnöfer <mdw@samba.org>. metze
* LDAP-CLDAP: demonstrate that pdc name is an unc pathStefan Metzmacher2012-01-041-0/+6
| | | | | | | | | | | | | | For LOGON_SAM_LOGON_RESPONSE and LOGON_SAM_LOGON_USER_UNKNOWN, I assume all levels without _EX in the name, pdc name is in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 13:37:42 CET 2012 on sn-devel-104
* s4:torture/nbt/dgram.c: NBT samlogon requests without _EX return the PDC ↵Stefan Metzmacher2012-01-041-0/+22
| | | | | | name as UNC path metze
* dlz_bind9: create session info from PAC using auth contextAmitay Isaacs2012-01-041-7/+59
| | | | | | | | This fixes the creation of session info from PAC, after changes in gensec code. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Wed Jan 4 01:59:09 CET 2012 on sn-devel-104
* upgradeprovision: do not hold references to messageElementsMatthieu Patou2012-01-031-10/+17
| | | | | Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Tue Jan 3 08:20:02 CET 2012 on sn-devel-104
* upgradeprovision: treat provision without oem attribute as quite recent, ↵Matthieu Patou2012-01-031-1/+1
| | | | it's provision that comes from Windows replication
* s4-provision: Fix the problem of DnsProperty values not being set correctlyAmitay Isaacs2012-01-031-0/+7
| | | | | | | | | | | | | DnsProperty can have empty 'data' member. To parse Dnsproperty with empty data, dnsp.idl has a hack as follows: [switch_is(wDataLength?id:DSPROPERTY_ZONE_EMPTY)] dnsPropertyData data; This implies, to set 'data' value, wDataLength has to be set to a non-zero value first. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Jan 3 05:26:32 CET 2012 on sn-devel-104
* s4:torture/rpc/netlogon.c - enhance the "DsRGetDCName*" testsMatthias Dieter Wallnöfer2012-01-021-0/+96
| | | | | | | | | | To check for the expected behaviour (DS_* flags). Always according to MS-NRPC 2.2.1.2.1. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 2 20:43:05 CET 2012 on sn-devel-104
* s4-provision: Fix tdbdump path lookup in make test.Andreas Schneider2012-01-021-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4: Happy New Year 2012Stefan Metzmacher2012-01-011-1/+1
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jan 1 22:23:48 CET 2012 on sn-devel-104
* pyregistry: Remove directory support.Jelmer Vernooij2011-12-291-32/+0
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Dec 29 19:59:57 CET 2011 on sn-devel-104
* Remove the 'dir' registry backend.Jelmer Vernooij2011-12-294-491/+1
| | | | This backend was incomplete, and we already have plenty of other backends.
* s4-toture: Rename memory contexts in rpc.pac for greater clarityAndrew Bartlett2011-12-291-13/+13
| | | | | | | | | | | This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 14:14:06 CET 2011 on sn-devel-104
* s4-gensec: Rename memory contexts in gensec_util for greater clarityAndrew Bartlett2011-12-291-2/+2
| | | | | | | | This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
* s4-gensec: Rename memory contexts in gensec_krb5 for greater clarityAndrew Bartlett2011-12-291-16/+16
| | | | | | | | This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
* s4-gensec: Rename memory contexts in gensec_gssapi for greater clarityAndrew Bartlett2011-12-291-16/+16
| | | | | | | | This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
generated by cgit (git 2.34.1) at 2025-09-26 22:39:31 +0000