summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* r12056: Some clarification fixes for the keytab code, and use the rightAndrew Bartlett2005-12-041-14/+15
| | | | | | function for enctype to string. Andrew Bartlett
* r12037: Fix malloc corruption caused by double-free(), where realloc(ptr, 0)Andrew Bartlett2005-12-031-3/+9
| | | | | | | | is equivilant to free(). This is the issue tridge was seeing in the MEMORY: keytab code. Andrew Bartlett
* r12036: Fix more KDC memory leaks (and there are probably still more...).Andrew Bartlett2005-12-031-0/+4
| | | | Andrew Bartlett
* r12035: Fix memory leaks in the KDC.Andrew Bartlett2005-12-021-0/+3
| | | | Andrew Bartlett
* r12024: do some extra sleeping to give the server the chance to handle our replyStefan Metzmacher2005-12-021-0/+2
| | | | metze
* r12023: use the NBTD IRPC proxy calls for implementing the challenge and ↵Stefan Metzmacher2005-12-021-4/+115
| | | | | | | | release demand conflict cases metze
* r12022: add NBTD IRPC proxy calls for wins challenge and wins release demand,Stefan Metzmacher2005-12-024-1/+403
| | | | | | used for replication conflicts metze
* r12021: remove shortpath for winsdb_lookup, this isn't neededStefan Metzmacher2005-12-022-7/+6
| | | | metze
* r12020: fix memory hierachieStefan Metzmacher2005-12-021-1/+1
| | | | metze
* r12019: - let us only reference libblkid stuff in one fileStefan Metzmacher2005-12-023-54/+58
| | | | | | | - and make it it bit simpler, by caching the GUID struct instead of the device name - and this also removes all compiler warnings... metze
* r12016: fixed a valgrind errorAndrew Tridgell2005-12-021-1/+1
|
* r12014: free the irpc_request structure with the irpc_call_recv functions,Stefan Metzmacher2005-12-025-9/+8
| | | | | | to match all other _recv functions we have metze
* r12013: fix compiler warningsStefan Metzmacher2005-12-022-6/+6
| | | | metze
* r12012: fix renaming smbsrv_trees -> smbsrv_tconsStefan Metzmacher2005-12-021-6/+6
| | | | metze
* r12011: fixed another 'mixed code and declarations' bugAndrew Tridgell2005-12-021-1/+2
|
* r12010: - added support for domain specific SID codes in SDDL stringsAndrew Tridgell2005-12-023-22/+101
| | | | | | - added a bunch more tests to LOCAL-SDDL (all the ones from our schema) - fixed 'mixed coded declarations' bug
* r12009: made the LOCAL-SDDL test less verbose by default, and add it to theAndrew Tridgell2005-12-022-2/+4
| | | | standard tests for the build farm
* r12008: added a simple LOCAL-SDDL test suite. Only one example so far. Will beAndrew Tridgell2005-12-024-21/+85
| | | | filled in with more examples as I expand the sddl parsing code.
* r12007: fixed a valgrind error in the SMB2-SETINFO testAndrew Tridgell2005-12-021-0/+2
|
* r12006: don't require callers to fill in pad bytes in SMB2 callsAndrew Tridgell2005-12-024-4/+4
|
* r12005: added a SDDL (Security Descriptor Description Language) parser. NotAndrew Tridgell2005-12-022-0/+316
| | | | | | | | | all flags are covered yet, and object aces aren't done yet. This is needed for ACL support in ldb, as the default security descriptor for each object class is given by the defaultSecurityDescriptor attribute in the schema, which is stored in SDDL format
* r12004: added some SEC_ADS_* security flags. Needed for a SDDL parser.Andrew Tridgell2005-12-021-0/+11
|
* r12001: Replace smbcli_full_connection call with composite connect usedRafal Szczesniak2005-12-011-8/+25
| | | | | | | | in sync version. This step makes it easer to move further to async dcerpc connect routine. rafal
* r12000: Update to current lorikeet-heimdal, including in particular supportAndrew Bartlett2005-12-0112-26/+504
| | | | | | | for referencing an existing in-MEMORY keytab (required for the new way we push that to GSSAPI). Andrew Bartlett
* r11997: for multidimentional array like this:Stefan Metzmacher2005-12-011-2/+3
| | | | | | | | | | | | | | | | uint32 [num_level2][num_level1][num_level0] fix the order they're pushed and pulled, it should be like this for (l2=0; l2 < num_level2; l2++) { for (l1=0; l1 < num_level1; l1++) { for (l0=0; l0 < num_level0; l0++) { ndr_pull_uint32(...); } } } metze
* r11996: don't overwrite the buffercodeStefan Metzmacher2005-12-011-1/+1
| | | | metze
* r11995: A big kerberos-related update.Andrew Bartlett2005-12-0127-295/+633
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links.
* r11994: This function no longer needs a special declaration.Andrew Bartlett2005-12-011-4/+0
| | | | Andrew Bartlett
* r11993: As well as making an in-MEMORY keytab, allow a file-based keytab to ↵Andrew Bartlett2005-12-011-98/+321
| | | | | | | | | | | be updated. This allows a new password to be written in, and old entries removed (we keep kvno and kvno-1). Clean up the code a lot, and add comments on what it is doing... Andrew Bartlett
* r11992: Potentially allow SPNEGO to be disabled (as occours on WinXPAndrew Bartlett2005-12-011-13/+22
| | | | | | | | standalone), and use only NTLMSSP. (But doing so would break Samba3's client). Andrew Bartlett
* r11991: Null termainte the list of backends. (Makes it easier to walk the ↵Andrew Bartlett2005-12-011-2/+2
| | | | | | list). Andrew Bartlett
* r11990: Set the password set time as 'now', so it isn't expired back in 2004.Andrew Bartlett2005-12-011-2/+1
| | | | Andrew Bartlett
* r11989: Rather than grabbing the machine account details at this point, grabAndrew Bartlett2005-12-011-10/+1
| | | | | | | them 'later'. We will need to handle the errors when we call the get_* methods. Andrew Bartlett
* r11988: Setup the sessionInfo just before the connect, rather than earlierAndrew Bartlett2005-12-011-4/+6
| | | | | | when we havn't finished popt. Andrew Bartlett
* r11987: Clarify the accountExpires behaviour in the KDC.Andrew Bartlett2005-12-011-4/+5
| | | | Andrew Bartlett
* r11984: LGPL on header and testsuite as wellAndrew Tridgell2005-12-012-22/+30
|
* r11983: make talloc LGPL. This makes more sense given that ldb depends onAndrew Tridgell2005-12-011-11/+15
| | | | talloc, and ldb is now LGPL
* r11982: ensure the fde event gets freed before the socket itself, as otherwiseAndrew Tridgell2005-12-012-5/+5
| | | | | we get a error from epoll about disabling events for a file descriptor that is closed
* r11981: we should allocate request specific memory in ldb modules off theAndrew Tridgell2005-12-011-1/+1
| | | | request strucutre. It will take a while for this to happen everywhere.
* r11980: ronnie worked out that opcode 0xb in SMB2 is in fact ioctl, and thatAndrew Tridgell2005-12-017-27/+30
| | | | | | | | it only appeared to be like a SMBtrans request as it was being called with function 0x11c017 which is "named pipe read write" I wonder if this means we could do DCE/RPC over SMB using ntioctl calls as well?
* r11974: only look at $pl->{POINTER_TYPE} when $pl is definedStefan Metzmacher2005-11-301-7/+6
| | | | metze
* r11973: make it easier to find bugsStefan Metzmacher2005-11-302-2/+7
| | | | metze
* r11972: handle [noejs] property also on functionsStefan Metzmacher2005-11-301-1/+2
| | | | metze
* r11971: add nbt specific continue wrapperStefan Metzmacher2005-11-301-0/+11
| | | | metze
* r11970: fixed a valgrind error. The auth info from the alter_context reply wasAndrew Tridgell2005-11-301-1/+1
| | | | being freed before being given to gensec_update()
* r11969: got rid of the very annoying 'failed to open /secrets.tdb'Andrew Tridgell2005-11-301-1/+5
| | | | | | | | | | messages. As discussed with Andrew, this will soon be replaced with a system that marks the credentials to use the machine accout from the database rather than pre-loading the machine account details here. The reason we got the annoying messages is this was being called before smb.conf is loaded, so the code doesn't yet know the location of the private directory
* r11968: More warning fixes. We're on track to getting to double digits forTim Potter2005-11-307-14/+14
| | | | the number of warnings generated now.
* r11967: Fix more 64-bit warnings.Tim Potter2005-11-3018-57/+65
|
* r11965: Try to fix some 64-bit warnings.Tim Potter2005-11-301-1/+1
|
* r11959: Use DOS_errors array for displaying WERROR valuesJelmer Vernooij2005-11-291-1/+1
|
generated by cgit (git 2.34.1) at 2025-09-29 17:48:58 +0000