summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* r11567: Ldb API change patch.Simo Sorce2005-11-0839-807/+1212
| | | | | | | | | | | | | | | This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo.
* r11555: - change socket_wrapper to support multiple IP'sStefan Metzmacher2005-11-073-61/+277
| | | | | | | | | | | | | - SOCKET_WRAPPER_DEFAULT_IFACE=X specifies the default interface for 127.0.0.X - we now use multiple interfaces for smbtorture in make test 127.0.0.26-127.0.0.31 - and 127.0.0.1 only for smbd the are more work needed for better support for broacast messages... but this is enough for the winsrepl tests metze
* r11554: make us able to run without depending on 127.0.0.1Stefan Metzmacher2005-11-071-6/+8
| | | | metze
* r11553: give an error when the lookup failedStefan Metzmacher2005-11-071-7/+19
| | | | metze
* r11552: fix indentStefan Metzmacher2005-11-071-3/+3
| | | | metze
* r11547: - don't do pull replication when pullIntervall is 0Stefan Metzmacher2005-11-073-9/+14
| | | | | | - don't do push replication when pushChangeCount is 0 metze
* r11546: add more errno ntstatus mappings, to get more usefull errors from ↵Stefan Metzmacher2005-11-071-0/+15
| | | | | | socket_wrapper metze
* r11545: Remove old #define.Andrew Bartlett2005-11-071-8/+0
| | | | Andrew Bartlett
* r11544: Allow delegation in a Samba4 realm.Andrew Bartlett2005-11-071-0/+1
| | | | Andrew Bartlett
* r11543: A major upgrade to our KDC and PAC handling.Andrew Bartlett2005-11-0714-238/+545
| | | | | | | | | | | | | | | | We now put the PAC in the AS-REP, so that the client has it in the TGT. We then validate it (and re-sign it) on a TGS-REQ, ie when the client wants a ticket. This should also allow us to interop with windows KDCs. If we get an invalid PAC at the TGS stage, we just drop it. I'm slowly trying to move the application logic out of hdb-ldb.c, and back in with the rest of Samba's auth system, for consistancy. This continues that trend. Andrew Bartlett
* r11542: Add the netbios name type. We will need it when we start to handleAndrew Bartlett2005-11-071-0/+1
| | | | | | allowedWorkstations on Krb5. Andrew Bartlett
* r11541: More logical (I think...) delegation semantics.Andrew Bartlett2005-11-071-10/+14
| | | | Andrew Bartlett
* r11540: Some notes to myself on RFC complience.Andrew Bartlett2005-11-071-0/+7
| | | | Andrew Bartlett
* r11539: Fix indentation in templates. Always generate lower-case Jelmer Vernooij2005-11-065-8/+10
| | | | | UUID strings as GUID_from_string seems to have trouble with uppercased ones.
* r11538: More notes on things we need.Andrew Bartlett2005-11-061-0/+3
| | | | Andrew Bartlett
* r11537: Make the authsam_account_ok routine callable by external users (the ↵Andrew Bartlett2005-11-061-19/+21
| | | | | | KDC). Andrew Bartlett
* r11536: Add a hook for client-principal access control to hdb-ldb, re-usingAndrew Bartlett2005-11-067-44/+231
| | | | | | | | | the code in auth/auth_sam.c for consistancy. This will also allow us to have one place for a backend directory hook. I will use a very similar hook to add the PAC. Andrew Bartlett
* r11535: Support void functions when generating templates.Jelmer Vernooij2005-11-061-2/+10
|
* r11534: Consider ntvfs as a libraryJelmer Vernooij2005-11-061-1/+5
|
* r11533: Be a bit less intrusiveVolker Lendecke2005-11-061-1/+2
|
* r11532: Enable kerberos session setup for winbind smb connectionsVolker Lendecke2005-11-061-0/+9
|
* r11529: Disable DNS lookups for forwarded credentials, unless really, reallyAndrew Bartlett2005-11-061-34/+41
| | | | | | | | | | wanted. There is nothing that suggests that the host we forward credentials to will not have other interfaces, unassoicated with their service name. Likewise, the name may be a netbios, not DNS name. This should avoid some nasty DNS lookups. Andrew Bartlett
* r11528: Separate finding dcs from initializing a domain. Makes it easier to ↵Volker Lendecke2005-11-0512-355/+571
| | | | | | | | | | | | | | possibly support cldap and other stuff in the future. This temporarily disables wbinfo -t, but that will come back soon. Try an ldap bind using gss-spnego. This got me krb5 binds against "our" w2k3 and a trusted w2k, although with some memleaks from krb5 and a BAD_OPTION tgs-rep error. Volker
* r11527: Has this ever been run?Volker Lendecke2005-11-051-0/+1
|
* r11526: And another warning...Volker Lendecke2005-11-051-1/+1
|
* r11525: Move lookups (including the attribute search) for users fromAndrew Bartlett2005-11-052-112/+127
| | | | | | | | | kdc/hdb-ldb.c to share the routines used for auth/ This will require keeping the attribute list in sync, but I think it is worth it for the next steps (sharing the server_info generation). Andrew Bartlett
* r11524: More work on our hdb backend in the KDC.Andrew Bartlett2005-11-051-116/+78
| | | | | | | | | | | The aim here is to restructure the queries to match the queries we do in auth, then to share the code that does the actual query (at least for user logins). Then we can generate the PAC from that shared query, rather than a seperate query. Andrew Bartlett
* r11523: Working towards having Samba3 join Samba4, this allows the SASLAndrew Bartlett2005-11-051-3/+7
| | | | | | | credentials to be NULL, where the client is requesting a CIFS style server-first negTokenInit. Andrew Bartlett
* r11522: Add support for delegated credentials and machine account credentialsAndrew Bartlett2005-11-052-2/+28
| | | | | | to ldb, based on the sessionInfo we now pass around. Andrew Bartlett
* r11521: Add in client support for checking supportedSASLmechanisms, and thenAndrew Bartlett2005-11-054-7/+129
| | | | | | | | | | | | | | | | | | determining a mechanism to use. Currently it doesn't to fallbacks like SPNEGO does, but this could be added (to GENSEC, not to here). This also adds a new function to GENSEC, which returns a list of SASL names in our preference order (currently determined by the build system of all things...). Also make the similar function used for OIDs in SPNEGO do the same. This is all a very long-winded way of moving from a hard-coded NTLM to GSS-SPNEGO in our SASL client... Andrew Bartlett
* r11520: indentAndrew Bartlett2005-11-051-1/+1
|
* r11519: And an uninitialized variable...Volker Lendecke2005-11-051-1/+1
|
* r11518: Fix a warningVolker Lendecke2005-11-051-1/+1
|
* r11517: Cleanup time, this looks larger than it is. This mainly gets rid ofVolker Lendecke2005-11-0516-703/+489
| | | | | | wb_domain_request, now that we have queued rpc requests. Volker
* r11516: Fix a valgrind bug I introduce with queued requestsVolker Lendecke2005-11-051-3/+6
|
* r11515: Add some talloc_get_typeVolker Lendecke2005-11-051-2/+2
|
* r11514: Fixup debug messageAndrew Bartlett2005-11-051-1/+1
|
* r11513: Add the ability to use the local machine account instead of a staticAndrew Bartlett2005-11-052-15/+71
| | | | | | | | | password or delegation. Add the ability to delegate for RPC pipes on the RPC proxy backend (the backend itself seems be having problems however). Andrew Bartlett
* r11512: fix typoAndrew Bartlett2005-11-051-1/+1
|
* r11503: be quite...Stefan Metzmacher2005-11-041-1/+1
| | | | metze
* r11502: make sure we always use the 7 chars for the unix socket name.Stefan Metzmacher2005-11-041-1/+1
| | | | | | | | | | | this is to test if that works on irix 6.4 where we can only use 16 chars for the sun_path of the unix sockets. the plan is to make multiple interfaces possible with socket wrapper, and the format will change to ("%c%02X%04X", type, iface, port), which is also 7 char to the file name metze
* r11501: change provision code to use the new display specifiersAndrew Tridgell2005-11-041-0/+2
|
* r11500: fixed a bug in the variable substition code using the new limit ↵Andrew Tridgell2005-11-041-1/+1
| | | | argument to split()
* r11499: added a minimal set of display specifiers for mmc to use to displayAndrew Tridgell2005-11-041-0/+108
| | | | the core elements of a Samba4 domain
* r11498: added an optional extra argument to split to limit the number ofAndrew Tridgell2005-11-041-8/+19
| | | | | pieces a string is split into. This allows for a fix in the variable substitution used in provisioning
* r11497: Don't name parameters 'floor'. Rename fl and floor to epm_floor forAndrew Bartlett2005-11-041-58/+58
| | | | | | consistancy. Andrew Bartlett
* r11496: add a minimal ads-compatible schema into our sam.ldb setup. This isAndrew Tridgell2005-11-043-2/+8509
| | | | needed for mmc management of Samba4.
* r11489: add the one replication cycle test to NBT-WINSREPLICATION-QUICKStefan Metzmacher2005-11-033-1/+23
| | | | metze
* r11488: handle the stupid name release demand a windows there send...Stefan Metzmacher2005-11-031-5/+22
| | | | metze
* r11487: thanks to make test I noticed a dead lock bug, in the last change,Stefan Metzmacher2005-11-031-19/+39
| | | | | | | | this only happens with socket_wrapper as socket_connect() returns NT_STATUS_OK instead of NT_STATUS_MORE_PROCESSING_REQUIRED, and we missed to replace the fde event handler... metze
generated by cgit (git 2.34.1) at 2025-10-01 21:15:17 +0000