summaryrefslogtreecommitdiffstats
path: root/source/libads
Commit message (Collapse)AuthorAgeFilesLines
* [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.samba-misc-tags/initial-v3-2-testGerald (Jerry) Carter2007-10-102-30/+17
|
* r25422: Get rid of some cast warnings.Michael Adam2007-10-101-3/+3
|
* r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.Gerald Carter2007-10-102-24/+34
| | | | | | The translate_name() used by cli_session_setup_spnego() cann rely Winbindd since it is needed by the join process (and hence before Winbind can be run).
* r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,Gerald Carter2007-10-102-34/+24
| | | | and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>.
* r25328: When using ldap sasl wrapping with gssapi it's important to receive ↵Günther Deschner2007-10-101-0/+5
| | | | | | | | warnings for clock-skew errors. Guenther
* r25165: Use talloc_asprintf_append_buffer with an unmodifiedJeremy Allison2007-10-101-2/+2
| | | | | string. Jeremy.
* r25133: Fix sasl wrapping (for ldap sign&seal).Günther Deschner2007-10-101-46/+5
| | | | | | | | | | | | | | | The gss_import_name() broke as we switched from the internal MIT OID "gss_nt_krb5_principal" to "GSS_KRB5_NT_PRINCIPAL_NAME" and didn't switch from passing the krb5_principal (or better: a pointer to that, see MIT's "*HORRIBLE* bug") to pass the string principal directly. Jerry, Jeremy, neither I could figure out the need of passing in a krb5_principal at all nor could I reproduce the crash you were seeing. I sucessfully tested the code (now importing a string) with MIT 1.2.7, 1.3.6, 1.4.3, 1.5.1, 1.6.1 and Heimdal 0.7.2, 1.0, 1.0.1. Guenther
* r25109: Remove obsolete argument from ads_guess_service_principal().Günther Deschner2007-10-102-4/+2
| | | | Guenther
* r25108: Make ifdef labyrinth in sasl code a bit more readable.Günther Deschner2007-10-101-2/+2
| | | | Guenther
* r25080: Once we decrypted the packet but have timing problems (closkew, tkt ↵Günther Deschner2007-10-101-1/+9
| | | | | | | | not yet or no longer valid) there is no point to bother the keytab routines. Guenther
* r25030: ip_srv_nonsite and count_nonsite are initialized in get_kdc_list() ↵Lars Müller2007-10-101-2/+2
| | | | | | in any case.
* r24836: Initialize some uninitialized variables.Michael Adam2007-10-101-3/+5
| | | | | | | This prevents a segfault when get_kdc_ip_string() is called with sitename == NULL. Michael
* r24833: Move locator to nsswitch (does not belong to libads anymore).Günther Deschner2007-10-101-395/+0
| | | | Guenther
* r24832: In the winbind-locator recursion case, try to pick up the kdc from theGünther Deschner2007-10-101-3/+22
| | | | | | environment. Guenther
* r24804: As a temporary workaround, also try to guess the server's principal ↵Günther Deschner2007-10-102-41/+70
| | | | | | | | | in the "not_defined_in_RFC4178@please_ignore" case to make at least LDAP SASL binds succeed with windows server 2008. Guenther
* r24769: Merge error handling for locator plugin.Günther Deschner2007-10-101-17/+5
| | | | Guenther
* r24752: Make sure to return properly when the locator is called from within ↵Günther Deschner2007-10-101-6/+9
| | | | | | winbindd. Guenther
* r24748: Remove all dependencies to samba internals and convert the krb5 ↵Günther Deschner2007-10-101-100/+96
| | | | | | | | | | locator plugin into a tiny winbindd DsGetDcName client. This still does not solve the case of using the locator from within winbindd itself but at least gencache.tdb and others are no longer corrupted. Guenther
* r24739: With resolve_ads() allow to query for PDCs as well.Günther Deschner2007-10-101-28/+109
| | | | | | Also add dns query functions to find GCs and DCs by GUID. Guenther
* r24654: Adapt to coding conventions.Günther Deschner2007-10-101-21/+25
| | | | Guenther
* r24432: Expand kerberos_return_pac() so that it can be used in winbindd.Günther Deschner2007-10-101-6/+72
| | | | Guenther
* r24424: Fix the build.Günther Deschner2007-10-101-5/+5
| | | | Guenther
* r24252: Dump guid of msExchMailboxGuid when returned.Günther Deschner2007-10-101-0/+1
| | | | Guenther
* r24251: Neverending fun:Günther Deschner2007-10-101-1/+1
| | | | | | | | Heimdal doesn't accept all OIDs and gss_import_name() fails with GSS_S_BAD_NAMETYPE using this one. Use the GSS_KRB5_NT_PRINCIPAL_NAME OID instead (which works with at least MIT 1.6.1 and Heimdal 1.0.1). Guenther
* r24166: Fix Coverity ID 391Volker Lendecke2007-10-101-1/+1
|
* r24158: SE_GROUP_RESOURCE in the other_sids list apparently means aGerald Carter2007-10-101-1/+1
| | | | | | domain local group. Fix a typo in the PAC debugging routine
* r24131: - make it more clear what the different min and max fields meanStefan Metzmacher2007-10-102-37/+48
| | | | | | | | | - with the "GSSAPI" sasl mech the plain, sign or seal negotiation is independed from the req_flags and ret_flags - verify the server supports the wrapping type we want - better handling on negotiated buffer sizes metze
* r24128: fix double free in error pathStefan Metzmacher2007-10-101-6/+7
| | | | metze
* r24104: fix the build, sorry...Stefan Metzmacher2007-10-101-3/+4
| | | | metze
* r24103: add some useful debug messages, as not all LDAPStefan Metzmacher2007-10-101-3/+19
| | | | | | libraries support wrapping hooks... metze
* r24098: - make use of the ads_service_principal abstractionStefan Metzmacher2007-10-101-61/+32
| | | | | | | | also for the "GSSAPI" sasl mech. - also use the ads_kinit_password() fallback logic from the "GSS-SPNEGO" sasl mech. metze
* r24095: add one more fallback alternative toStefan Metzmacher2007-10-101-0/+20
| | | | | | construct the principal metze
* r24093: move gssapi/krb5 principal handling into a functionStefan Metzmacher2007-10-101-88/+146
| | | | metze
* r24072: Add "client ldap sasl wrapping" parameter.Stefan Metzmacher2007-10-101-0/+8
| | | | | | Possible values are "plain" (default), "sign" or "seal". metze
* r24066: Fix memleak found by Volker. We don't leak keys now with MIT and ↵Günther Deschner2007-10-101-0/+1
| | | | | | Heimdal. Guenther
* r24065: According to gd, this breaks heimdal. Thanks for checking!Volker Lendecke2007-10-101-3/+0
|
* r24062: fix logic for broken krb5 libs which always forceStefan Metzmacher2007-10-101-1/+2
| | | | | | sign and seal... metze
* r24058: Fix some memory leaks in ads_secrets_verify_ticket.Volker Lendecke2007-10-101-0/+3
| | | | | | | | Jeremy, Günther, please review! Thanks, Volker
* r24042: add support for krb5 sign and seal in LDAP via "GSS-SPNEGO"Stefan Metzmacher2007-10-101-1/+309
| | | | metze
* r24037: only setup sasl wrapping after a successful bindStefan Metzmacher2007-10-101-2/+4
| | | | metze
* r23973: For debugging, add (undocumented) net ads kerberos commands (kinit, ↵Günther Deschner2007-10-101-1/+1
| | | | | | | | renew, pac). Guenther
* r23970: Allow to set the debuglevel at which to dump the PAC logon info.Günther Deschner2007-10-101-18/+18
| | | | Guenther
* r23969: Some helper routines to retrieve a PAC and PAC elements.Günther Deschner2007-10-101-0/+160
| | | | Guenther
* r23953: Some C++ warningsVolker Lendecke2007-10-102-4/+7
|
* r23951: Fix segfault.Günther Deschner2007-10-101-1/+1
| | | | Guenther
* r23948: add gsskrb5 sign and seal support for LDAP connectionsStefan Metzmacher2007-10-101-5/+135
| | | | | | NOTE: only for the "GSSAPI" SASL mech yet metze
* r23946: add support for NTLMSSP sign and sealStefan Metzmacher2007-10-101-1/+122
| | | | | | NOTE: windows servers are broken with sign only... metze
* r23945: add infrastructure to select plain, sign or seal LDAP connectionStefan Metzmacher2007-10-102-2/+23
| | | | metze
* r23943: - always provide ads_setup_sasl_wrapping() functionStefan Metzmacher2007-10-101-4/+10
| | | | | | - read/write returning 0 means EOF and we need to return direct metze
* r23937: Use ads_config_path() when we need to know the configration context.Günther Deschner2007-10-101-26/+11
| | | | Guenther
generated by cgit (git 2.34.1) at 2024-10-07 02:23:14 +0000