summaryrefslogtreecommitdiffstats
path: root/source4/kdc
Commit message (Collapse)AuthorAgeFilesLines
...
* s4-kdc Use msDS-SecondaryKrbTgtNumber to fill in the full KVNOAndrew Bartlett2010-09-291-1/+18
| | | | Andrew Bartlett
* s4-kdc: added ifdef guards in kdc.hAndrew Tridgell2010-09-271-0/+5
| | | | this prevents too much recursion in the compiler preprocessor
* s4-kdc: prevent segfault on bad trust stringsAndrew Tridgell2010-09-161-4/+8
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-trusts: fix trustDomainPasswords drsblobs IDL and server side support.Günther Deschner2010-08-251-7/+7
| | | | | | | Also remove bogus trustCurrentPasswords struct which we just had because our IDL was incorrect. Guenther
* s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett2010-08-231-3/+3
| | | | | | | | | struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
* s4:security Remove use of user_sid and group_sid from struct security_tokenAndrew Bartlett2010-08-181-3/+3
| | | | This makes the structure more like Samba3's NT_USER_TOKEN
* s4:kdc/kpasswdd.c - let the user change his own password with his own rightsMatthias Dieter Wallnöfer2010-08-171-3/+44
| | | | | | | | Now it's finally possible that the user can change his password with a DSDB connection using his credentials. NOTICE: I had to extract the old password from the SAMDB since I was unable to find it somewhere else (authinfo for example).
* s4:kdc/rpc server - adapt the "samdb_set_password" calls which perform ↵Matthias Dieter Wallnöfer2010-08-171-1/+1
| | | | password sets
* s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell2010-07-165-23/+23
| | | | | | | this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc Rework the 'allowed enc types' calculationAndrew Bartlett2010-06-291-41/+35
| | | | | | | | | | This changes the calculation to apply the allowed enc types to all uses of the key (no point allowing a weak kinit to a key the server wanted strongly protected). It also ensures that all the non-DES keys are available on the krbtgt in particular, even as it does not have a msds-SupportedEncryptionTypes attributes. Andrew Bartlett
* s4:kdc/kdc.c - add cast to suppress warnings on Solaris 10 ccMatthias Dieter Wallnöfer2010-06-261-2/+2
|
* s4:kdc/kpasswdd.c - remove unreachable codeMatthias Dieter Wallnöfer2010-06-261-2/+0
|
* Per Andrews request, revertJelmer Vernooij2010-06-231-2/+0
| | | | | | | "heimdal/waf: Initial work on making it possible to use the system" as the hdb_check_s4u2self function handling is incorrect. This reverts commit b099631f428d0ecc641d59bd3c94674e6348dde9.
* s4:kdc Use msDS-SupportedEncTypes in our KDCAndrew Bartlett2010-06-231-30/+54
| | | | | | | We need to honour this, otherwise we will send AES-encrypted tickets to unprepared Kerberos targets. Andrew Bartlett
* s4:kdc/db-glue.c - remove unreachable codeMatthias Dieter Wallnöfer2010-06-201-4/+0
| | | | Would be nice if someone could check if this fits.
* heimdal/waf: Initial work on making it possible to use the systemJelmer Vernooij2010-06-191-0/+2
| | | | | | | heimdal again. Still missing are the detection of the right Heimdal version and linking (unresolved symbols at the moment).
* s4:kdc Remove special talloc_free of the ldb contextAndrew Bartlett2010-05-282-11/+1
| | | | | | | I can see no reason not to just let this go with the talloc tree that created it, and avoid a talloc_free with references. Andrew Bartlett
* Remove more usages of iconv_convenience in files which were apparently not ↵Jelmer Vernooij2010-05-181-1/+0
| | | | recompiled by waf.
* s3: Remove use of iconv_convenience.Jelmer Vernooij2010-05-184-6/+0
|
* Finish removal of iconv_convenience in public API's.Jelmer Vernooij2010-05-183-17/+10
|
* s4:samdb_set_password/samdb_set_password_sid - ReworkMatthias Dieter Wallnöfer2010-05-101-31/+4
| | | | | | | | Adapt the two functions for the restructured "password_hash" module. This means that basically all checks are now performed in the mentioned module. An exception consists in the SAMR password change calls since they need very precise NTSTATUS return codes on wrong constraints ("samr_password.c") file
* Simple fix to prevent crash for non-pac principalsMarcel Ritter2010-04-271-0/+5
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc/db-glue.c - use "TALLOC_FREE" insteal of "talloc_free" for the "priv" ↵Matthias Dieter Wallnöfer2010-04-171-5/+5
| | | | | | | context Also after a free "priv" could be != NULL and may be freed again. This should fix bug #7365.
* s4:kdc/wdc-samba4.c - fix integer counter typesMatthias Dieter Wallnöfer2010-04-121-1/+2
|
* s4:kdc/db-glue.c - fix integer counter typesMatthias Dieter Wallnöfer2010-04-121-6/+7
|
* s4:kdc Add functions to hdb-samba4 for the new s4u2self callback.Andrew Bartlett2010-04-104-18/+21
| | | | | | | For now, this shares the 'if it's the same host' system with the constrained delegation code. Andrew Bartlett
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-061-0/+2
| | | | them
* build: waf quicktest nearly worksAndrew Tridgell2010-04-061-5/+6
| | | | | Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-061-0/+53
|
* s4:kdc Add support for changing password of a servicePrincipalNameAndrew Bartlett2010-03-251-10/+32
| | | | | | | | Apparently AD supports setting a password on a servicePrincipalName, not just a user principal name. This should fix (part of) the join of OpenSolaris's internal CIFS server to Samba4 as reported by Bug #7273 Andrew Bartlett
* s4-kdc: Fixed the memory context of tstream_bsd_existing()Andreas Schneider2010-02-261-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:kdc add mit plugin codeSimo Sorce2010-02-253-0/+459
|
* s4:kdc make function staticSimo Sorce2010-02-252-6/+1
|
* More spelling fixes across source4/Brad Hards2010-02-221-1/+1
| | | | Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* Various source4 spelling fixes.Brad Hards2010-02-221-1/+1
| | | | Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* s4-dsdb: removed gendb_search_single_extended_dn()Andrew Tridgell2010-02-161-13/+16
| | | | | | Use dsdb_search_one() instead, which allows for arbitrary controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flagsAndrew Tridgell2010-02-161-1/+1
| | | | This allows for controls to be added easily where they are needed.
* s4:kdc Fill in created_by principal fieldSimo Sorce2010-02-121-4/+7
|
* s4:kdc Fix double free and uninitialized memory.Simo Sorce2010-02-121-2/+13
| | | | | | In samba_kdc_trust_message2entry() on error, hdb_free_entry() may end up trying to access uninitialized memory or double free the hdb_entry.
* s4:kdc Streamline client access verification callSimo Sorce2010-01-313-70/+129
| | | | Move the core to pac-glue so that other plugins can use it.
* s4:kdc Fix netbios name retrievalSimo Sorce2010-01-311-2/+2
| | | | The code was looping but always checking only the first address.
* s4:kdc remove dead code and commentsSimo Sorce2010-01-281-5/+0
|
* s4:kdc Fill in more data fieldsSimo Sorce2010-01-281-4/+8
|
* s4:kdc move db functions in their own fileSimo Sorce2010-01-287-1467/+1618
| | | | | | | | | | Keep all heimdal related plugin code within hdb_samba4.c Move interfaces needed by multiple plugins in db-glue.c Move sequence context in main db context so that we do not depend on db->hdb_dbc in the common code. Remove unnecessary paremeters from function prototypes
* s4:kdc Use a clearer name for the samba kdc entrySimo Sorce2010-01-284-32/+30
| | | | | | Renames hdb_samba4_private to samba_kdc_entry Streamlines members of the entry and the kdc db contextto avoid unnecessary duplication.
* s4:kdc Use better db context structureSimo Sorce2010-01-285-88/+109
| | | | | | | | This allows to use a common structure not tied to hdb_samba4 Also allows to avoid many casts within hdb_samba4 functions This is the first step to abstract samba kdc databse functions so they can be used by the MIT forthcoming plugin.
* s4:windc move windc plugin in its own fileSimo Sorce2010-01-275-191/+228
| | | | | Keep all heimdal related plugin code within wdc-samba4.c Leave only interfaces common to multiple plugins in pac-glue.c
* s4:PAC make common functions publicSimo Sorce2010-01-272-25/+70
|
* s4:PAC Streamline pac-glue step 2Simo Sorce2010-01-271-55/+113
| | | | | Split functions so that no assumption is made about which plugin is using them
* s4:PAC Streamline pac-glueSimo Sorce2010-01-271-19/+40
| | | | First step, preparing to share the code between multiple plugins.
generated by cgit (git 2.34.1) at 2024-09-28 21:29:01 +0000