summaryrefslogtreecommitdiffstats
path: root/source
Commit message (Collapse)AuthorAgeFilesLines
...
* r11226: Cope with Samba3's behaviour on LDAP with GSS-SPNEGO.Andrew Bartlett2005-10-201-2/+3
| | | | Andrew Bartlett
* r11225: Remove pointless goto.Andrew Bartlett2005-10-201-2/+0
| | | | Andrew Bartlett
* r11223: Only pass around the ldb handle (make this code easier to seperateAndrew Bartlett2005-10-201-21/+21
| | | | | | into a general lib). Andrew Bartlett
* r11222: Small provision fixes: canonicalName is now generated, and the DC=Andrew Bartlett2005-10-202-2/+1
| | | | | | list should be from the dnsdomain (ie lowercae). Andrew Bartlett
* r11221: I don't quite know how I tested this before, but clearly I didn't.Andrew Bartlett2005-10-201-3/+4
| | | | | | The samdb_set_password_sid helper function now works. Andrew Bartlett
* r11220: Add the ability to handle the salt prinicpal as part of theAndrew Bartlett2005-10-205-29/+51
| | | | | | | | | credentials. This works with the setup/secrets.ldif change from the previous patch, and pretty much just re-invents the keytab. Needed for kpasswdd work. Andrew Bartlett
* r11219: Now that we have the credentials hooked in here, we have a much moreAndrew Bartlett2005-10-201-1/+10
| | | | | | reasonable value to fill in for the mechListMIC. Andrew Bartlett
* r11218: Always return the mutual authentication reply (needed for kpasswd),Andrew Bartlett2005-10-202-45/+13
| | | | | | and remove now duplicated unwrap_pac(). Andrew Bartlett
* r11217: Ensure the realm is substituted in UPPER case.Andrew Bartlett2005-10-201-2/+2
| | | | Andrew Bartlett
* r11216: Upgrade to gd's PAC extraction code from Samba3. While I still wantAndrew Bartlett2005-10-204-47/+140
| | | | | | | to make some this the kerberos library's problem, we may as well use the best code that is around. Andrew Bartlett
* r11215: Remove no-op prompter intended to work around bugs in old kerberos ↵Andrew Bartlett2005-10-201-27/+1
| | | | | | | | | libs. I'm also worried this might cause loops, if we get a 'force password change', and the prompter tries to 'deal with it'. Andrew Bartlett
* r11214: Remove scons files (see ↵Jelmer Vernooij2005-10-2053-1243/+0
| | | | http://lists.samba.org/archive/samba-technical/2005-October/043443.html)
* r11212: Enable sealing of data with raw krb5, consolidate some code into theAndrew Bartlett2005-10-201-61/+63
| | | | | | main gensec_krb5_start and always ask for sequence numbers. Andrew Bartlett
* r11211: Append an error message to COL_INFO if the RPC call returned an error.Tim Potter2005-10-201-2/+8
|
* r11210: Log registry open function name when starting hive tests.Tim Potter2005-10-201-6/+12
|
* r11209: We can't read the priorSecret unless we ask for it.Andrew Bartlett2005-10-201-0/+1
| | | | Andrew Bartlett
* r11208: Add DNS entries for finding the kpasswd server to the default zone.Andrew Bartlett2005-10-201-0/+7
| | | | Andrew Bartlett
* r11207: Correct principal search defineAndrew Bartlett2005-10-201-1/+1
|
* r11206: It appears to me that any account may operate as a server.Andrew Bartlett2005-10-201-1/+5
| | | | Andrew Bartlett
* r11205: Another test for cracknames.Andrew Bartlett2005-10-201-1/+10
| | | | Andrew Bartlett
* r11204: Allow us to read credentials from secrets.ldb without aAndrew Bartlett2005-10-201-6/+2
| | | | | | secureChannelType (non machine join records). Andrew Bartlett
* r11203: Use different variable names to make it easier to tell which assert ↵Andrew Bartlett2005-10-201-4/+4
| | | | | | fired. Andrew Bartlett
* r11202: Add more structs to structs.hAndrew Bartlett2005-10-201-0/+3
|
* r11201: New filters for searching in secrets.ldbAndrew Bartlett2005-10-201-1/+3
| | | | Andrew Bartlett
* r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett2005-10-2017-286/+389
| | | | | | | | | | | | | | | | | | authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett
* r11199: Push an objectSid into the schannel state database, to match the new ↵Andrew Bartlett2005-10-201-10/+2
| | | | | | header. Andrew Bartlett
* r11198: The recent changes to netlogon changed this from a RID to a SID.Andrew Bartlett2005-10-201-1/+1
| | | | Andrew Bartlett
* r11197: indentAndrew Bartlett2005-10-201-2/+2
|
* r11196: Clean up memory leaks (pointed out by vl), and handle the case whereAndrew Bartlett2005-10-201-11/+47
| | | | | | | | | | | the client doesn't guess correctly on the mech to use. It must back off and try the mech the server selected from the list. I'm not particularly attached to our SPNEGO parser, so while I can't easily use the SPNEGO application logic in Heimdal, I'm going to look closely at using the asn1 routines to avoid some pain here. Andrew Bartlett
* r11195: Add a new helper function (needed by my kpasswdd work, but hooked inAndrew Bartlett2005-10-202-242/+136
| | | | | | | | | | | for netlogon as well) to change/set a user's password, given only their SID. This avoids the callers doing the lookups, and also performs the actual 'set', as these callers do not wish any further buisness with the entry. Andrew Bartlett
* r11194: Use the special ldb attribute "canonicalName" (therefore testing thatAndrew Bartlett2005-10-201-11/+20
| | | | | | | | codepath) in DRSUAPI CrackNames. Fix the NT4 account return value. Andrew Bartlett
* r11193: Implement wbinfo -mVolker Lendecke2005-10-196-8/+173
|
* r11192: Too many contexts around... :-)Volker Lendecke2005-10-191-1/+1
|
* r11189: add some more special group vs. special group tests,Stefan Metzmacher2005-10-192-2/+15
| | | | | | | to make sure that replicas from the same owner are blinding overwritten in all cases metze
* r11188: - add multi homed vs. multi homed sectionStefan Metzmacher2005-10-192-6/+183
| | | | metze
* r11187: in case the msDS-KeyVersionNumber is replicated (I didn't assume ↵Stefan Metzmacher2005-10-192-0/+4
| | | | | | | | | this...) show the string in the debug output, and show it with --option="dssync:print_pwd_blobs=yes" metze
* r11186: - get rid of some .extra = True casesStefan Metzmacher2005-10-192-8/+190
| | | | | | | - add multihomed vs unique section - update conflict handling for the above case metze
* r11185: - resolve attid for "supplementalCredentials" into a nameStefan Metzmacher2005-10-192-18/+22
| | | | | | | | | - print "supplementalCredentials" also when --option="dssync:print_pwd_blobs=yes" is used abartlet: this field may contain the krb5 keys... metze
* r11184: Remove test that checks whether ftruncate() needs root, because I can'tJelmer Vernooij2005-10-191-7/+0
| | | | | find the file it tries to use (build/tests/ftruncroot.c) and the value it defines is not used anywhere.
* r11182: Explicitly add "." to perl include path so that perl doesn't use the Jelmer Vernooij2005-10-191-1/+1
| | | | | Config module instead of the configure-generated config.pm on case-insensitive filesystems (MacOSX, OpenVMS)
* r11181: Implement wbinfo -s and wbinfo --user-sids. The patch is so large ↵Volker Lendecke2005-10-1919-240/+1422
| | | | | | | | | | because --user-sids required the extension to trusted domains. Implement "winbind sealed pipes" parameter for debugging purposes. Volker
* r11179: revert to the old code, till jelmer find a solution how toStefan Metzmacher2005-10-191-1/+1
| | | | | | handle a UTF16 string in a uint8 array metze
* r11178: add some logic functions for the replica_vs_replica conflict handlingStefan Metzmacher2005-10-191-0/+259
| | | | | | | to our winsrepl server, but it handles only the simple cases (without merging) and we still didn't apply records to our wins.ldb, we just print out what we would do metze
* r11177: move unique vs * and normal group vs * into this formStefan Metzmacher2005-10-191-338/+113
| | | | | | | | | | | | | | | | | | | ACTIVE vs ACTIVE ACTIVE vs TOMBSTONE RELEASED vs ACTIVE RELEASED vs TOMBSTONE TOMBSTONE vs ACTIVE TOMBSTONE vs TOMBSTONE as it seems that is all we need to test, and w2k3 only decides between ACTIVE and NON-ACTIVE (REALEASED or TOMBSTONE) when it gets new replica objects also I have removed all the extra test, we only test the worst cases now, and this will make the algorithms more clear when you look at the output of the NBT-WINSREPLICATION torture test metze
* r11176: - add multi homed vs. special group sectionStefan Metzmacher2005-10-191-1/+179
| | | | metze
* r11175: - add multi homed vs. normal group sectionStefan Metzmacher2005-10-191-1/+178
| | | | metze
* r11174: - add special group vs. multi homed sectionStefan Metzmacher2005-10-191-1/+179
| | | | | | | | | | - disable special group vs. special group, I need to look closer at this, as I'm getting strange timeouts randomly, so the server might be doing some challegnes while doing the merging of special group records, witch reaches timeouts metze
* r11173: print out the correct messagesStefan Metzmacher2005-10-191-2/+20
| | | | metze
* r11172: - start with special group vs. special group testingStefan Metzmacher2005-10-191-4/+143
| | | | metze
* r11171: fix the buildStefan Metzmacher2005-10-191-1/+2
| | | | metze
generated by cgit (git 2.34.1) at 2025-10-02 19:29:51 +0000