summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10066: This is the second in my patches to work on Samba4's kerberos support,Andrew Bartlett17-761/+961
with an aim to make the code simpiler and more correct. Gone is the old (since the very early Samba 3.0 krb5 days) 'iterate over all keytypes)' code in gensec_krb5, we now follow the approach used in gensec_gssapi, and use a keytab. I have also done a lot of work in the GSSAPI code, to try and reduce the diff between us and upstream heimdal. It was becoming hard to track patches in this code, and I also want this patch (the DCE_STYLE support) to be in a 'manageable' state for when lha considers it for merging. (metze assures me it still has memory leak problems, but I've started to address some of that). This patch also includes a simple update of other code to current heimdal, as well as changes we need for better PAC verification. On the PAC side of things we now match windows member servers by checking the name and authtime on an incoming PAC. Not generating these right was the cause of the PAC pain, and so now both the main code and torture test validate this behaviour. One thing doesn't work with this patch: - the sealing of RPC pipes with kerberos, Samba -> Samba seems broken. I'm pretty sure this is related to AES, and the need to break apart the gss_wrap interface. Andrew Bartlett (This used to be commit a3aba57c00a9c5318f4706db55d03f64e8bea60c)
2007-10-10r10052: Add 'print' commandJelmer Vernooij1-0/+22
(This used to be commit d99c9e2817fbbe2a0a34910672c8473889bc6176)
2007-10-10r10048: Dissect a security_secinfo as a uint32 just to get the winregTim Potter1-0/+1
dissector compiling and linking. It's really an enum defined in security.idl. (This used to be commit b62811afcb85accf9ea0cf12f4b659cd9898e275)
2007-10-10r10047: Translate an idl NTTIME to an ethereal FT_ABSOLUTE_TIME instead ofTim Potter1-2/+6
a FT_UINT64. Not sure about a NTTIME_hyper though. (This used to be commit 42568d3f286679656417301d1cf29d3f0cd71030)
2007-10-10r10046: Don't generate any ethereal dissectors for security.idlTim Potter1-0/+1
(This used to be commit 5b8b956887f80e99894e5732568ee65d670aaa72)
2007-10-10r10045: metze reminded me to use the correct enum entry, rather than 0 for theAndrew Bartlett1-1/+1
return here. Andrew Bartlett (This used to be commit 73bd6c75343808952d97e32be9f624aba11c78d1)
2007-10-10r10044: Microsoft has defined this bit:Andrew Bartlett1-1/+1
support.microsoft.com/?kbid=832572 (It inhbits the generation of a PAC). Andrew Bartlett (This used to be commit 330f351085089cc8f72eb350ec8b017b35e7e59c)
2007-10-10r10043: Only recompile subsystems that actually need recompilationJelmer Vernooij3-6/+3
(This used to be commit de9830979788528754175b17fe45477e6ce9ce9e)
2007-10-10r10041: Add 'gcov' make target. RunJelmer Vernooij4-2/+18
'make clean gcov' to generate a set of files describing the test coverage of the Samba 4 code. (This used to be commit 72bb84add469ad4f027ddbd8d73bb846b0609fa2)
2007-10-10r10038: Update instructions on using gcov with ldbJelmer Vernooij1-9/+5
(This used to be commit 8d246fac49332426699e797f52ef694083b5e2ea)
2007-10-10r10035: This patch removes the need for the special case hackAndrew Bartlett7-91/+84
'MEMORY_WILDCARD' keytab type. (part of this checking is in effect a merge from lorikeet-heimdal, where I removed this) This is achieved by correctly using the GSSAPI gsskrb5_acquire_cred() function, as this allows us to specify the target principal, regardless of which alias the client may use. This patch also tries to simplify some principal handling and fixes some error cases. Posted to samba-technical, reviewed by metze, and looked over by lha on IRC. Andrew Bartlett (This used to be commit 506a7b67aee949b102d8bf0d6ee9cd12def10d00)
2007-10-10r10032: Add tdr generated files to clean targetJelmer Vernooij1-1/+2
(This used to be commit c1e9fb24e1b53fb2c5ee6e32454350dff710c627)
2007-10-10r10030: Add hierarchical memory allocation to TDR's pull functionsJelmer Vernooij6-61/+59
(This used to be commit 0e358de93a007db921ad5e9a892114122254de39)
2007-10-10r10028: More registry fixes.Jelmer Vernooij2-41/+115
Remove save_hive() function (there is a flush_key function already). Fixes for the allocation mechanism in the REGF backend (This used to be commit 499d03bc90382bcd33c8c3a1577a58d2c76e5129)
2007-10-10r10027: Use blob length for keeping track of buffer length, add TODOJelmer Vernooij3-23/+48
(This used to be commit a924bec84b6d0a84db05c4315126474c9248fe2d)
2007-10-10r10026: Move registry header file to lib/registryJelmer Vernooij10-10/+53
Add support for showing security descriptor in regshell Add support for saving files in NT4 registry backend (This used to be commit 47cecd4726e6568f1aafb404646d2664f630a9bb)
2007-10-10r10025: Add some utility functions for storing/loading tdr encoded dataJelmer Vernooij2-92/+82
(This used to be commit bcd433bfc1450317b75e22942dee1c42bb24ae79)
2007-10-10r10022: Merge tpot's fix for IRIX and AIX_rea build problems from ↵Andrew Bartlett1-3/+3
lorikeet-heimdal to Samba4. Andrew Bartlett (This used to be commit 6835e427907bf52f7fdd332b726ffa47041853de)
2007-10-10r10021: More kerberos notes.Andrew Bartlett1-3/+20
(This used to be commit f36e657a416d7ec7146d84da88b28c2606ff838a)
2007-10-10r10020: Support for malloc / realloc / free in HBIN blocksJelmer Vernooij3-25/+333
Initial support for adding keys (still broken though) (This used to be commit ff8d3a27c1b9bb37de39e7d7b974702b2b8c4437)
2007-10-10r10019: Only return NT_STATUS_NO_MEMORY if the alloc failed..Jelmer Vernooij1-1/+5
(This used to be commit ea92959209fa256a8190df19e8c27b368169724f)
2007-10-10r10016: Support reading security descriptors on keys.Jelmer Vernooij4-3/+66
(This used to be commit b349e902c7b0140cd94e241ba9f81c83fa54f603)
2007-10-10r10015: Change the NT4 registry backend to use the IDL-generate parse functions.Jelmer Vernooij5-2240/+1042
(This used to be commit 0ad46ef804c0654e927f9c14ea93c45f9e3c718c)
2007-10-10r10014: Support ?, : and = in attribute arguments.Jelmer Vernooij1-0/+3
(This used to be commit 6a549f35583e71531bea56ce717635ad9499441a)
2007-10-10r10013: Support zero-sized strings.Jelmer Vernooij1-0/+5
(This used to be commit cf3be71c33ec8e43c883ce05fd1a63d1178446ad)
2007-10-10r10010: Support base_type() attributeJelmer Vernooij1-1/+3
(This used to be commit c0bae9b0b5cb56aea98e33b4d0a9d29c6622dd27)
2007-10-10r10009: Fix bug in uint8 parsing functionsJelmer Vernooij1-2/+4
(This used to be commit abb0db12185a3b3ef7da16fa3d742336afeb8ef0)
2007-10-10r10007: Merge data_blk and data_len member of registry_value into a DATA_BLOB.Jelmer Vernooij14-103/+92
Fix handling of REG_DWORD in the LDB backend. Fix a couple of warnings (This used to be commit 709fdc7ebf5a77cfb50359fad978884777decc3b)
2007-10-10r10006: Insert correct header file.Jelmer Vernooij2-6/+9
(This used to be commit dfa45ec1b329ad01daf81beeb31985811ce4f5af)
2007-10-10r10000: Congratulations to me for getting the 10,000th commit.Tim Potter1-0/+1
(This used to be commit d5c12a02af1d86de08109efddd2a588893dffbcc)
2007-10-10r9995: Add file describing the REGF file format in IDL.Jelmer Vernooij1-0/+154
(used in reg_backend_nt4.c rewrite) (This used to be commit 5e1a16eda28d432b94dc933b44da3ca556f92fdf)
2007-10-10r9994: Unused variable.Tim Potter1-1/+0
(This used to be commit ce4902f8dea2b6f3568960278e08395ea3927146)
2007-10-10r9993: Gcc is fussy about the lack of parentheses around assignment statements.Tim Potter1-1/+1
(This used to be commit 908ba892598af83ae2fbe661d40e9f10ff3e34a0)
2007-10-10r9992: More fixes from the 64-bit warning police.Tim Potter1-2/+2
(This used to be commit cda829f0d9476bd8b057a7019f55fac206205825)
2007-10-10r9991: Some more 64-bit size_t warnings. There are a few more but they areTim Potter1-2/+2
too hard to fix right now. (-: (This used to be commit a64b813ff70ccf203e65ddb9d5ee3f5dc3495a15)
2007-10-10r9990: Fix some 64-bit size_t warnings.Tim Potter1-3/+3
(This used to be commit dd148451d7d554dc0b102023e6a22439fd3b4b81)
2007-10-10r9984: Honour the NOEMIT conformance directive for entire IDL files.Tim Potter2-2/+4
(This used to be commit 73dffade2c008b26eaf3924d31693c27328b8586)
2007-10-10r9983: Make the NOEMIT conformance directive with no argument mean do notTim Potter1-2/+9
emit any dissectors for this IDL. (This used to be commit 55a98b3dfdef21df172dac6cff4ebc114b35df00)
2007-10-10r9982: Strip prefixes off the check for noemit in the conformance info so youTim Potter1-4/+6
can use the typedef names in the IDL rather than the autogenerated function names. This means you can say "NOEMIT security_descriptor" instead of "NOEMIT dissect_security_descriptor_type" or whatever. (This used to be commit ec80c5ceec3c96dc847d171967472cce99edcdc7)
2007-10-10r9980: Fix some warnings.Tim Potter1-3/+2
(This used to be commit 716011dd92d65caacb31ae399b580defa4e6fb2d)
2007-10-10r9959: Fix bug where data offset was incorrect after parsing element withJelmer Vernooij1-17/+2
[charset] (This used to be commit b17478229e8e9220858fcc85a19ec751450f969d)
2007-10-10r9957: Switch to using DATA_BLOBs internally in TDRJelmer Vernooij2-33/+25
(This used to be commit 351149d160e893a3fdd4a5b11ec4b4b2bbf264a9)
2007-10-10r9954: getntacl depends on EXT_LIB_XATTRStefan Metzmacher1-1/+2
(maybe we need to disable this binary when EXT_LIB_XATTR isn't enabled) metze (This used to be commit 0e5cac10cbcf0d3576cc042f6c0298b10b537464)
2007-10-10r9951: Add another value to the default HKLM.Jelmer Vernooij2-13/+28
Convert Samba3 policy "refuse machine pw change" to registry value. (This used to be commit a143234ac7622ef3ef87c80224927551a1452e4b)
2007-10-10r9949: Portability fixes for mingw32Jelmer Vernooij2-4/+3
(This used to be commit 994093b08ee463066c6bae494b10374bd700b0b0)
2007-10-10r9948: Be a bit less verboseJelmer Vernooij1-1/+1
(This used to be commit 071dba2d0ae964e9901adf0c4870894deed43650)
2007-10-10r9942: CN=Configuration is always under the database-wide base dn, so don'tAndrew Bartlett1-5/+2
try and pass it down as a parameter. Andrew Bartlett (This used to be commit 530d91de7ca4d3763326bc9f5b0e79e77b823778)
2007-10-10r9941: Update the CrackNames test, and provide a much improved server-sideAndrew Bartlett2-160/+613
DRSUAPI CrackNames. We can't pass the full cracknames test until the initial provision is updated, the seperate DomainControllerInfo and canonical names support is added. Andrew Bartlett (This used to be commit ed24d88f0e8c6371acf6638a1c5f2112bc0bf285)
2007-10-10r9940: When guessing, don't make DEBUG(1,... errors.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 664736e73df60ccfd24a41fda75031cb6b7d08cd)
2007-10-10r9939: Add configure check for yapp.James Peach3-2/+5
(This used to be commit 0300f2329c71429e43ed18e6f411985a76e5aad5)