Age | Commit message (Collapse) | Author | Files | Lines |
|
writing out a custom krb5.conf file containing
the KDC I need. This may suck.... Needs some
testing :-).
Jeremy.
(This used to be commit d500e1f96d92dfcc6292c448d1b399195f762d89)
|
|
the client sitename is "Default-First-Site-Name".
Treat this as a blank site (no site configured).
Jeremy.
(This used to be commit 5c46381bd7dd1b3f11f427d111ded0b76fc1bec8)
|
|
Jeremy.
(This used to be commit b8cedcac933fef9370bd42d1ff7c35c5c27103d1)
|
|
Cause winbindd to set site support before doing the
generic AD server lookup.
Jeremy.
(This used to be commit a9833941715472ece747bce69ef53ba8ad98d7a5)
|
|
(This used to be commit 70f223554922947a17e81f1002b184db879a2195)
|
|
Jeremy.
(This used to be commit 2829dbc3e01d967887e25d1bcacb1d538fc11e59)
|
|
the code to redo the CLDAP query to restrict DC
DNS lookups to the sitename. Jerry, please check
to stop me going insane :-).
Jeremy.
(This used to be commit 8d22cc111579c57aec65be8884b41564b79b133a)
|
|
support when looking up DC's. On every CLDAP
call store the returned client sitename (if
present, delete store if not) in gencache with
infinate timeout. On AD DNS DC lookup, try looking
for sitename DC's first, only try generic if
sitename DNS lookup failed.
I still haven't figured out yet how to ensure
we fetch the sitename with a CLDAP query before
doing the generic DC list lookup. This code is
difficult to understand. I'll do some experiments
and backtraces tomorrow to try and work out where
to force a CLDAP site query first.
Jeremy.
(This used to be commit ab3f0c5b1e9c5fd192c5514cbe9451b938f9cd5d)
|
|
Destructors now take a pointer to the "real" destroyed object as an argument.
Volker
(This used to be commit 70edd716ef0ccb218fe18d1233bd30abe46b62bf)
|
|
(this needs to be moved to a samba3 specific place)
I commit this because I habe no time to test smbcontrol .... pool-usage
and don't want to break it. I'll try to find a better fix tomorrow.
metze
(This used to be commit ae313ab4caa5652199b9aaceb30b4d432ab4f393)
|
|
stuff to tallocmsg.c
metze
(This used to be commit 7704e3e51dec1768772663024a0579cb4a271cc1)
|
|
Jeremy.
(This used to be commit 37c636eb480e3736b143653231d73620152eb470)
|
|
(This used to be commit 9810d74e171542408eea3ec22a0ebb57a9e1e87e)
|
|
(This used to be commit 779eba0a7cab3156b8580410cfe288609a288548)
|
|
(This used to be commit b9227bde1328c09c61cc23fdbb4fa756e919c4a6)
|
|
call ntlmssp_end on a null pointer ! (Doh !).
Jeremy.
(This used to be commit 7b53932b5190c78b2b483f36af95174fe38ed45e)
|
|
Jeremy.
(This used to be commit e8b0649fe167c3446eb6121ed666254fdf53aa58)
|
|
deref null. Make interface explicit.
Jeremy.
(This used to be commit 4e99606ec16b978a76219b5362a23a7b06ee5468)
|
|
do what it's supposed to.
Jeremy.
(This used to be commit 4b7387a054bfc1587e0b9b7088f420a5bcf0bad9)
|
|
Jeremy.
(This used to be commit e77949175144cbe4cfa58788d13acc704eebc251)
|
|
krb5 refresh creds when doing cached NTLM auth, request
the memory creds instead.
Jeremy.
(This used to be commit 310ac0b226edcfd5bedc2c3305a05993db20c7af)
|
|
just
silly :-)
Volker
(This used to be commit 8b6f5937db4b18db711dd0c4f1ae904087249000)
|
|
get_sorted_dc_list
return NTSTATUS.
If we want to differentiate different name resolution problems we might want
to introduce yet another error class for Samba-internal errors. Things like no
route to host to the WINS server, a DNS server explicitly said host not found
etc might be worth passing up.
Because we can not stash everything into the existing NT_STATUS codes, what
about a Samba-specific error class like NT_STATUS_DOS and NT_STATUS_LDAP?
Volker
(This used to be commit 60a166f0347170dff38554bed46193ce1226c8c1)
|
|
in in
'connecting to cups server on localhost'. There is no cups on that host, but
the TCP connection hangs in SYN_SENT. Probably some firewall rule.
Work around that.
Volker
(This used to be commit ab4e7b34da00c2a8f3244d84f08037ddfadf85d5)
|
|
Stanford Checker fix.
Jeremy.
(This used to be commit 2d8bdd2dce633253780a5b0378f229893d049666)
|
|
Jeremy.
(This used to be commit ae20201494f44cb98e58ba98531a79feeeb82b47)
|
|
in NULL as ctr to a void returning fn.
Jeremy.
(This used to be commit 397ab2b1ab72093ba0572493b2e97a93dfc75478)
|
|
Stanford checker.
Jeremy.
(This used to be commit 45d77ae12235e6b39cc30845d69ac3777d3eefd0)
|
|
Jeremy.
(This used to be commit 2894310cc8cddaec2a67f1af0ab62cc559283e77)
|
|
Jeremy.
(This used to be commit 1adb3b2432187e9a19b78cfa5762c3e05a357392)
|
|
Jeremy.
(This used to be commit ac06fc42cb9b1e2304d44653614aeaa7c537f34b)
|
|
Jeremy.
(This used to be commit 2a73e82f9663fc0e14b4c2af94de3b4216f1eece)
|
|
Stanford checker.
Jeremy.
(This used to be commit 09652dc71ce13bd305e653557e43731378398dd6)
|
|
Jeremy.
(This used to be commit 84e8cc0593c20b1262965a320d89b72a3dc9b402)
|
|
deref. I think this is a false positive, but it's
an easy extra check to add here.
Jeremy.
(This used to be commit 7d3b11ab18e2c793d43b6eed1803f2183b7b2daa)
|
|
an answer record. Found by the Stanford checker.
Jeremy.
(This used to be commit 1ec77c50118de808f710b17f878b1e80d4e351d5)
|
|
Stanford checker to flag null deref.
Jeremy.
(This used to be commit b7fc023e9025127855fab71002d556e5f84e00b4)
|
|
Stanford group.
Jeremy.
(This used to be commit cfd39c2804df3f67637adf223542daa208c893c7)
|
|
macro. Don't check for NULL if we would have already derefed.
Jeremy.
(This used to be commit 1cb379315a45a0c47feab0df1f07ec5d808a4259)
|
|
(This used to be commit 2e9f5c520a843ad22088388d155a172a63c140d5)
|
|
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 91878f9b6fbe5187fb7d0464008ea0abe7f11a73)
|
|
Thanks,
Volker
(This used to be commit 389910b2d376bc5795b0afacb86e45d7a6987491)
|
|
(This used to be commit 9f27824257924485a39bb60f00c9de02f869c4ff)
|
|
(This used to be commit b05cac3cb5b35fa305f3d881012cc8e7eca87bd8)
|
|
(This used to be commit ac7087a6516fa7e0d10523a892acae852a80e29e)
|
|
(This used to be commit cdcea36095a50a92ec1311979b8b2c572b971eaf)
|
|
(This used to be commit ec42ec31c05afb785adbe3c14f903889178df184)
|
|
from the krb5 ticket renewal code. This allows cached
credentials to be stored for single sign-on via ntlm_auth
for machines in a domain still using NTLM. Also (hopefully)
fixes the reference counting problem with pam_logon/logoff
so multiple logons/logoffs won't lose cached credentials.
This compiles, but I'm intending to test it over the weekend
so don't complain too much :-). I also want it in the tree
so Coverity can scan it for errors. Guenther, check this over
please - I ran through the architecture with Jerry and he's
ok with it, but this is modifying your code a lot.
Jeremy.
(This used to be commit 679eeeb91155dad3942efde6ae9f8d81faf18c5b)
|
|
Volker
(This used to be commit c0767c08d01a429e1abf7205c14acec5e103ca91)
|
|
Jeremy, you might want to look at the trans2 one.
Volker
(This used to be commit d727fc681c073a1b09accd31a07341b58e10eebb)
|