Age | Commit message (Collapse) | Author | Files | Lines |
|
we now can reference the DATA_BLOB that is used inside the dcesrv subsystem
metze
(This used to be commit 078f42bc3f74c66b69c7f76005812b221d691f7a)
|
|
that will allow the write_fn callback of dcesrv_output()
to reference the memory with a valid TALLOC pointer
metze
(This used to be commit d0574d407f426f5c001e943dee5c03d24f4fb21c)
|
|
and not for the ipc_read() replies as here the client explicit says how much data it wants
the write_fn() in dcesrv_output() now returns NTSTATUS
and the ipc specific implementations are moved to the ntvfs_ipc module
metze
(This used to be commit fe483dcd874b7243d61e9623840c672b4ea06b2c)
|
|
make test
- also we use ./prefix test as default and not `pwd`/prefix-test
to workaround the path length limit for unix sockets
... char sun_path[108]; ...
metze
(This used to be commit d04057b932266325b1267597b2bc202db392a88a)
|
|
I forgot to update the users)
Andrew Bartlett
(This used to be commit 44b86b7e6570e31ab07ce12593fb8834325c52c8)
|
|
generating function...
Andrew Bartlett
(This used to be commit 707cf5fba8e5652043d392d3ee77d042eb9c3a90)
|
|
(This used to be commit 6a3f62222285fa091968bb025edfe21fcf5dfb86)
|
|
(This used to be commit 5efea40ea63b6951b3bd4362f1ae57f960fefecf)
|
|
(This used to be commit 25d3872a6ebbc152a83695e667f5d08e69c8c8ea)
|
|
pending, which I know break lots of features, still passed our test
suite! Now they don't.
(This used to be commit 5801167c8dfc8a61bfeac396bca8ffd3d5270296)
|
|
requests. This is a simple change to accept that, as long as the first
one is NDR.
(This used to be commit 330293ddff39266abb688c6292e59472ff47aebe)
|
|
(This used to be commit 2de986455c9b616132f06a69c2f135019da2bb8b)
|
|
(This used to be commit 426c4d08ac9191c02dcd604a21ea390b7d255a41)
|
|
data or params
(This used to be commit b4f2d17ace6a609ec87da103a89e36edee8903f9)
|
|
possible. This is needed because w2k3 will return bogus IPs in its
name resolution replies when it has an unplugged network interface.
(This used to be commit 2fafc230520fb5bbe9f763de94aaba87b56f5411)
|
|
checksum in the right place...
Andrew Bartlett
(This used to be commit 90d0f502da20add6784c883b2085cde519604933)
|
|
Andrew Bartlett
(This used to be commit b10f224f5515a97fc4fd5c40b304180593df79ea)
|
|
rafal
(This used to be commit 6886aefe4c78e3e208eacb3c4b76f1189bd1352a)
|
|
We now generate the PAC, and can verifiy both our own PAC and the PAC
from Win2k3.
This commit adds the PAC generation code, spits out the code to get
the information we need from the NETLOGON server back into a auth/
helper function, and adds a number of glue functions.
In the process of building the PAC generation code, some hints in the
Microsoft PAC specification shed light on other parts of the code, and
the updates to samr.idl and netlogon.idl come from those hints.
Also in this commit:
The Heimdal build package has been split up, so as to only link the
KDC with smbd, not the client utils.
To enable the PAC to be veified with gensec_krb5 (which isn't quite
dead yet), the keyblock has been passed back to the calling layer.
Andrew Bartlett
(This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
|
|
Andrew Bartlett
(This used to be commit a68e348375ab026385e7d5162ed8da8f2adbd84e)
|
|
Samba4 going, with kerberos.
Andrew Bartlett
(This used to be commit d027d0f10682ca5906d2f1ae2889d476db61be9a)
|
|
and create the in-memory keytab with the correct kvno, if available.
Andrew Bartlett
(This used to be commit 7b7b2b038e25f3d767b5db7d6e41dd947fdde091)
|
|
Andrew Bartlett
(This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
|
|
This won't actually work until I get the keyblock filled in again, but
at least it will compile.
I first need to decide if we want to keep the server-side gensec_krb5
code at all, now we have the GSSAPI layer doing what we want.
Andrew Bartlett
(This used to be commit 28e49de9293002ee89f0666144c9028daefdde88)
|
|
Andrew Bartlett
(This used to be commit bba58a1876353effbef540dd0db9e66db5343c35)
|
|
the 'PAC', required for interopability with Active Directory.
This is still a cludge, as it doesn't handle different encryption
types, but that should be fairly easy to fix (needs PIDL/IDL changes).
Andrew Bartlett
(This used to be commit 690cfc44cef9b349cc31417d8353b6ce1c7832e1)
|
|
keys appear at the end of the PAC, which I feel is deliberate (it
makes this much easier).
I still can't make it work, but I'm sure we are closer.
Andrew Bartlett
(This used to be commit 6f0e1c80ae7b1e31e7a3fbff84f07442ee5a31cf)
|
|
line size limits
on some platforms
(This used to be commit e18dc32074fe56d7ccbcf9cc621a4b88abe957b1)
|
|
(This used to be commit 31e7df1392f39e170e3d072b8356e746208d0621)
|
|
Andrew Bartlett
(This used to be commit 817160ec1a85724c8bf482f128ea687396de0888)
|
|
absense of an apparent AD flag to control this behaviour.
Andrew Bartlett
(This used to be commit 9886aa6f0e64cdb30774bfba3f2c683a3dbec9c4)
|
|
'mock GSSAPI'.
Many thanks to Luke Howard for the work he has done on Heimdal for
XAD, to provide the right API hooks in GSSAPI.
Next step is to verify the signatures, and to build the PAC for the
KDC end.
Andrew Bartlett
(This used to be commit 2e82743c98e563e97c5a215d09efa0121854d0f7)
|
|
Andrew Bartlett
(This used to be commit 56a5ccd7d924343609698b034b91b4891fb3f08a)
|
|
have kerberos.
Andrew Bartlett
(This used to be commit 3d82b1417b9f2e31089cb8ee7e4f98bd226f2e75)
|
|
longer used.
Andrew Bartlett
(This used to be commit 14be7d95694dd7557af67dc94ee83a983d2f05f6)
|
|
a few minor issues.
Move ldb manpages one level higher - there is no longer a need to have
subdirectories.
(This used to be commit e8e3524b2394f4107230715ea38fb619332e0251)
|
|
the caller should free it
this fixed a double free bug noticed by
Дейтер Александр Валериевич <tiamat@komi.mts.ru>
metze
(This used to be commit ee1a5d5419f4d79af5c447a6b397a0f4dc89310a)
|
|
Not part of the "all" make target yet, as it requires xsltproc
(This used to be commit fd3f4636438cf1d9c0dd802064033271b9e4d935)
|
|
files to different packages.
(This used to be commit da706b14ab9391cc8af1789f3533a94ab935150f)
|
|
(This used to be commit f88a6018821163a52bdf384142c7d16f5011ab4e)
|
|
(This used to be commit cff7507f593816a831a14f03862f7bdb24c15d4f)
|
|
(This used to be commit 79d174005e3508745ea8b0bda2321abd184bf68b)
|
|
(This used to be commit 3898cdb0dc4722a7eb60a61b54ef778dab475aed)
|
|
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
|
|
This builds on the work tridge did to make -lcrypt conditional, rather
than globally linked. This was needed for Heimdal stuff, but then I
'fixed' heimdal, and we now reintroduce it here.
Andrew Bartlett
(This used to be commit 83d9d8f4827280a68dfd07beccf2924c9e0825b0)
|
|
not having these platforms they are untested,
let's hope the buildfarm can catch any problem
(This used to be commit 08ec299dcbdc8dba12568b95b636866f147b2e7c)
|
|
(This used to be commit 773f7afb7a99ae1f6df45dcf52cc358b52c0ba22)
|
|
in the ncacn_np trnaport
it's now supported to use the ip address in smbtorture for ncacn_np tests
that use dcerpc_server_name(),
and we can now pass the dns host name in the tree connect when we have the dns name
on the smbtorture command line
metze
(This used to be commit e29edbc7e62c738564ae842c9c01c969f5c70e5d)
|
|
(This used to be commit 447d5fcc1bdbdeaf2d96dbcace36b480b5a18c73)
|
|
- removed redundent $ADDARG code in selftest
(This used to be commit e431d0e9525c633c663ca48baea321369e39b226)
|