summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-05-04s3: Use hex_encode_bufVolker Lendecke1-3/+1
2012-05-04s3: Remove an unused extern declarationVolker Lendecke1-2/+0
2012-05-04s3: Remove an unused parameter from check_parent_access()Volker Lendecke1-10/+3
2012-05-04s3: In mkdir_internal, don't retrieve parent_dir from check_parent_accessVolker Lendecke1-1/+1
We have already created that ourselves a few lines above
2012-05-04waf: Fix com_err detection with MIT krb5.Andreas Schneider1-2/+5
Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Fri May 4 18:43:05 CEST 2012 on sn-devel-104
2012-05-04s4:auth/kerberos: don't do tracing in MIT buildAlexander Bokovoy1-17/+0
Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-04s4:torture: auth/pac.c: use Kerberos wrapper for krb5_keyblock_initAlexander Bokovoy1-4/+4
Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-04Avoid using Heimdal-specific tests in MIT buildAlexander Bokovoy3-3/+14
2012-05-04s4:ntvfs: add missing headers to vfs_ipcAlexander Bokovoy1-0/+2
vfs_ipc.c had system/kerberos.h and system/filesys.h missing Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-04Fix direct access to krb5_principal structureSimo Sorce1-2/+4
2012-05-04auth-session: MIT doesn't have import/export cred yetSimo Sorce3-3/+8
For now let's just loose this functionality with the MIT build. gss_import/export_cred should be availa ble when MIT 1.11 is released and this code is used only in some proxy scenario. Not normally needed for common configurations.
2012-05-04s4-auth: Use smb_krb5_cc_get_lifetime() wrapper.Andreas Schneider1-2/+2
Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-04krb5samba: Add a smb_krb5_cc_get_lifetime() function.Andreas Schneider5-1/+64
Signed-off-by: Simo Sorce <idra@samba.org>
2012-05-04s4-auth-krb: Make srv_keytab.c build against MIT KerberosSimo Sorce1-8/+11
2012-05-04krb5samba: Add compat function for krb5_kt_compareSimo Sorce2-0/+39
2012-05-04Fix incompatible assignment warningSimo Sorce1-1/+1
2012-05-04krb5samba: Add compat krb5_make_principal for MIT buildSimo Sorce5-1/+49
2012-05-04Fix compiler warningSimo Sorce1-1/+1
2012-05-04s4-auth-krb: Use compat code to initialize keyblock contentsSimo Sorce1-1/+1
2012-05-04krb5samba: Add compat code to initialize keyblock contentsSimo Sorce3-0/+28
2012-05-04s4-auth-krb: Disable code in MIT buildSimo Sorce1-1/+4
Unfortunately these functions are not available in MIT and there is no easy workaround or compat funciton I can see at this stage. Will fix properly once MIT gets the necessary functions or if another workaround can be found.
2012-05-04Move keytab_copy to krb5samba libSimo Sorce4-4/+14
This is a helper fucntion that uses purely krb5 code, so it belongs to krb5samba which is the krb5 wrapper for samba.
2012-05-04Fix keytab_copy to compile with MIT librariues tooSimo Sorce1-10/+12
2012-05-04keytab_copy: Fix style, whitespacesSimo Sorce1-8/+17
2012-05-04kerberos_pac: Fix code to work with MIT tooSimo Sorce1-3/+3
2012-05-04s4-auth-krb: smb_rd_req_return_stuff is used only in gensec_krb5Simo Sorce5-2/+13
Make it clearly a gensec_krb5 accessory file. This function should never be used anywhere else. This function was copied out from the Heimdal tree and is kept in a separate file for clarity and to keep the original license boilerplate.
2012-05-04Split normal kinit from s4u2 flavored kinitSimo Sorce3-38/+92
This makes it simpler to slowly integrate MIT support and also amkes it somewhat clearer what operation is really requested. The 24u2 part is really only used by the cifs proxy code so we can temporarily disable it in the MIT build w/o major consequences.
2012-05-04Move kerberos_kinit_password_cc to krb5samba libSimo Sorce5-427/+406
2012-05-04Move kerberos_kinit_keyblock_cc to krb5samba libSimo Sorce7-56/+102
Make it also work with MIT where krb5_get_in_tkt_with_keyblock is not available.
2012-05-04krb-init: define out heimdal specific stuff in mitkrb buildSimo Sorce1-3/+12
2012-05-04s4-auth-krb: avoid useless conditionSimo Sorce1-1/+1
Code bails out with ENOMEM 2 lines a bove if config_file is NULL anyways
2012-05-04krb5samba: Remove unnecessary include fileSimo Sorce1-1/+0
2012-05-04Fix krb5_samba.c buildSimo Sorce1-0/+4
2012-05-04s4:torture: add a check for talloc success in test_session_reauthVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 4 16:50:59 CEST 2012 on sn-devel-104
2012-05-04s3: remove some unused codeVolker Lendecke2-28/+0
2012-05-04s3: Fix a typoVolker Lendecke1-1/+1
2012-05-04s4-dsdb: Use data_blob_string_const and add explaination for open-coded ↵Andrew Bartlett1-4/+6
function in samldb Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 4 02:34:41 CEST 2012 on sn-devel-104
2012-05-04s4-dsdb: Use strcasecmp_m() to compare possibly multibyte strings in samldbAndrew Bartlett1-5/+5
2012-05-04s4:samldb LDB module - make sure to not add identical ↵Matthias Dieter Wallnöfer2-16/+88
"servicePrincipalName"s more than once The service principal names need to be case-insensitively unique, otherwise we end up in a LDB ERR_ATTRIBUTE_OR_VALUE_EXISTS error. This issue has been discovered on the technical mailing list (thread: cannot rename windows xp machine in samba4) when trying to rename a AD client workstation.
2012-05-03s3:passdb fix a compiler warningChristian Ambach1-1/+1
this one could have caused crashes Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Thu May 3 23:22:05 CEST 2012 on sn-devel-104
2012-05-03s3:vfs fix compiler warningChristian Ambach1-0/+5
vfs_default.c:1875:10: warning: no previous prototype for 'vfswrap_audit_file'
2012-05-03s3:lib fix compiler warningsChristian Ambach1-0/+6
g_lock.c:182:20: warning: no previous prototype for ‘g_lock_lock_send’ g_lock.c:270:10: warning: no previous prototype for ‘g_lock_lock_recv’
2012-05-03UTIL_TDB: lowercase name.Jelmer Vernooij6-9/+9
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 20:18:22 CEST 2012 on sn-devel-104
2012-05-03libtorture: Improve suggestion to mention torture_assert_*() rather thanJelmer Vernooij1-1/+1
torture_result().
2012-05-03s4:torture: add a new smb2.session.reauth3 test - getting security descriptorMichael Adam1-0/+100
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Thu May 3 17:38:14 CEST 2012 on sn-devel-104
2012-05-03torture: Suggest torture_fail() / torture_result().Jelmer Vernooij1-1/+2
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 15:31:06 CEST 2012 on sn-devel-104
2012-05-03provision: remove reference to no longer existing template files.Jelmer Vernooij2-9/+6
2012-05-03s4-samba-tool: make new samba-tool group listmembers use samAccountNameAndrew Bartlett2-4/+4
This is the unique username value. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 3 01:57:41 CEST 2012 on sn-devel-104
2012-05-03s4-s3upgrade: Force ldapsam:trusted = yesAndrew Bartlett1-0/+3
While this setting is not the default in Samba3, any domain that is in a suitable condition to upgrade to Samba4 should already be in the layout that ldapsam:trusted uses. It can be turned off by setting ldapsam:trusted=false in the smb.conf. Many upgrades to Samba4 happen on a different host to the old Samba3 domain and this avoids the need to configure nss_ldap only for the duration of the upgrade. Andrew Bartlett
2012-05-03Extension to the samba-tool group subcommand functionality to allow listing ↵Lukasz Zalewski3-0/+91
of the members of an AD group