Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit 84ebb6cac224cabf3856a632de80a8a9c687329b)
|
|
-
We ran across a bug joining our Samba server to a Win2K domain with LDAP
signing turned on. Upon investigation I discovered that there is a bug
in Win2K server which returns a duplicated responseToken in the LDAP
bindResponse packet. This blob is placed in the optional mechListMIC
field which is unsupported in both Win2K and Win2K3. You can see RFC
2478 for the proper packet construction. I've worked with metze on this
to confirm all these finding.
This patch properly parses then discards the mechListMIC field if it
exists in the packet, so we don't produce a malformed packet error,
causing LDAP signed joins to fail. Also attached is a sniff of the
domain join, exposing Win2Ks bad behavior (packet 21).
-
(I've just changed the scope of the DATA_BLOB mechList)
metze
(This used to be commit 200b5bfb8180af09446762e915eac63d14c6c7b0)
|
|
(This used to be commit aa603bcc6c848de67ea07d6028ab841a8401d9ad)
|
|
Michael
(This used to be commit 7238884c2cb25dd9279703004ffab6618715a275)
|
|
uninitialized data.
Michael
(This used to be commit b4fff6d09d17a18eae61e8ca789f128cd094ba09)
|
|
rpccli_lsa_lookupsids_noalloc() returns an error for one hunk
of SIDs: free all allocated arrays and return the error code
returned by the hunk lookup.
Michael
(This used to be commit 2c68ebd6934206186dc6e635401f66c2fd1e1234)
|
|
as a special dest_len of sizeof(pstring).
Jeremy.
(This used to be commit 9fc14c83cc5e3a360464c33e26b1073db63763d7)
|
|
(This used to be commit cc4599fdc1fb9aa51f6a4487cb1aa78a5556757a)
|
|
(This used to be commit f1f4758e2c40a470c19b4b738f79ec5807522909)
|
|
same as talloc_strdup_upper.
Jeremy.
(This used to be commit db1b6293771755f20660b071aac0284638dbed46)
|
|
error propagation.
Michael
(This used to be commit 5a16da2185f07d1f48fabd93a7a6b8f2d6b91089)
|
|
return NTSTATUS to allow for better error propagation.
Michael
(This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
|
|
str_len == 0. We should just return 0 in this
case.
Jeremy.
(This used to be commit 8bb85f3f141f0f45b06d28f004cb2cf18252d4e1)
|
|
(This used to be commit b64df8a3c504ab7749c21ffb26e4771a9a0a328f)
|
|
we need -lunwind-x86 not -lunwind-i686
metze
(This used to be commit 2e5f4781652961d6369a64c48b92697c11262c51)
|
|
allow overwritting the location of the WINBINDD_SOCKET_DIR
via an environment variable
metze
(This used to be commit 93bdd2724cc711005a5f2f223b499199394e78e7)
|
|
Jeremy.
(This used to be commit 37cf2c272751065245dd46708af0a78f1f0c47df)
|
|
Jeremy.
(This used to be commit 6032fbc358c5015b2b6a23e13d978bf41ef9e5f3)
|
|
Jeremy.
(This used to be commit 4748d2639796e8caa67fae44d1cf660d49d82663)
|
|
Jeremy.
(This used to be commit 764574ee05ea4f13cdd30c0a0668ffeb81756989)
|
|
(This used to be commit 1a022267003480b4487a780ebaa6016f491828a3)
|
|
new name if unmangling succeeded, not if it
failed. Jerry - please re-test, this should
fix your bug.
Jeremy.
(This used to be commit c215d6e84929b70e4472e19f32ec4f1db7449d90)
|
|
string.
Jeremy.
(This used to be commit fe30a523dfc77cc373145624246fd3ad5c62b9ac)
|
|
Jeremy.
(This used to be commit 2243a73d650319208aebbbaf65dfba2a508a7c10)
|
|
Found by Metze's code review (thanks Metze !).
Jeremy.
(This used to be commit a7370eea6be29c0e2adf5ae62aa6182b9165e744)
|
|
REGISTRY_VALUE and struct registry_value formats for
registry values. Lacking better naming, I called them
regval_hilvl_to_lolvl and regval_lolvl_to_hilvl for a
start. The might be useful elsewhere, so might be put
into another place later on.
Michael
(This used to be commit 883fd7906165ca10413e4745b3beed59516adf34)
|
|
(This used to be commit ea226c5ed97d47649833546d5499213093d1925e)
|
|
value
from smbconf_store_values().
Michael
(This used to be commit 7761f9b3ccf0d9ae9ffe830b04c3be8451ce2112)
|
|
(This used to be commit 01d42744903d7ef9044fa4d2ad1cc64594717573)
|
|
metze
(This used to be commit 3ac7566ae14c48ff9b0f6b232e0ec4b2f73df558)
|
|
metze
(This used to be commit 2a794db3c548330d477497aa66245845486d9888)
|
|
as currently seen in 'make test' localy and in the farm
metze
(This used to be commit f41efe01b5a22889f5b18916df9a2f924263e7f9)
|
|
Guenther
(This used to be commit c3b423c52a2bf3f50870158d8c7ffd314c8ac935)
|
|
as this header has nothing todo with winbindd nor nss
and it contains the definitions for the struct based
protocol
metze
(This used to be commit e9e03aac2221c44eec89cc957b8bb3be721103bd)
|
|
init_request => winbindd_init_request
free_response => winbindd_free_response
read_reply => winbindd_read_reply
write_sock => winbind_write_sock
read_sock => winbind_read_sock
close_sock => winbind_close_sock(void)
metze
(This used to be commit 8a95d7a7edcfa5e45bccc6eda5c45d9c308cb95d)
|
|
contexts. Patch from Tim Prouty <tim.prouty@isilon.com>.
(This used to be commit a136de663f122603e8d34e06027896ff39b35e11)
|
|
Jeremy.
(This used to be commit cfcf7cf03e1be34e6839c1a659c4e8c1b5358c37)
|
|
(This used to be commit f935d21200294c8d29ce527300f605e721cb3620)
|
|
regval_ctr_addvalue().
This also corrects regval_ctr_copyvalue() in that it cannot create (invalid)
regval containers with dupliacte entries...
Michael
(This used to be commit 2daaaaa835078c543fa12cd1819e8a3d86cf6e5e)
|
|
to unix_convert().
Jeremy.
(This used to be commit 39c211a702e91c34c1a5a689e1b0c4530ea8a1ac)
|
|
'\0' in size calculations.
Jeremy.
(This used to be commit 54c658867db3b6c602080d60936abab3af26e112)
|
|
which
appears to be a leftover. Should fix the build with profiling enabled.
Jeremy, please check.
Guenther
(This used to be commit 98f2e10e3f7a86b1b30619a25ee15a489ad10d43)
|
|
gss_import_name() needs to follow the same logic as in the LDAP sasl wrapping
(see -r25133).
Tested with MIT 1.2.7, 1.3.6, 1.4.3, 1.5.1, 1.6.1 and Heimdal 0.7.2, 1.0,
1.0.1.
Guenther
(This used to be commit 913fb138aa90a6627ee49b2e92d1bbc73e11f9ea)
|
|
The gss_import_name() broke as we switched from the internal MIT OID
"gss_nt_krb5_principal" to "GSS_KRB5_NT_PRINCIPAL_NAME" and didn't switch from
passing the krb5_principal (or better: a pointer to that, see MIT's "*HORRIBLE*
bug") to pass the string principal directly.
Jerry, Jeremy, neither I could figure out the need of passing in a
krb5_principal at all nor could I reproduce the crash you were seeing.
I sucessfully tested the code (now importing a string) with MIT 1.2.7, 1.3.6,
1.4.3, 1.5.1, 1.6.1 and Heimdal 0.7.2, 1.0, 1.0.1.
Guenther
(This used to be commit cb2dc715e33467c8b588161e816e72a948f6860c)
|
|
in winbind client and nss/pam stuff
metze
(This used to be commit 2e13e05fa91788bd128e6940bccc0d2cc7140986)
|
|
metze
(This used to be commit b3ee9adf28ee8136528d0236a3a2c894c2223053)
|
|
This script is useful for migrating OpenLDAP schema files to FDS/RHDS
lidf schema files.
License kindly updated to GPLv3+ at our request.
Simo.
(This used to be commit ab7770b34b3202a5836cfa098187eeed1bd16be3)
|
|
metze
(This used to be commit 5afa66970ee831a8be887c9e7eeeaceead6049db)
|
|
Still a few left (mainly the substitute ones).
Jeremy.
(This used to be commit 6552e52979a7c6954faa8b2c9c0f08b3779835c4)
|
|
Jeremy.
(This used to be commit 9cc70e3ccff9c3b20076572235d9dcbfd23e97e5)
|