summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-01-11gensec: Make sure to check the optional auth_context hooks before using themAndrew Bartlett1-1/+1
These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11gensec: Rename want_flags and got_flags in gensec_gssapiAndrew Bartlett2-27/+27
This make it clearer what type of flags these are. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11gensec: make gensec_gssapi.h commonAndrew Bartlett1-0/+0
This will make it easier to share elements of the GSSAPI gensec mechs, in much the same way elements of the NTLMSSP mech are shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Supply target service and server to spnego_generic_init_client()Andrew Bartlett3-0/+19
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc: Rename spnego_ntlmssp_init_client and make genericAndrew Bartlett3-5/+17
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-libsmb: split out auth_generic client functions into auth_generic.cAndrew Bartlett5-129/+164
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc: rename get_ntlmssp_auth_footer to be more genericAndrew Bartlett1-5/+5
This can handle any gensec auth type now. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Set target service and server into gensecAndrew Bartlett1-0/+10
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be genericAndrew Bartlett5-48/+61
This also includes renaming the helper function rpccli_ntlmssp_bind_data, and allows this function to operate on any gensec-supplied auth type. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more genericAndrew Bartlett1-6/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11gensec: move gensec_util.c to the top levelAndrew Bartlett7-11/+23
To do this some defines need to move to common_auth.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11auth: make auth4_context common to provide access to generate_session_info_pac()Andrew Bartlett2-52/+59
By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11auth/kerberos: Remove unused headers from gssapi_parse.cAndrew Bartlett1-2/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11s3-librpc Return user principal name on supplied mem_ctxAndrew Bartlett1-3/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-10krb5: Require gss_get_name_attribute or Heimdal's PAC parsing to build with krb5Andrew Bartlett2-0/+21
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jan 10 23:23:07 CET 2012 on sn-devel-104
2012-01-10krb5: Require krb5_string_to_key be available to build with krb5Andrew Bartlett3-1/+10
2012-01-10krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett5-29/+12
2012-01-10krb5: Require krb5_principal_compare_any_realm be available to build with krb5Andrew Bartlett3-28/+9
2012-01-10krb5: Require krb5_get_renewed_creds be available to build with krb5Andrew Bartlett4-52/+14
2012-01-10krb5: Remove now unused checks for krb5_verify_checksumAndrew Bartlett2-12/+0
2012-01-10krb5: Require krb5_get_init_creds_opt_alloc/free for build with krb5Andrew Bartlett3-29/+18
This also assumes the modern API with a krb5_context argument. Andrew Bartlett
2012-01-10krb5: Require krb5_fwd_tgt_creds to be available to build with krb5Andrew Bartlett3-3/+12
2012-01-10krb5: Require krb5_get_host_realm and krb5_free_host_realm be available to ↵Andrew Bartlett3-4/+18
build with krb5
2012-01-10krb5: Require krb5_c_verify_checksum is available to build with krb5Andrew Bartlett3-79/+25
2012-01-10krb5: Require krb5_c_enctype_compare is available to build with krb5Andrew Bartlett4-7/+9
2012-01-10s4:provision: add "+dns" to server services if the dns backend is SAMBA_INTERNALMichael Adam1-2/+7
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104
2012-01-10s4:provision: add a server services line to the smb.conf template for the dcMichael Adam1-0/+2
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: add the possibility to provision "server services" in smb.confMichael Adam1-2/+9
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: improve a messageMichael Adam1-1/+1
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10samba: check for AES encryption type defines.Günther Deschner3-0/+25
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
2012-01-10talloc/testsuite: fix compiler warningsStefan Metzmacher1-1/+2
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jan 10 13:31:33 CET 2012 on sn-devel-104
2012-01-10s3-aio_pthread: Fix the buildVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jan 10 11:54:01 CET 2012 on sn-devel-104
2012-01-10s3-aio_pthread: Make "pd_list" staticVolker Lendecke1-1/+1
2012-01-10s4:python tests __init__.py - do not depend on "subprocess.check_call()"Matthias Dieter Wallnöfer1-1/+4
Method not present in Python 2.4 Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Jan 10 00:41:59 CET 2012 on sn-devel-104
2012-01-09s4:python tests __init__.py - do not depend on "subprocess.CalledProcessError"Matthias Dieter Wallnöfer1-6/+11
The class is not present in Python 2.4 Reviewed-by: Jelmer
2012-01-09s3: Remove an unused labelVolker Lendecke1-3/+0
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jan 9 23:07:32 CET 2012 on sn-devel-104
2012-01-09s4:scripting/devel: add repl_cleartext_pwd.py scriptStefan Metzmacher1-0/+377
This is useful to sync passwords from an AD domain. $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 \ 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[0] dn: CN=Test User1,CN=Users,DC=bla,DC=base cleartext_utf8: A1b2C3d4 displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA= # up to usn[16449] $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[16449] # up to usn[16449] $ metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
2012-01-09s4-kerberos: remove some unused prototypes.Günther Deschner1-22/+0
These are defined in the krb5 abstraction headers elsewhere. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
2012-01-09s3-waf: rpcclient does not need libads.so.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 12:06:06 CET 2012 on sn-devel-104
2012-01-09s3-passdb: remove a forward declaration.Günther Deschner1-7/+6
Guenther
2012-01-09s3-libads: pretty print a keytab list.Günther Deschner1-2/+2
Guenther
2012-01-09s3-pdbtest: only test trusted domains when pdb backends offers trusted ↵Günther Deschner1-74/+89
domain support. Guenther
2012-01-09s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().Günther Deschner1-1/+1
Guenther
2012-01-09s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()Stefan Metzmacher1-2/+3
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 10:28:30 CET 2012 on sn-devel-104
2012-01-09pidl:Samba4/Python: add an optional 'allow_remaining' argument to ↵Stefan Metzmacher1-3/+26
__ndr_unpack__() hooks Thanks to Amitay Isaacs <amitay@gmail.com> for the help with this. metze
2012-01-09s3-build: Remove unused hooks to set smbtorture4 and test argsAndrew Bartlett3-70/+0
These were left around after the selftest.pl script was introduced. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jan 9 06:13:21 CET 2012 on sn-devel-104
2012-01-09auth/credentials Remove debug that prints in normal operationAndrew Bartlett1-1/+0
The fact that this function is unimplemented is unimportant to the callers as credential caches are not handled via the auth/credentials code in s3. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jan 9 03:24:36 CET 2012 on sn-devel-104
2012-01-09s3-libsmb: Do not look up FQDN or use host/ for krb5 encrypted CIFSAndrew Bartlett1-12/+1
This is important, as we want to use exactly the same name and ticket that the libsmb session setup code used, so we do not hit the KDC twice. For the session setup to have succeded using the default 'client use spnego principal = no', the cifs/ principal must exist anyway, so looking for host/ is pointless. The case of 'client use spnego principal = yes' was never supported here. Andrew Bartlett
2012-01-09s3-sefltest Make krb5 tests contain the word krb5Andrew Bartlett1-3/+3
2012-01-09s3-selftst Add encrypted CIFS testing with kerberosAndrew Bartlett1-9/+11
generated by cgit (git 2.34.1) at 2024-11-27 03:22:42 +0000