Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2008-09-23 | selftest: run smb signing tests as part of make quicktest | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2008-09-23 | selftest: test some smb signing combinations against the member server | Stefan Metzmacher | 1 | -0/+40 | |
metze | |||||
2008-09-23 | s4:smb_server: remove the bogus smbsrv_signing_restart() | Stefan Metzmacher | 2 | -41/+2 | |
Real signing always starts with seqnumber 2, and once signing is on the session key never change anymore for the complete smb connection. metze | |||||
2008-09-23 | libcli/smb_composite: for spnego session setups check the smb signature manually | Stefan Metzmacher | 1 | -23/+57 | |
We need to start signing when we got NT_STATUS_OK from the server and manually check the signature of the servers response. This is needed as the response might be signed with the krb5 acceptor subkey, which comes within the server response. With NTLMSSP this happens for the session setup: request1 => BSRSPYL seqnum: 0 response1 => BSRSPYL seqnum: 0 request2 => BSRSPYL seqnum: 0 response2 => <SIGNATURE> seqnum: 1 and with krb5: request1 => BSRSPYL seqnum: 0 response1 => <SIGNATURE> seqnum: 1 metze | |||||
2008-09-23 | libcli/raw: real signing starts at seqnumber 2 | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2008-09-23 | libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signature | Stefan Metzmacher | 1 | -0/+2 | |
Even if signing is mandatory. With NTLMSSP this happens for the session setup: request1 => BSRSPYL response1 => BSRSPYL request2 => BSRSPYL response2 => <SIGNATURE> and with krb5: request1 => BSRSPYL response1 => <SIGNATURE> metze | |||||
2008-09-23 | libcli/raw: give the caller the chance to do the signing checks on its own. | Stefan Metzmacher | 2 | -0/+10 | |
metze | |||||
2008-09-23 | libcli/raw: give the caller the chance to prevent the talloc_free(req) in ↵ | Stefan Metzmacher | 2 | -1/+8 | |
the _recv functions metze | |||||
2008-09-23 | gensec_krb5: only give away the session key, when the authentication is done | Stefan Metzmacher | 1 | -0/+4 | |
metze | |||||
2008-09-23 | gensec_gssapi: only give away the session key, when the authentication is done | Stefan Metzmacher | 1 | -4/+5 | |
metze | |||||
2008-09-23 | ntlmssp: only give away the session key, when the authentication is done | Stefan Metzmacher | 1 | -0/+4 | |
metze | |||||
2008-09-23 | RPC-PAC: loop in gensec_update() untill the server side is ready | Stefan Metzmacher | 1 | -5/+1 | |
metze | |||||
2008-09-23 | s3-nbt: remove old samba3 libcli/nbt copy. | Günther Deschner | 2 | -979/+0 | |
Guenther | |||||
2008-09-23 | [s3]winbindd_group: don't list the domain twice when expanding internal aliases | Michael Adam | 1 | -1/+1 | |
Before this, "getent group builtin\\administrators" expanded domain group members in the form DOMAIN\domain\user. Michael | |||||
2008-09-23 | [s3]winbindd_group: sanely handle NULL domain in add_member(). | Michael Adam | 1 | -1/+5 | |
Michael | |||||
2008-09-23 | [s3]winbindd_ads: honour "winbind use default domain" in lookup_groupmem(). | Michael Adam | 1 | -9/+11 | |
This fixes the output of "getent group" when "winbind use default domain = yes" with security = ads. Michael | |||||
2008-09-23 | [s3]winbindd_rpc: add domain prefix to username in lookup_groupmem(). | Michael Adam | 1 | -1/+4 | |
This makes the output of "getent group" of a domain group show the domain prefix with "security = domain". Michael | |||||
2008-09-23 | [s3]winbindd_util: add fill_domain_username_talloc(). | Michael Adam | 1 | -0/+27 | |
A talloc version of fill_domain_username(). Michael | |||||
2008-09-23 | [s3]winbindd_util: add prototype for fill_domain_username_talloc(). | Michael Adam | 1 | -0/+4 | |
A talloc version of fill_domain_username(). Michael | |||||
2008-09-23 | [s3]winbindd: fix a comment typo | Michael Adam | 1 | -1/+1 | |
Michael | |||||
2008-09-23 | [s3]winbind_util: fix an implicit cast compile warning. | Michael Adam | 1 | -1/+1 | |
Michael | |||||
2008-09-23 | s3-nbt: fix remaining callers of ndr_push/pull_struct_blob. | Günther Deschner | 8 | -15/+15 | |
Guenther | |||||
2008-09-23 | s3-nbt: use ../libcli/nbt helper. | Günther Deschner | 2 | -18/+1 | |
Guenther | |||||
2008-09-23 | s3: re-run make idl. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-09-23 | s3-nbt: refer to ../libcli/nbt in nbt.idl. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-09-23 | s4-nbt: use ../libcli/nbt | Günther Deschner | 10 | -14/+14 | |
Guenther | |||||
2008-09-23 | s4-nbt: move libcli/nbt up one level. | Günther Deschner | 8 | -149/+149 | |
Guenther | |||||
2008-09-23 | s4-nbt: merge some fixes from samba3 nbt helper. | Günther Deschner | 2 | -24/+24 | |
Guenther | |||||
2008-09-23 | s4-nbt: use private_data instead of private. | Günther Deschner | 19 | -57/+57 | |
Guenther | |||||
2008-09-23 | s3: use samba4 prototype for ndr_push/pull_struct_blob. | Günther Deschner | 8 | -25/+29 | |
Guenther | |||||
2008-09-23 | s3: re-run make idl. | Günther Deschner | 3 | -7/+13 | |
Guenther | |||||
2008-09-23 | s3-nbt: fix nbt.idl in order to use shared nbt helper. | Günther Deschner | 1 | -3/+3 | |
Guenther | |||||
2008-09-23 | s3-charset: add smb_iconv_convenience. | Günther Deschner | 1 | -0/+2 | |
Guenther | |||||
2008-09-23 | s4-nbt: remove unrequired include. | Günther Deschner | 1 | -1/+0 | |
Guenther | |||||
2008-09-23 | s4: add talloc_strdup_upper. | Günther Deschner | 1 | -1/+7 | |
Guenther | |||||
2008-09-22 | Merge branch 'master' of ssh://git.samba.org/data/git/samba into abartlet-devel | Andrew Bartlett | 9 | -1/+3756 | |
2008-09-22 | Remove unused parameter from decode_pw_buffer and fail on invalid | Andrew Bartlett | 3 | -13/+14 | |
UTF-16 input The input checking is important, as otherwise we could set the wrong password. Andrew Bartlett | |||||
2008-09-22 | Remove unused variable | Andrew Bartlett | 1 | -2/+0 | |
2008-09-23 | Fix make pch in the merged build | Volker Lendecke | 1 | -1/+3 | |
2008-09-22 | Explain why we use signing for DCs, but not file servers | Andrew Bartlett | 1 | -0/+9 | |
2008-09-22 | idmap_adex: Add new idmap plugin for support RFC2307 enabled AD forests. | Gerald (Jerry) Carter | 9 | -0/+3753 | |
The adex idmap/nss_info plugin is an adapation of the Likewise Enterprise plugin with support for OU based cells removed (since the Windows pieces to manage the cells are not available). This plugin supports * The RFC2307 schema for users and groups. * Connections to trusted domains * Global catalog searches * Cross forest trusts * User and group aliases Prerequiste: Add the following attributes to the Partial Attribute Set in global catalog: * uidNumber * uid * gidNumber A basic config using the current trunk code would look like [global] idmap backend = adex idmap uid = 10000 - 19999 idmap gid = 20000 - 29999 idmap config US:backend = adex idmap config US:range = 20000 - 29999 winbind nss info = adex winbind normalize names = yes winbind refresh tickets = yes template homedir = /home/%D/%U template shell = /bin/bash | |||||
2008-09-22 | Test re-setting the challenge after an auth3 in RPC-NETLOGON | Andrew Bartlett | 1 | -0/+4 | |
2008-09-22 | Merge branch 'master' of ssh://git.samba.org/data/git/samba into abartlet-devel | Andrew Bartlett | 8 | -1/+162 | |
2008-09-22 | This torture test and skipping of the server-side check was bogus. | Andrew Bartlett | 2 | -52/+1 | |
The IDL is declared to force the MessageType to 3 on output, so we instead checked the same thing 255 times... Andrew Bartlett | |||||
2008-09-22 | re-run make idl. | Günther Deschner | 2 | -0/+8 | |
Guenther | |||||
2008-09-22 | netapi: add more fields to USER_INFO_X. | Günther Deschner | 1 | -0/+2 | |
Guenther | |||||
2008-09-22 | netapi: add NetFile testsuite. | Günther Deschner | 4 | -1/+151 | |
Guenther | |||||
2008-09-22 | netapi: fix case statement in example NetUserSetModals code. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2008-09-22 | s4: allways initialize the process model before it's used | Stefan Metzmacher | 8 | -9/+10 | |
metze | |||||
2008-09-22 | create-tarball: Adapt script to changed directory structure. | Karolin Seeger | 1 | -3/+3 | |
Karolin |