summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2008-08-27Add missing file - netlogon.hAndrew Bartlett1-0/+6
This file allows the remote_pac.c code to call into netlogon.c's setup credentials code. Andrew Bartlett (This used to be commit 0343987cf18c1287d98ae542d397ab1fab0a04b7)
2008-08-27Add a test to explore Netlogon PAC validationAndrew Bartlett8-9/+263
However, I have still not figured out this protocol yet, and the docs are rather unclear... :-( Andrew Bartlett (This used to be commit d878643071a1477435a267e2944461d367cdfa79)
2008-08-27ldb: Fix permissions of new ldg files.Karolin Seeger1-1/+1
This one fixes together with 2eaf4ed62 bug #5715 and CVE-2008-3789. Thanks to Steve Langasek <vorlon@debian.org> for reporting! Karolin (cherry picked from commit b666d0a4b597218f5f5020bf36d80d84dcbf7259) (This used to be commit 73f54df7fedc8f0db022f902100fd5eb1b629fb2)
2008-08-27ldb: Fix permissions of group_mapping.ldb.Andrew Tridgell1-1/+7
This one fixes bug #5715 and CVE-2008-3789. (cherry picked from commit a94f44c49f668fcf12f4566777a668043326bf97) (This used to be commit 2eaf4ed62220246bcc1a9702166b0b4f381fdae3)
2008-08-27Put the internal gensec_gssapi state into a header.Andrew Bartlett2-43/+69
This will allow a torture suite to inspect some otherwise internal details. Andrew Bartlett (This used to be commit 9701149ef75f9771f42000e2b6f44963abfee938)
2008-08-27Fix the build on Win32, and use NEGOTIATE security (to allow kerberos)Andrew Bartlett2-2/+2
(This used to be commit f0bde093d76fe9d17a0709cf01fa7b70f1985c6b)
2008-08-26Fix bug spotted by Simo - don't use legacy if expired entry.Jeremy Allison1-4/+4
Jeremy. (This used to be commit a7bbd33139c5835cf32efdbe0ef187117699e3e4)
2008-08-27Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett510-37923/+49833
(This used to be commit 32143287c7eb452c6ed9ccd15e8cd4e5a907b437)
2008-08-27Add definition for NT_STATUS_DOWNGRADE_DETECTEDAndrew Bartlett2-0/+2
(This used to be commit f6e227b72bb56d12cb270d76f7f458136c4ca160)
2008-08-26Don't ask winbindd if we got a -ve cache entry.Jeremy Allison1-4/+38
Jeremy. (This used to be commit 91f85d0dcaa917b7a90a77852f3a778a0ad99c4d)
2008-08-26Merge branch 'v3-devel' of ssh://git.samba.org/data/git/samba into v3-develSimo Sorce66-597/+1246
(This used to be commit e038f1cf9fb305fc1e7a4189208e451d30aaa1f0)
2008-08-26Fix the build :-(. Ask winbindd if we find a negative cache entry (or shouldJeremy Allison1-5/+17
we just call the legacy function ?). Jeremy. (This used to be commit 566d3b6e76afeca8e862cb36202a5283b86920e4)
2008-08-26Get smbd to look (read-only) into the winbindd cache for uid/gid <--> sid ↵Jeremy Allison1-33/+51
mappings. Jeremy. (This used to be commit 31ba955d6950420096b9141454aa95b2510a3d9a)
2008-08-26Increase the default positive idmap cache time to a weekVolker Lendecke2-2/+2
(This used to be commit 60af63675063ad62c0169b9f2094ecfdaa7ca16d)
2008-08-26Move idmap_cache.c from winbindd/ to lib/Volker Lendecke2-3/+2
(This used to be commit fe70dcc1b63b1969c13f7fb03ec374b6e5a376a1)
2008-08-26heimdal: add missing heimdal/lib/hcrypto/{evp-aes-cts.c,evp-hcrypto.c}, sorry...Stefan Metzmacher2-0/+453
metze (This used to be commit 0c4227e45d6b8e31a0219358042318e9d2a0b36d)
2008-08-26heimdal_build: include heimdal's new EVP code to fix the buildStefan Metzmacher2-1/+6
metze (This used to be commit f454342d48e1dce7dff0bcff246c7237bed94fd5)
2008-08-26heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patchesStefan Metzmacher465-1953/+2747
This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo. metze (This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53)
2008-08-26heimdal_build: fix parse.h lex.c dependenciesStefan Metzmacher1-15/+12
metze (This used to be commit dbfbd1b018f7c29dde2e291cbb7bb54bf147a10e)
2008-08-26heimdal_build: autogenerate the heimdal private/proto headersStefan Metzmacher15-8824/+464
Now it's possible to just use a plain heimdal tree in source/heimdal/ without any pregenerated files. metze (This used to be commit da333ca7113f78eeacab4f93b401f075114c7d88)
2008-08-26heimdal_build: autogenerate table files in heimdal/lib/wind/Stefan Metzmacher34-26563/+46097
metze (This used to be commit f4cfba26aebb18fecdb50478bec9c07d4910ab3b)
2008-08-26heimdal_build: autogenerate heimdal/lib/roken/roken.hStefan Metzmacher1-0/+10
metze (This used to be commit 3ab59dc66fe2d40533a66ff786d0b2373eea1ab8)
2008-08-26heimdal_build: add fallback for AC_WARNING_ENABLE()Stefan Metzmacher2-1/+3
metze (This used to be commit 8d6d96898dcc948aa0ee004eaeb48dc847946361)
2008-08-26heimdal: remove unused old filesStefan Metzmacher3-510/+0
metze (This used to be commit 94cef56212d7d7c1150aea760dba24bda7190442)
2008-08-26heimdal_build: split heimdal/lib/asn1 file listsStefan Metzmacher1-14/+12
metze (This used to be commit d3e939bf75fb85cf0eb3551856e161e3e58c0031)
2008-08-26run make idl after idl change "Handle arbitrary new PAC types"Michael Adam2-16/+6
Michael (This used to be commit 5de253ba1308f470a47f9e5f83c6eccd17e95c26)
2008-08-26Handle arbitrary new PAC typesAndrew Tridgell1-1/+1
When MS introduces a new PAC type, we should just ignore it, not generate a parse error. New PAC info structures are supposed to be backwards compatible with old ones (This used to be commit 2971b926c835412b02c93ad1e30f1471bc0a3612)
2008-08-26EINVAL is also a valid error return, meaning "this filesystemAndrew Tridgell1-2/+3
cannot do sendfile for this file" (This used to be commit 737f664604b28f230be63bfc2f3d516fd9eb1c63)
2008-08-26become root for AIO operationsAndrew Tridgell1-1/+7
We need to become root for AIO read and write to allow the AIO thread to send a completion signal to the parent process when the IO completes (This used to be commit c548e5c69f9d8bc85a654f4d29d64c735a5e780b)
2008-08-26Avoid a race condition in glibc between AIO and setresuid().Andrew Tridgell1-11/+13
See this test: http://samba.org/~tridge/junkcode/aio_uid.c The problem is that setresuid() tries to be clever about threads, and tries to change the euid of any threads that are running. If a AIO read or write completes while this is going on then the signal from the thread where the IO completed is lost, as it gets -1/EPERM from rt_sigqueueinfo() The simplest fix is to try to use setreuid() instead of setresuid(), as setreuid() doesn't try to be clever. Unfortunately this also means we must use become_root()/unbecome_root() in the aio code. (This used to be commit 56c5a6f024875bb79b0104beb36f6b0ec1e1e9f9)
2008-08-26fixed an errno handling bug that could lead to an infinite loopAndrew Tridgell1-2/+2
(This used to be commit 5ccdc58ce91ee40ca7171dd040191291aeb7fe02)
2008-08-26fixed tsmsm_sendfile(). The logic was totally broken.Andrew Tridgell1-4/+7
(This used to be commit 794e48b809036871287df8416a2c669b7e26f216)
2008-08-26heimdal_build: split handwritten and generated hx509 file listsStefan Metzmacher1-3/+6
metze (This used to be commit 848067033c40c3a4681f196ac5da289cd488d962)
2008-08-26heimdal_build: split out gssapi_spnego and gssapi_krb5 file listsStefan Metzmacher1-51/+57
metze (This used to be commit 95135ade447e04329afa7581c66c4df8de63ca24)
2008-08-26heimdal_build: add a fake sqlite keytab implementationStefan Metzmacher2-2/+21
This remove a difference against lorikeet-heimdal. metze (This used to be commit 4314df3561dfe60228db0af220549300b0137c85)
2008-08-26heimdal_build: split glue.c into krb5 and gssapi partsStefan Metzmacher3-20/+33
metze (This used to be commit 1c7bb21bd85900206e9ad831bc4795c1f765a9aa)
2008-08-26build: make sure to create CODEPAGEDIR and MODULESDIR.Günther Deschner1-1/+1
Guenther (This used to be commit d31683cdc877b468e7443216ab9e6edff844c131)
2008-08-26kdc: move references to heimdal internals into heimdal_build/kpasswd-glue.hStefan Metzmacher2-2/+4
metze (This used to be commit 65057f17b0d9e83f1b775afdeb7ea91ce0e52cd1)
2008-08-26Revert "gsskrb5: add support for DCE_STYLE and des and des3 keys"Stefan Metzmacher2-64/+22
This reverts commit 86848dd0f217774faed81af8fbf68618013e20a1. This should come back via a merge from heimdal's trunk later. metze (This used to be commit 585e5360e2d9f722e80850eb86c3d4253530e8ba)
2008-08-26Revert "gsskrb5: always return an acceptor subkey"Stefan Metzmacher1-18/+4
This reverts commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8. This isn't strictly needed and will come back in the next merge from heimdal's trunk. metze (This used to be commit 8ed040c8c4bed082ab74ab267090b35bb57db3f3)
2008-08-26build: generate :: rules for automatic dependenciesStefan Metzmacher1-2/+2
metze (This used to be commit 66d8da17a4c3543e133452f9a87702a2a8fb609c)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett1-2/+3
(This used to be commit 2a1adaa759d9201670519b3938109e13c0476a83)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett11-173/+802
(This used to be commit d7db5fe161429163a19d18c7e3045939897b9b2a)
2008-08-26Don't use lsa_Delete any more, as smbd now refuses it.Andrew Bartlett1-2/+3
(This used to be commit 8e1285a1ee60e3d3b7352ab7269d535c41916b46)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett138-2946/+4837
(This used to be commit b706708210a05d6f10474a3cd2bbc550704d4356)
2008-08-26More LSA server and testuite work.Andrew Bartlett2-8/+63
- Implement QueryDomainInformationPolicy in Samba4 - Allow RPC-LSA to pass against Windows 2008 (which does not allow the Audit privilage to be removed) Andrew Bartlett (This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137)
2008-08-26Make RPC-LSA test deterministic with an msleep(200).Andrew Bartlett1-5/+8
(This used to be commit 914e1865aa9fba417f74a3abdd8b4b2659feb001)
2008-08-26Implement matching logic to Windows 2008 on handling of secrets.Andrew Bartlett1-16/+8
This is enforced by the new RPC-LSA test. Andrew Bartlett (This used to be commit da200ac64485fd9531b1aa048570c682b680b012)
2008-08-26Fix LSA server to pass more of RPC-LSA and match Windows 2008Andrew Bartlett1-17/+32
This fixes some info levels in the QueryTrustedDomainInfo call, and changes from implementing lsa_Delete to lsa_DeleteObject (which has an explicit close and reutrns a NULL handle). Andrew Bartlett (This used to be commit 1f12c368b2566b378a6c521c389b8b1bafbcf916)
2008-08-26Only allow the trust in the correct direction (per the flags).Andrew Bartlett1-3/+9
(This used to be commit 2c7195429411d68bc66f4100659c622df4f5a20a)
generated by cgit (git 2.34.1) at 2025-03-24 20:19:20 +0000