summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2011-05-06s3-includes: no need to globally include libads/ads_status.h.Günther Deschner3-0/+7
Guenther
2011-05-05More simple const fixups.Jeremy Allison2-8/+8
2011-05-05More const fixes for compiler warnings from the waf build.Jeremy Allison1-2/+2
2011-05-05s3-libads: run minimal_includes.pl.Günther Deschner1-2/+0
Guenther
2011-04-29s3-libads Move variables into if (socket_wrapper_dir()) where they are used.Andrew Bartlett1-4/+4
2011-04-28s3-libads: Use ldap_init_fd() to connect to AD server in socket_wrapperAndrew Bartlett1-1/+35
This means that we control the connection setup, don't rely on signals for timeouts and the connection uses socket_wrapper where that is required in our test environment. According to bug reports, this method is also used by curl and other tools, so we are not the first to (ab)use the OpenLDAP libs in this way. It is ONLY enabled for socket_wrapper at this time, as this is the best way to get 'make test' working for S3 winbind tests in an S4 domain. Andrew Bartlett
2011-04-28s3-libads Pass a struct sockaddr_storage to cldap routinesAndrew Bartlett3-42/+17
This avoids these routines doing a DNS lookup that has already been done, and ensures that the emulated DNS lookup isn't thrown away. Andrew Bartlett
2011-04-27s3-libsmb Use 'resolv:hosts file' as a DNS emulation when specified.Andrew Bartlett1-0/+15
This allows make test to operate without making real DNS calls. Andrew Bartlett
2011-04-27s3-libads Don't start a DEBUG with 'time'Andrew Bartlett1-1/+1
This strange requirement comes from our subunit test harness. Andrew Bartlett
2011-04-26s3-libads Remove KRB5_DNS_HACKAndrew Bartlett1-12/+0
We have winbindd write a custom krb5.conf or use a kdc locator plugin to do this properly now. Andrew Bartlett
2011-04-26libcli/dns Improve dns_hosts_file, using Samba3's struct dns_rr_srvAndrew Bartlett1-36/+1
By reworking the 'fake DNS' file to use struct dns_rr_srv it should be possible to emulate that resolver layer as well as the Samba4 sockaddr_storage* based layer. This will then give us a common DNS emulation for 'make test'. Andrew Bartlett
2011-04-22s3: Fix Coverity ID 2336, NULL_RETURNSVolker Lendecke1-0/+4
2011-04-20libcli/auth Move PAC parsing and verification in common.Andrew Bartlett2-320/+3
This uses the source3 PAC code (originally from Samba4) with some small changes to restore functionality needed by the torture tests, and to have a common API. Andrew Bartlett
2011-04-15s3-waf: try to fix the non-ldap-but-krb5 build.Günther Deschner1-0/+4
Guenther
2011-04-13s3-rpc_client: add and use rpc_client/rpc_client.h.Günther Deschner1-0/+1
Guenther
2011-03-31s3-libndr: add ../librpc/ndr/libndr.h include in some places.Günther Deschner2-0/+2
Guenther
2011-03-30s3-includes: no point in including all security headers globally.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2011-03-24s3-prototypes: remove protos of some dead functions.Günther Deschner1-1/+0
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Mar 24 00:52:01 CET 2011 on sn-devel-104
2011-03-21s3: Fix Coverity ID 770, REVERSE_INULLVolker Lendecke1-15/+7
We dereference "res" in various places, no point in checking. All current callers send "res!=NULL".
2011-03-16s3-build: only include asn1 headers where actually needed.Günther Deschner1-0/+1
Guenther
2011-03-16s3-build: stop including ldap and lber headers everywhere in the code.Günther Deschner1-0/+1
Instead use new header smb_ldap.h where all LDAP API related things are handled, while smbldap.h only deals with our smbldap_X() API. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Mar 16 10:54:51 CET 2011 on sn-devel-104
2011-03-10Quite some callers of sid_split_rid do not care about the ridVolker Lendecke1-2/+1
2011-02-27s3: Fix some nonempty blank linesVolker Lendecke1-10/+9
2011-02-25s3-libads: make ndr_print_ads_auth_flags() static.Günther Deschner2-2/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Fri Feb 25 01:55:26 CET 2011 on sn-devel-104
2011-02-18s3-libads Remove MIT-specific krb5_princ_realm macro calls.Andrew Bartlett1-55/+19
When compiled against heimdal, we need to use a more elegant API. Andrew Bartlett
2011-02-11s3-libads: make ads_guess_service_principal static.Günther Deschner3-71/+69
Guenther
2011-02-10s3: give ../librpc/ndr/util.c its own header.Günther Deschner1-0/+1
Guenther
2011-01-21s3:libads: use dcerpc_spoolss_X() functionsStefan Metzmacher1-2/+4
metze Signed-off-by: Andreas Schneider <asn@samba.org>
2011-01-12s3: Fix some nonempty blank linesVolker Lendecke1-8/+8
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jan 12 19:04:25 CET 2011 on sn-devel-104
2011-01-07netlogon: move netlogon helpers to ../libcli/netlogon.Günther Deschner1-1/+1
Guenther
2010-12-10s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett1-3/+5
This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett
2010-11-20s3: Remove unused ads_get_attrname_by_oidVolker Lendecke2-42/+0
2010-11-20s3: Make ads_get_attrnames_by_oids staticVolker Lendecke2-8/+7
2010-11-20s3: Make ads_ranged_search_internal staticVolker Lendecke2-14/+16
2010-11-20s3: Fix some nonempty blank linesVolker Lendecke1-8/+8
2010-11-20s3: Remove unused ads_search_retry_extended_dnVolker Lendecke2-19/+0
2010-11-20s3: Make ads_do_search_retry_args() staticVolker Lendecke2-8/+4
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-0/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-09-23Fix bug 7694 - Crash bug with invalid SPNEGO token.Jeremy Allison1-1/+2
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server as we indirect the first returned value OIDs[0], which is returned as NULL. Jeremy.
2010-09-20s3-libads call common GUID_from_ndr_blob()Andrew Bartlett1-19/+17
This does a length-limited check, and so avoids reading beyond the allocated memory if the server sends less than 16 bytes. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20s3: Replace sid_binstring and sid_guidstring with PIDL-based alternativesAndrew Bartlett1-1/+2
This reduces the manual marshalling of these structures by removing the duplication here. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-20s3-build: only include smbldap.h where needed.Günther Deschner1-0/+1
Guenther
2010-09-15Fix all sid_parse returns to be checked. Tidy up some checks and errorJeremy Allison1-1/+3
messages. Jeremy.
2010-09-09Fox missing SMB_MALLOC return checks noticed by "Andreas Moroder ↵Jeremy Allison1-3/+13
<andreas.moroder@gmx.net>". Jeremy.
2010-09-07s3/libads: use monotonic clock for ldap connection timeoutsBjörn Jacke2-2/+2
2010-09-07s3/libads: use monotonic clock for DNS timeoutsBjörn Jacke1-5/+5
2010-08-31s3-libads: avoid crashing in ads_keytab_list().Günther Deschner1-0/+1
Heimdal's krb5_kt_start_seq_get() will leave a non 0 fd in the krb5_kt_cursor struct when it cannot find a given keytab. Guenther
2010-08-30s3-krb: Reformat and add doxygen comment to decode_pac_data()Simo Sorce1-63/+91
Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-19s3-ads: Fix wrong test in if statementSimo Sorce1-1/+1