summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24432: Expand kerberos_return_pac() so that it can be used in winbindd.Günther Deschner1-6/+72
Guenther (This used to be commit e70bf0ecc3ec6d3ba8ba384024bbdf9a783072ea)
2007-10-10r24424: Fix the build.Günther Deschner1-5/+5
Guenther (This used to be commit 029bf26f8a571ae060f7be60fd3e8c61d86004f7)
2007-10-10r24252: Dump guid of msExchMailboxGuid when returned.Günther Deschner1-0/+1
Guenther (This used to be commit 1142f3df546cbf4780c6f54667f7ed31b1a7621b)
2007-10-10r24251: Neverending fun:Günther Deschner1-1/+1
Heimdal doesn't accept all OIDs and gss_import_name() fails with GSS_S_BAD_NAMETYPE using this one. Use the GSS_KRB5_NT_PRINCIPAL_NAME OID instead (which works with at least MIT 1.6.1 and Heimdal 1.0.1). Guenther (This used to be commit f783b32b65ee50e3730ae2d039ca04c9fc5a201a)
2007-10-10r24166: Fix Coverity ID 391Volker Lendecke1-1/+1
(This used to be commit 461974d2cc18c729f152356a9c30cc776f288906)
2007-10-10r24158: SE_GROUP_RESOURCE in the other_sids list apparently means aGerald Carter1-1/+1
domain local group. Fix a typo in the PAC debugging routine (This used to be commit b0b66b2e7af133b199868b946fad70016e1cefbd)
2007-10-10r24131: - make it more clear what the different min and max fields meanStefan Metzmacher2-37/+48
- with the "GSSAPI" sasl mech the plain, sign or seal negotiation is independed from the req_flags and ret_flags - verify the server supports the wrapping type we want - better handling on negotiated buffer sizes metze (This used to be commit d0ec7323870ca16b28d458ff5f7dacce278b7d54)
2007-10-10r24128: fix double free in error pathStefan Metzmacher1-6/+7
metze (This used to be commit 29e2d8e044c9213643a2f5f29891ce853a839347)
2007-10-10r24104: fix the build, sorry...Stefan Metzmacher1-3/+4
metze (This used to be commit a5e1f9fd293fab26d664a72ee652eb8ca72128b7)
2007-10-10r24103: add some useful debug messages, as not all LDAPStefan Metzmacher1-3/+19
libraries support wrapping hooks... metze (This used to be commit 581a1d3a20ffed42ccc7f35f163fd343ed12ccd3)
2007-10-10r24098: - make use of the ads_service_principal abstractionStefan Metzmacher1-61/+32
also for the "GSSAPI" sasl mech. - also use the ads_kinit_password() fallback logic from the "GSS-SPNEGO" sasl mech. metze (This used to be commit cbaf44de1e1f8007dc4ca249791ea30d2902c7c4)
2007-10-10r24095: add one more fallback alternative toStefan Metzmacher1-0/+20
construct the principal metze (This used to be commit b545667d2a45a79bba05c9fe9e93a19951d60af7)
2007-10-10r24093: move gssapi/krb5 principal handling into a functionStefan Metzmacher1-88/+146
metze (This used to be commit 83de27968d434d67d23851b0c285221c870ff75e)
2007-10-10r24072: Add "client ldap sasl wrapping" parameter.Stefan Metzmacher1-0/+8
Possible values are "plain" (default), "sign" or "seal". metze (This used to be commit 26ccbad7212e9acd480b98789f04b71c1e940ea8)
2007-10-10r24066: Fix memleak found by Volker. We don't leak keys now with MIT and ↵Günther Deschner1-0/+1
Heimdal. Guenther (This used to be commit 7755ad750facc44b6a5df2136cb536547048cd48)
2007-10-10r24065: According to gd, this breaks heimdal. Thanks for checking!Volker Lendecke1-3/+0
(This used to be commit ea5f53eac81e8a969587eb3996b16a1afd948877)
2007-10-10r24062: fix logic for broken krb5 libs which always forceStefan Metzmacher1-1/+2
sign and seal... metze (This used to be commit 4a4fc8cccbcbe17eebcefcd0107f7de60d751f5c)
2007-10-10r24058: Fix some memory leaks in ads_secrets_verify_ticket.Volker Lendecke1-0/+3
Jeremy, Günther, please review! Thanks, Volker (This used to be commit 000e096c277a71ca30c1c109aae62241ad466bee)
2007-10-10r24042: add support for krb5 sign and seal in LDAP via "GSS-SPNEGO"Stefan Metzmacher1-1/+309
metze (This used to be commit 34ab84aceb86195743abd26c46a631640409725e)
2007-10-10r24037: only setup sasl wrapping after a successful bindStefan Metzmacher1-2/+4
metze (This used to be commit 85d6cd3dfb5cbd9e899957265e352583ff608ed4)
2007-10-10r23973: For debugging, add (undocumented) net ads kerberos commands (kinit, ↵Günther Deschner1-1/+1
renew, pac). Guenther (This used to be commit 4cada7c1485c9957e553d6e75cb6f30f4338489f)
2007-10-10r23970: Allow to set the debuglevel at which to dump the PAC logon info.Günther Deschner1-18/+18
Guenther (This used to be commit 7d321aad83cb7b9cc766bc89a886676337a2bad8)
2007-10-10r23969: Some helper routines to retrieve a PAC and PAC elements.Günther Deschner1-0/+160
Guenther (This used to be commit d4c87c792a955be7d5ef59fc683fc48e3d8afe16)
2007-10-10r23953: Some C++ warningsVolker Lendecke2-4/+7
(This used to be commit 8716edf157bf8866328f82eb6cf25e71af7fea15)
2007-10-10r23951: Fix segfault.Günther Deschner1-1/+1
Guenther (This used to be commit 1a5c8780ae79e5ae4e6a36bfb66cd92ae7d3aa88)
2007-10-10r23948: add gsskrb5 sign and seal support for LDAP connectionsStefan Metzmacher1-5/+135
NOTE: only for the "GSSAPI" SASL mech yet metze (This used to be commit a079b66384b15e9d569dded0d9d6bd830e1a6dfa)
2007-10-10r23946: add support for NTLMSSP sign and sealStefan Metzmacher1-1/+122
NOTE: windows servers are broken with sign only... metze (This used to be commit 408bb2e6e2171196a2bd314db181d9b124e931a1)
2007-10-10r23945: add infrastructure to select plain, sign or seal LDAP connectionStefan Metzmacher2-2/+23
metze (This used to be commit 2075c05b3d8baa7d6d8510cd962471a5781740a6)
2007-10-10r23943: - always provide ads_setup_sasl_wrapping() functionStefan Metzmacher1-4/+10
- read/write returning 0 means EOF and we need to return direct metze (This used to be commit 885d557ae746c318df0aabc0a03dce1587918cce)
2007-10-10r23937: Use ads_config_path() when we need to know the configration context.Günther Deschner1-26/+11
Guenther (This used to be commit 1a62c731c6259bf4285d3735bff8b191002553f7)
2007-10-10r23933: - implement ctrl SASL wrapping hookStefan Metzmacher1-6/+26
- pass down sign or seal hooks - some sasl wrapping fixes metze (This used to be commit 8c64ca3394489b28034310fe64d6998e49827196)
2007-10-10r23926: implement output buffer handling for the SASL write wrapperStefan Metzmacher1-1/+67
metze (This used to be commit 65ce6fa21adec704b3cde30c57001e5620f048e4)
2007-10-10r23922: implement input buffer handling for the SASL read wrapperStefan Metzmacher1-2/+129
metze (This used to be commit 7d8518ebd9470062b499b7074a940e14520e99f2)
2007-10-10r23918: not all ldap libraries support debuggingStefan Metzmacher1-18/+0
metze (This used to be commit 3f68189c9a319ac9cae76f6d2b586cbde6d31e3c)
2007-10-10r23916: use the correct io operations for debuggingStefan Metzmacher1-4/+6
metze (This used to be commit d745a1a71991f306c29b3c62f43d619177f79725)
2007-10-10r23898: rename HAVE_ADS_SASL_WRAPPING -> HAVE_LDAP_SASL_WRAPPINGStefan Metzmacher1-2/+2
metze (This used to be commit 873eaff8febb50f00f9dac64c57b2a22c16f4f9b)
2007-10-10r23893: add dummy callbacks for LDAP SASL wrapping,Stefan Metzmacher1-0/+109
they're not used yet... metze (This used to be commit a3b97cdce719d9d5e82f26096c0e8c3a86ff3965)
2007-10-10r23888: move elements belonging to the current ldap connection to aStefan Metzmacher4-55/+55
substructure. metze (This used to be commit 00909194a6c1ed193dfdb296f50f58a53450583c)
2007-10-10r23886: add ads_disconnect() functionStefan Metzmacher3-8/+14
metze (This used to be commit ba70737b7043cae89dd90f8668a24881212ac6fb)
2007-10-10r23869: Protect against partial security descriptors.Günther Deschner1-8/+25
Guenther (This used to be commit 0a96a11f01dd8c0d29fff1d97c3d666c32b33b59)
2007-10-10r23861: Fix return code in ads_find_samaccount().Günther Deschner1-1/+1
Guenther (This used to be commit 684fcf39dcc08bcf571272549222fdeb11d2725f)
2007-10-10r23842: Attempt to fix the build with LDAP.Günther Deschner1-1/+3
Guenther (This used to be commit efd817ae118da51058106ae97854572547e113d3)
2007-10-10r23839: Try to get the attribute name from schema GUIDs or the display name fromGünther Deschner2-7/+48
extended rights GUID from ad while dumping the security descriptors's aces. This would perform much better with a guid cache, but for the rare cases where it is used net ads search cn=mymachine ntSecurityDescriptor -U user%pass it should be ok for now. Guenther (This used to be commit b36913433eb74203b29f2b7d412a86e60591ea22)
2007-10-10r23838: Allow to store schema and config path in ADS_STRUCT config.Günther Deschner1-0/+2
Guenther (This used to be commit 1d5b08326fa72bd3423b377a4e6243466e778622)
2007-10-10r23837: Pass ADS_STRUCT and TALLOC_CTX down to ads_disp_sd.Günther Deschner2-7/+9
Guenther (This used to be commit ad0a6d5703c35d48ab5bbfa8d6506d42e0cfb61d)
2007-10-10r23836: Add ads_config_path() and ads_get_extended_right_name_by_guid().Günther Deschner1-0/+93
Guenther (This used to be commit 4d62f1191b52569fcdbe674773b07a44aa469520)
2007-10-10r23835: Pass down a struct GUID to ads_get_attrname_by_guid() directly.Günther Deschner1-7/+2
Guenther (This used to be commit a4d5206d0bcbee713790834f119b182e0b419e8c)
2007-10-10r23834: Allow to pass an ADS_STRUCT pointer down to the dump function ↵Günther Deschner1-13/+13
callback in libads. Guenther (This used to be commit 311bbbafa6d860b7b632beac6d9249b0a2fafb86)
2007-10-10r23833: Document ads_find_samaccount().Günther Deschner1-0/+9
Guenther (This used to be commit 3effd1c3461301f9ccf7c55386810c36f4ee3ccc)
2007-10-10r23829: Add ads_get_attrname_by_guid().Günther Deschner1-2/+51
Guenther (This used to be commit a84fd8300661fd895ed7a8a104b743628718dfc8)