summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2010-07-20s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keysSimo Sorce2-2/+4
2010-07-20Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵Jeremy Allison1-4/+4
contexts. Jeremy.
2010-07-20Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL ↵Jeremy Allison1-3/+6
context tallocs. Jeremy.
2010-07-20Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduceJeremy Allison1-1/+1
use of malloc, and data_blob(). Jeremy.
2010-07-20Rename spnego_gen_negTokenTarg() -> spnego_gen_krb5_negTokenInit()Jeremy Allison1-1/+1
as this correctly describes what this function does. Jeremy.
2010-07-20Remove gen_negTokenTarg(), as it's not actually creating a TokenTarg frame, ↵Jeremy Allison1-1/+1
but a TokenInit one. Move to using spnego_gen_negTokenInit() instead. Jeremy
2010-07-19Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit().Jeremy Allison1-1/+2
We now have one function to do this in all calling code. More rationalization to follow. Jeremy.
2010-07-19Remove parse_negTokenTarg(), as it's actually incorrect. We're processingJeremy Allison1-1/+1
negTokenInit's here. Use common code in spnego_parse_negTokenInit(). Jeremy.
2010-07-19s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.Simo Sorce1-7/+7
All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-01s3-libads: move ldap posix schema defines to their own header file.Günther Deschner3-0/+64
Guenther
2010-07-01s3-libads: only include libds flags where needed.Günther Deschner2-0/+2
Guenther
2010-07-01s3-libads: move ads_dns out of main includes.Günther Deschner3-0/+92
Guenther
2010-07-01s3-libads: move ads_status to a separate header file.Günther Deschner1-0/+42
Guenther
2010-07-01s3-libads: move ads_protos.h to ads_ldap_protos.h.Günther Deschner1-0/+123
Guenther
2010-07-01s3-libnet_join: small IDL enhancement.Günther Deschner1-2/+0
Guenther
2010-07-01s3-libads: use shared well known guids.Günther Deschner1-1/+1
Guenther
2010-06-03s3: remove authdata.hGünther Deschner1-1/+0
Guenther
2010-06-03s3: remove rpc_secdes.h completely.Günther Deschner1-0/+3
Guenther
2010-06-02s3: Allow previous password to be stored and use it to check ticketsMatthieu Patou1-37/+58
This patch is to fix bug 7099. It stores the current password in the previous password key when the password is changed. It also check the user ticket against previous password. Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()Andrew Bartlett1-1/+5
This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3: use shared security defines.Günther Deschner1-14/+14
Guenther
2010-05-31s3: only use netlogon/nbt header when needed.Günther Deschner3-0/+14
Guenther
2010-05-28s3-build: use ndr_misc.h where needed.Günther Deschner1-0/+1
Guenther
2010-05-26s3-printing: fix buildwarning in publishing code after registry changes.Günther Deschner1-5/+5
Guenther
2010-05-25s3:registry: move reg_objects.h to registry/ and use it only where neededMichael Adam1-0/+1
Every place outside of registry/ where this is used, should probably be changed to use pure reg_api.c code.
2010-05-25s3:libads:use regval_ctr/blob accessor functions in ldap_printer.cMichael Adam1-34/+42
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett2-23/+23
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-20s3-libads: add ads_set_sasl_wrap_flags().Günther Deschner1-0/+14
Guenther
2010-05-18s3-rpc_client: move protos to cli_spoolss.hGünther Deschner1-0/+1
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_descriptor SEC_DESC".Günther Deschner2-4/+5
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_acl SEC_ACL".Günther Deschner1-1/+1
Guenther
2010-05-18s3-secdesc: remove "typedef struct security_ace SEC_ACE".Günther Deschner1-1/+1
Guenther
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij3-17/+10
2010-05-18s3-registry: only include registry headers when really needed.Günther Deschner1-0/+1
Guenther
2010-05-17s3-kerberos: temporary fix for ipv6 in print_kdc_line().Günther Deschner1-5/+20
Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill in just the kdc_name if we have it and let the krb5 lib figure out the appropriate ipv6 address ipv6 gurus, please check. Guenther
2010-05-17s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().Günther Deschner1-7/+12
Guenther
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett2-121/+26
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-06Remove the copy of ldb from Samba 3.Jelmer Vernooij1-1/+0
There were two utility functions that other parts of Samba 3 still relied on; they have been moved to lib/ldb_compat.[ch].
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner1-0/+1
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-05-04s3: Fix a memleak in check_pac_checksumVolker Lendecke1-2/+8
2010-04-27s3:libads/ldap.c - fix a build breakageMatthias Dieter Wallnöfer1-2/+2
2010-03-30s3:libads: retry with signing after getting LDAP_STRONG_AUTH_REQUIREDStefan Metzmacher1-0/+10
If server requires LDAP signing we're getting LDAP_STRONG_AUTH_REQUIRED, if "client ldap sasl wrapping = plain", instead of failing we now autoupgrade to "client ldap sasl wrapping = sign" for the given connection. metze
2010-03-24s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store themStefan Metzmacher1-1/+6
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-05s3-libads: fix get_remote_printer_publishing_data after ↵Günther Deschner1-26/+14
spoolss_EnumPrinterDataEx IDL change. Guenther
2010-03-02s3:ads fix dn parsing name was always nullSimo Sorce1-19/+16
While there also use ldap_exploded_dn instead of ldb_dn_validate() so we can remove a huge dependency that is hanging there only for one very minor marginal use. Signed-off-by: Günther Deschner <gd@samba.org>
2010-02-23s3 move the sitename cache in its own fileSimo Sorce4-113/+165
2010-02-23s3-libads: Remove obsolete signal type cast.Andreas Schneider1-5/+5
2010-02-14s3-lib: use TYPESAFE_QSORT() in remaining s3 library codeAndrew Tridgell1-1/+1
the sort_query_replies() in nmblib.c is a TODO. It uses a hack that treats a char* as a structure. I've left that one alone for now.
2010-01-30Fix bug #7079 - cliconnect gets realm wrong with trusted domains.Jeremy Allison1-0/+52
Passing NULL as dest_realm for cli_session_setup_spnego() was always using our own realm (as for a NetBIOS name). Change this to look for the mapped realm using krb5_get_host_realm() if the destination machine name is a DNS name (contains a '.'). Could get fancier with DNS name detection (length, etc.) but this will do for now. Jeremy.