Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-03-18 | s3: remove POLICY_HND. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-03-18 | s3-spoolss: use rpccli_spoolss_enumprinterdataex in ldap_printer.c. | Günther Deschner | 1 | -26/+43 | |
Guenther | |||||
2009-03-01 | Eliminate two duplicate SEC_ACE_TYPE constants already provided by | Jelmer Vernooij | 1 | -4/+4 | |
security.idl. | |||||
2009-02-10 | s3-rpcclient: use rpccli_spoolss_openprinter_ex helper. | Günther Deschner | 1 | -5/+5 | |
Guenther | |||||
2009-02-10 | s3-spoolss: fix memleak in get_remote_printer_publishing_data(). | Günther Deschner | 1 | -2/+8 | |
Guenther | |||||
2009-02-09 | s3-rpcclient: use srv_name_slash instead of formating servername again and ↵ | Günther Deschner | 1 | -4/+3 | |
again. Guenther | |||||
2009-02-06 | s3-spoolss: use rpccli_spoolss_ClosePrinter. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-02-06 | s3: use pidl to pull a KRB5_EDATA_NTSTATUS. | Günther Deschner | 1 | -36/+6 | |
Guenther | |||||
2009-02-05 | s3/libads: Change "ldap ssl:ads" parameter to "ldap ssl ads". | Karolin Seeger | 1 | -1/+1 | |
Karolin | |||||
2009-02-03 | s3-kerberos: use KRB5_KT_KEY compat macro. | Günther Deschner | 1 | -7/+1 | |
Guenther | |||||
2009-02-03 | s3-kerberos: fix ads_dedicated_keytab_verify_ticket with heimdal. | Günther Deschner | 1 | -3/+10 | |
Guenther | |||||
2009-02-03 | Revert "fix for commit d96248a9b46 which broke Heimdal builds" | Günther Deschner | 1 | -6/+0 | |
This does not build. This reverts commit af736923a541df1a37afeb72b8a5652932c4c69c. | |||||
2009-02-02 | fix for commit d96248a9b46 which broke Heimdal builds | Björn Jacke | 1 | -0/+6 | |
2009-02-01 | Add two new parameters to control how we verify kerberos tickets. Removes ↵ | Dan Sledz | 1 | -17/+112 | |
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket. | |||||
2009-01-29 | s3: fix bug #6073: prevent ads_connect() from using SSL unless explicitly ↵ | Michael Adam | 1 | -3/+5 | |
requested This fixes "net ads join". It copes with the changed default "ldap ssl = start tls". A new boolean option "ldap ssl : ads" is added to allow for explicitly requesting ssl with ads. Michael | |||||
2009-01-16 | ads_connect: Return immediately on a failed GC connection. | Gerald (Jerry) Carter | 1 | -3/+14 | |
ads_connect_gc() feeds an explicit server to ads_connect(). However, if the resulting connection fails, the latter function was attempting to find a DC on its own and continuing the connection. This resulting in GC searches being sent over a connection using port 389 which would fail when using the base search suffix outside of the domain naming context. The fix is to fail immediately in ads_connect() since the GC lookup ordering is handled already in ads_connect_gc(). | |||||
2009-01-16 | s3:libads: use lock_path for creating paths to local krb5.conf files | Michael Adam | 1 | -2/+3 | |
instead of manually doing an asprintf with lp_lockdir() Michael squash | |||||
2009-01-16 | s3:libads: give create_local_private_krb5_conf_for_domain() a common exit point | Michael Adam | 1 | -30/+20 | |
Michael | |||||
2009-01-04 | Async wrapper for open_socket_out_send/recv | Volker Lendecke | 1 | -12/+19 | |
2009-01-03 | open_socket_out is always used with SOCK_STREAM, remove argument "type" | Volker Lendecke | 1 | -1/+1 | |
2008-12-31 | Replace a static variable and alarm() calls by using sys_select() | Volker Lendecke | 1 | -23/+24 | |
Günther, please check! | |||||
2008-12-31 | Fix some nonempty blank lines | Volker Lendecke | 1 | -5/+5 | |
2008-12-30 | Fix more "ignore return value" warnings from gcc 4.3. | Jeremy Allison | 1 | -9/+22 | |
Jeremy | |||||
2008-12-23 | Fix more asprintf warnings and some error path errors. | Jeremy Allison | 1 | -2/+10 | |
Jeremy. | |||||
2008-12-23 | More asprintf warning fixes. | Jeremy Allison | 3 | -8/+28 | |
Jeremy. | |||||
2008-12-23 | More asprintf warning fixes. | Jeremy Allison | 1 | -9/+18 | |
Jeremy. | |||||
2008-12-23 | Fix more asprintf errors and error code paths. | Jeremy Allison | 2 | -9/+31 | |
Jeremy. | |||||
2008-12-13 | s3:libads/ldap.c: store the dc name in the saf cache as in all other places | Stefan Metzmacher | 1 | -3/+2 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59) | |||||
2008-12-13 | s3:libads/ldap.c: if the client belongs to no site at all any dc is the closest | Stefan Metzmacher | 1 | -0/+5 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b) | |||||
2008-12-13 | s3:libads/ldap.c: pass the real workgroup name to get_dc_name() | Stefan Metzmacher | 1 | -1/+10 | |
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc) | |||||
2008-12-13 | s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP case | Stefan Metzmacher | 1 | -1/+25 | |
We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f) | |||||
2008-12-13 | s3: correctly detect if the current dc is the closest one | Stefan Metzmacher | 1 | -1/+0 | |
ads->config.tried_closest_dc was never set. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit dfe5b00db35e1e7c7bb3ba36729fc3f97eb48db3) | |||||
2008-12-03 | s3: Change sockaddr util function names for consistency | Tim Prouty | 1 | -3/+3 | |
Also eliminates name conflicts with OneFS system libraries | |||||
2008-12-02 | s3-net: allow to list a keytab generated using net rpc vampire. | Günther Deschner | 1 | -2/+5 | |
Guenther | |||||
2008-11-24 | s3:libads/ldap.c: return an error instead of crashing when no realm is given | Stefan Metzmacher | 1 | -4/+4 | |
The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't ex and "disable netbios = yes". metze Signed-off-by: Michael Adam <obnox@samba.org> | |||||
2008-11-18 | Fix extended DN parse error when AD object does not have a SID. | Steven Danneman | 1 | -24/+38 | |
Some AD objects, like Exchange Public Folders, can be members of Security Groups but do not have a SID attribute. This patch adds more granular return errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse error occured because of bad input, or the DN was valid but contained no SID. I updated all callers to ignore SIDless objects when appropriate. Also did some cleanup to the out paths of lookup_usergroups_memberof() | |||||
2008-11-18 | Whitespace and >80 column cleanups. | Steven Danneman | 1 | -12/+12 | |
2008-11-01 | Rename dos_errstr() to win_errstr() for consistency with Samba 4. | Jelmer Vernooij | 1 | -3/+3 | |
2008-10-23 | Use sockaddr_storage only where we rely on the size, use sockaddr | Jelmer Vernooij | 1 | -4/+5 | |
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in). | |||||
2008-10-22 | s3-asn1: make all of s3 asn1 code do a proper asn1_init() first. | Günther Deschner | 2 | -96/+110 | |
Guenther | |||||
2008-10-22 | s3: use shared asn1 code. | Günther Deschner | 2 | -7/+7 | |
Guenther | |||||
2008-10-20 | s3-build: no need to duplicate generated ndr_ prototypes. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2008-10-19 | Add TALLOC_CTX pointer to generate_random_str(), for consistency with | Jelmer Vernooij | 1 | -1/+1 | |
Samba 4. | |||||
2008-10-15 | kerberos: fix some heimdal build warnings. | Günther Deschner | 1 | -4/+4 | |
Guenther | |||||
2008-10-14 | Use GUID_string rather than smb_uuid_string(). | Jelmer Vernooij | 2 | -6/+6 | |
2008-10-13 | fix build warnings. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2008-10-12 | Use common strlist implementation in Samba 3 and Samba 4. | Jelmer Vernooij | 1 | -2/+2 | |
2008-10-11 | Cope with changed signature of http_timestring(). | Jelmer Vernooij | 1 | -2/+2 | |
2008-10-04 | Fix an unlikely memleak found by the IBM checker | Volker Lendecke | 1 | -0/+2 | |
2008-10-04 | Fix an uninitialized variable found by the IBM Checker | Volker Lendecke | 1 | -0/+1 | |