summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r14682: Small cleanup in ads_verify_ticket.Günther Deschner1-6/+5
Guenther (This used to be commit 90df68634b508b0a58f0a15ab62e9cead85765b6)
2007-10-10r14611: Fix init_creds_opts issue jerry discovered when using MIT krb5 1.3:Günther Deschner1-10/+0
We were using a far too short renewable_time in the request; newer MIT releases take care interally that the renewable time is never shorter then the default ticket lifetime. Guenther (This used to be commit bde4a4018e26bc9aab4b928ec9811c05b21574f3)
2007-10-10r14585: Tighten argument list of kerberos_kinit_password again,Günther Deschner2-5/+21
kerberos_kinit_password_ext provides access to more options. Guenther (This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
2007-10-10r14576: Skip remaining keytab entries when we have a clear indication thatGünther Deschner1-1/+23
krb5_rd_req could decrypt the ticket but that ticket is just not valid at the moment (either not yet valid or already expired). (This also prevents an MIT kerberos related crash) Guenther (This used to be commit 8a0c1933d3f354a8aff67482b8c7d0d1083e0c8f)
2007-10-10r14512: Guenther, This code breaks winbind with MIT krb1.3.Gerald Carter1-2/+12
I'm disabling it for now until we have en effective means of dealing with the ticket request flags for users and computers. (This used to be commit 635f0c9c01c2e389ca916e9004e9ea064bf69cbb)
2007-10-10r14503: Fix principal in debug statement.Günther Deschner1-2/+1
Guenther (This used to be commit 7b1fcb75dadd5ff232d60f93206867cf13322f2e)
2007-10-10r14252: Fix Coverity #72: free alloc'ed storage before return. Also found oneJim McDonough1-1/+6
more that coverity didn't find from asprintf. (This used to be commit 37b6e2c8de41754a5a1a3a6f798d57aa5d533ada)
2007-10-10r14170: Paranioa fix for sesssetup.Jeremy Allison1-9/+17
Fix Coverity bug #26. Guard against NULL ref. Jeremy. (This used to be commit c0f906ac8de850f4566b6b3be4e3c7d245e6e252)
2007-10-10r14118: Fix coverity bug #24. Missing return statement meantJeremy Allison1-1/+1
a possible NULL ptr deref. Jeremy. (This used to be commit 78ac3f9cbdabc1df9480f75fb3910a3a108a0e91)
2007-10-10r14074: Some cleanup; there is no point in declaring and mappingGünther Deschner1-29/+6
KRB5KRB_ERR_RESPONSE_TOO_BIG when the krb5 library does not know about this. Guenther (This used to be commit 4a1a3c4808307e09fa8ff85da9a963a4a6f0e9ae)
2007-10-10r14017: Okay, okay, I have turned a double-free into dead code :-)Volker Lendecke1-2/+0
Fix Coverity # 214. Volker (This used to be commit 4a75edf9deca2be18670d7f9f2e383ed0898512c)
2007-10-10r13965: Make sure we always reset the userAccountControl bits when re-joiningGünther Deschner1-1/+1
with an existing account. Guenther (This used to be commit e4c12ab167ee83772a2bdd1946b8d73613fc0d7e)
2007-10-10r13951: Fix Coverity Bug #163.Volker Lendecke1-28/+0
This code was not used anyway :-) Volker (This used to be commit bbfb20569380529d60e3c61cd0be63a09eecfd17)
2007-10-10r13950: Fix Coverity bug #168Volker Lendecke1-0/+1
(This used to be commit cbf894c0e37964df57bd6a91ac10dfff571b1b3c)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner1-14/+28
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13657: Let winbindd try to obtain the gecos field from the msSFU30GecosGünther Deschner2-1/+7
attribute when "winbind nss info = sfu" is set. Fixes #3539. Guenther (This used to be commit ffce0461de130828345c44293e564ca03227607d)
2007-10-10r13599: krb5 error codes are defined as long. Also for the other direction.Lars Müller1-1/+1
(This used to be commit 7b8ea1499124d1e1efe325339419a66ab8885b38)
2007-10-10r13597: krb5 error codes are defined as long.Lars Müller1-1/+1
(This used to be commit bab8c156a464c1beaa022e0026184e0de84c0bf9)
2007-10-10r13588: Second attempt to fix Bug #3330 - treat the string as aJeremy Allison1-7/+7
uint8 array and copy as such. Gunther please check (sorry I reverted your earlier fix). Jeremy. (This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
2007-10-10r13585: Sorry Gunther, had to revert this. It's got a bufferJeremy Allison1-3/+11
overrun. Spoke to Jerry about the correct fix. Will add this after. Jeremy. (This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
2007-10-10r13581: Correctly parse a non-null terminated, little-endian UCS2 string in theGünther Deschner1-11/+3
PAC_LOGON_NAME structure. This was broken on big-endian machines (Solaris SPARC and ppc). Fixes Bug #3330. Jerry, this should be in 3.0.21c. Guenther (This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
2007-10-10r13410: Dump a netbootGUID as a GUID.Günther Deschner1-0/+1
Guenther (This used to be commit 9b19a68456c7b576750aaf64c178ba5323d9a95e)
2007-10-10r13316: Let the carnage begin....Gerald Carter7-32/+1611
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13310: first round of server affinity patches for winbindd & net ads joinGerald Carter1-0/+4
(This used to be commit 6c3480f9aecc061660ad5c06347b8f1d3e11a330)
2007-10-10r13137: make cleare where long ifdefs endsSimo Sorce1-2/+2
(This used to be commit 58e48fef450f71ac15219f73897801c5a66a2c44)
2007-10-10r12878: Don't use non-static array initialisers.James Peach1-1/+2
(This used to be commit 95b231f0285c65bcdc62cd453cea634f9f5e7f91)
2007-10-10r12406: Since w2k3 sp1 we fail to create user accounts using e.g. "net ads userGünther Deschner1-1/+1
add" with "Server is unwilling to perform". Seems we have to put in the same userAccountControl bits the server would pick when we wouldn't send them at all. Guenther (This used to be commit fd5da5875cdc47fc6ef6ba1615a9635f9f157589)
2007-10-10r12196: patch from Krishna Ganugapati <krishnag@centeris.com>Gerald Carter1-1/+17
Use the subtree delete ldap control when running 'net ads leave' to ensure that the machine account is actually deleted. (This used to be commit e96000c16cd182b2e2cbdc1a287002306d2965e6)
2007-10-10r12043: It's amazing the warnings you find when compiling on a 64-bitJeremy Allison2-6/+6
box with gcc4 and -O6... Fix a bunch of C99 dereferencing type-punned pointer will break strict-aliasing rules errors. Also added prs_int32 (not uint32...) as it's needed in one place. Find places where prs_uint32 was being used to marshall/unmarshall a time_t (a big no no on 64-bits). More warning fixes to come. Thanks to Volker for nudging me to compile like this. Jeremy. (This used to be commit c65b752604f8f58abc4e7ae8514dc2c7f086271c)
2007-10-10r11875: Allow to use START_TLS (by manually setting "ldap ssl = start_tls") forGünther Deschner1-0/+5
LDAP connections to ADS (Windows 2003). Guenther (This used to be commit 95543fab0f6aa1c483b40247c16cde79cbc9c012)
2007-10-10r11863: BUG 3196: patch from Alex Deiter <tiamat@komi.mts.ru> to compile ↵Gerald Carter1-1/+7
against the Sun LDAP client libs. But not for AD support; just ldap support (This used to be commit a33e78acedb37df47905d326411e017794721250)
2007-10-10r11846: Destroy the TALLOC_CTX on error in the Kerberos session setup and give aGünther Deschner1-3/+3
more precise inline comment why PAC verification may fail. Guenther (This used to be commit 43b57715e9b44a0a0c7cc7fe3674a5fd4369e78b)
2007-10-10r11651: After talking to Jeremy, commit my winbindd "Do the Right Thing" patch.Gerald Carter1-1/+18
Still needs some more testing ni domains with multiple DCs. Coming next.... (This used to be commit aaed605206a8549cec575dab31e56bf6d32f26a6)
2007-10-10r11551: Add a few more initialize_krb5_error_tableVolker Lendecke2-0/+4
(This used to be commit d92c83aa42fe64a0e996094d1a983f0279c7c707)
2007-10-10r11508: Removed incorrect patch hunk. Thanks to AndrewJeremy Allison1-2/+0
Bartlett for pointing this out. Jeremy. (This used to be commit c93a08be4a29854354a16c6e8f984477e19f41c0)
2007-10-10r11504: Added Andrew Bartletts removal of another NTLMSSP implementationJeremy Allison2-85/+91
patch. Jeremy. (This used to be commit 4591984176fd32ba25155fbc6889a1c637019a08)
2007-10-10r11451: Fix -O1 "might be using uninitialized" errors.Jeremy Allison1-1/+1
Jeremy. (This used to be commit cab76c3c33883aad444eefb6562ab1b27d9ca88a)
2007-10-10r11183: add small helper function to return a PAC_LOGON_INFO.Günther Deschner1-0/+16
Guenther (This used to be commit a8d5d6b845efb62e73e281549528376f3ee74211)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison2-2/+3
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10907: Handle the case when we can't verify the PAC signature because theGünther Deschner1-5/+7
ticket was encrypted using a DES key (and the Windows KDC still puts CKSUMTYPE_HMAC_MD5_ARCFOUR in the PAC). In that case, return to old behaviour and ignore the PAC. Thanks to Chengjie Liu <chengjie.liu@datadomain.com>. Guenther (This used to be commit 48d8a9dd9f573d0d913a26a62e4ad3d224731343)
2007-10-10r10710: Fix uninitialized variable. (Thanks to Chengjie LiuGünther Deschner1-1/+1
<chengjie.liu@datadomain.com>) Guenther (This used to be commit 241466ee650d1db1b89a4b5b640f27f6b83644c6)
2007-10-10r10671: Attempt to fix the build on machines without kerberos headers.Volker Lendecke1-1/+1
Volker (This used to be commit cb816e65a95802d5172c410d1acda2da070b871d)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter5-109/+483
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10285: Doh ! Guenther spotted this stupid cut-n-paste bug...Jeremy Allison1-1/+0
Thanks Guenther ! Jeremy. (This used to be commit 7335440e480599a6e16780976ab36651a6fb969d)
2007-10-10r10211: Fix another memleak (this time in the kerberos keytab code)Günther Deschner1-1/+5
Guenther (This used to be commit 9796bf45895681fee243ca8fd8297ff270c7547c)
2007-10-10r9780: Clean up a bunch of compiler warnings.James Peach1-6/+0
(This used to be commit 623d2e69319ffead31a780a4d6156dae45f386d7)
2007-10-10r9739: conver the reg_objects (REGSUBKEY_CTR & REGVAL_CTR) to useGerald Carter1-17/+24
the new talloc() features: Note that the REGSUB_CTR and REGVAL_CTR objects *must* be talloc()'d since the methods use the object pointer as the talloc context for internal private data. There is no longer a regXXX_ctr_intit() and regXXX_ctr_destroy() pair of functions. Simply TALLOC_ZERO_P() and TALLOC_FREE() the object. Also had to convert the printer_info_2->NT_PRINTER_DATA field to be talloc()'d as well. This is just a stop on the road to cleaning up the printer memory management. (This used to be commit ef721333ab9639cb5346067497e99fbd0d4425dd)
2007-10-10r9163: Rename UNKNOWN_TYPE_10 to PAC_LOGON_NAME (merge from samba4)Günther Deschner1-16/+16
Guenther (This used to be commit d14dcba9635d10d2d8bf9f60c601b8c9078ec340)
2007-10-10r8989: Fix a warningVolker Lendecke1-1/+1
(This used to be commit 3d491ebf9ca8edae938aee08abb924905fd83deb)
2007-10-10r8899: various compiler warning fixes reported by Jason Mader ↵Gerald Carter1-2/+2
<jason@ncac.gwu.edu> (This used to be commit d8ae9f2b3e5387ef2c4e84cd9c33f4a7c795b0d3)