summaryrefslogtreecommitdiff
path: root/source3/libnet
AgeCommit message (Collapse)AuthorFilesLines
2009-04-21s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED.Günther Deschner1-5/+5
Guenther
2009-04-20Remove smb_mkstemp() - libreplace will now provide a secure mkstemp() ifJelmer Vernooij1-2/+2
the system one is broken.
2009-04-20Merge commit 'origin/master' into libcli-auth-merge-without-netlogondAndrew Bartlett1-1/+1
2009-04-20Remove use of talloc_reference in cli_rpc_pipe_open_schannel_with_key()Andrew Bartlett1-1/+1
2009-04-15Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+Jeremy Allison1-1/+1
What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy.
2009-04-14Make Samba3 use the new common libcli/auth codeAndrew Bartlett1-4/+4
This is particuarly in the netlogon client (but not server at this stage)
2009-04-14Use common samsync delta decryption functions in libnet_samsync.cAndrew Bartlett1-157/+7
Andrew Bartlett
2009-04-14Adapt to common crypto functions: sam_pwd_hash() -> sam_rid_crypt()Andrew Bartlett2-8/+10
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-8/+9
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-04-14Move DRSUAPI per-attribute decryption into a common fileAndrew Bartlett1-71/+5
This file (contining metze's decryption routines) is now also be used by Samba3's DRSUAPI implementation Andrew Bartlett
2009-04-07s3:kerberos Rework smb_krb5_unparse_name() to take a talloc contextAndrew Bartlett1-18/+14
Signed-off-by: Günther Deschner <gd@samba.org>
2009-04-06s3:libads Make ads_get_dn() take a talloc contextAndrew Bartlett1-2/+2
Also remove ads_memfree(), which was only ever a wrapper around SAFE_FREE, used only to free the DN from ads_get_ds(). This actually makes libgpo more consistant, as it mixed a talloc and a malloc based string on the same element. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2009-04-01s3-libnet-samsync: return appropriate error code in fetch_sam_entry().Günther Deschner1-22/+25
Guenther
2009-04-01s3-libnet-samsync: use smb_create_user().Günther Deschner1-46/+6
Guenther
2009-04-01s3-libnet-samsync: some pure cosmetics.Günther Deschner1-0/+30
Guenther
2009-04-01s3-libnet-samsync: use parent talloc context for libnet_samsync_passdb.Günther Deschner1-26/+28
Guenther
2009-04-01s3-libnet: only call libnet_dssync_process() startup and shutdown callbacks ↵Günther Deschner1-12/+16
when filled in. Guenther
2009-03-25s3-libnet: Fix Bug #6193: avoid messing with sync_context in ↵Günther Deschner1-3/+0
libnet_samsync_delta(). We absolutely need to avoid messing with the sync_context as that breaks the stream of replication data coming from the DC (only replicates ~350 instead of ~4000 groups). Guenther
2009-03-18s3: remove POLICY_HND.Günther Deschner1-3/+3
Guenther
2009-02-26s3: move definition of W_ERROR_NOT_OK_GOTO_DONE down to libcli/util/werror.hMichael Adam1-6/+0
Michael
2009-02-19s3-libnet: fix coverity #848 (UNINIT).Günther Deschner1-1/+1
Guenther
2009-02-03s3: Fix 'net rpc join' for users with the SeMachineAccountPrivilege.Volker Lendecke1-2/+5
2009-02-01Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz1-1/+1
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
2009-01-29Fix coverity CID#117 - resource leak in error path.Jeremy Allison1-24/+53
Jeremy.
2009-01-29Fix coverity CID#116. Resource leak on error path.Jeremy Allison1-2/+4
Jeremy.
2009-01-29Fix coverity CID#115. Resource leak in error path.Jeremy Allison1-1/+4
Jeremy.
2009-01-15s3: make better use of ccache by not including version.h in every C-file.Michael Adam1-1/+1
version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael
2009-01-06s3-samr: avoid all init_samr_user* functions.Günther Deschner1-4/+4
Guenther
2008-12-23Fix another "format not a string literal and no format arguments" warning.Jeremy Allison1-2/+5
Jeremy
2008-12-22In gcc version 4.3.2 we get warnings for functions declared withJeremy Allison1-2/+1
attribute warn_unused_result. Start to fix these. Jeremy.
2008-12-13s3:libnet_join: use DS_FORCE_REDISCOVERYStefan Metzmacher1-0/+1
metze
2008-12-13s3:libnet_join: call saf_join_store() after a the join.Stefan Metzmacher1-1/+4
metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (similar to commit feef594d275881466e2c3f59c0ff54609a9cc53b)
2008-12-11s3-libnet: fix DEBUG statement in libnet_keytab.Günther Deschner1-1/+1
Guenther
2008-12-09s3-libnet: fix build warning (missing prototype).Günther Deschner1-2/+2
Guenther
2008-11-29s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze.Günther Deschner1-16/+29
Guenther
2008-11-29s3-libnetjoin: remove unused md4_trust_password, found by metze.Günther Deschner1-5/+0
Guenther
2008-11-28s3-samr: fix init_samr_user_info{23,24} callers.Günther Deschner1-1/+2
Guenther
2008-11-21s3-libnetjoin: fix build warning.Günther Deschner1-1/+1
Guenther
2008-11-21s3-libnetjoin: try to show a better error message upon invalid configuration.Günther Deschner1-11/+50
Guenther
2008-11-18s3-libnet-samsync: store samsync sequence number state in keytab.Günther Deschner1-1/+52
Guenther
2008-11-18s3-libnet-samsync: refactor libnet_samsync.Günther Deschner1-57/+66
Guenther
2008-11-18s3-libnet-samsync: pass back sequence number from fetch_sam_entries_keytab.Günther Deschner1-1/+16
Guenther
2008-11-18s3-libnet-samsync: use netr_DatabaseDeltas unless full replication enforced.Günther Deschner1-1/+12
Guenther
2008-11-18s3-libnet-samsync: pass sequence number pointer to process routine.Günther Deschner6-0/+8
Guenther
2008-11-18s3-libnet-samsync: move all modules to startup,process,finish callbacks.Günther Deschner6-71/+153
Guenther
2008-11-18s3-libnet-samsync: call init and close ops function where appropriate.Günther Deschner1-1/+23
Guenther
2008-11-18s3-libnet-samsync: use samsync_ops.Günther Deschner6-60/+34
Guenther
2008-11-18s3-libnet-samsync: add samsync_ops to all samsync modules.Günther Deschner5-0/+21
Guenther
2008-11-18s3-libnet-samsync: add samsync_ops.Günther Deschner1-0/+18
Guenther
2008-11-18s3-libnet: move add_to_keytab_entries to libnet_keytab.Günther Deschner4-87/+93
Guenther