Age | Commit message (Collapse) | Author | Files | Lines |
|
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Guenther
|
|
We detect this function at configure time, but it currently fails to
operate the way we need - that is, when the principal is not
specified, it gives this error. When the principal is specified we
get 'wrong principal in request' in the GSS acceptor, so for now the
best option is to fall back to the alternate approach.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jul 20 06:35:05 CEST 2011 on sn-devel-104
|
|
We may not be able to obtain the full error string, so print what we can get.
This is required when the error is the the GSSAPI layer, not the mechanism.
Andrew Bartlett
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Jun 27 18:21:30 CEST 2011 on sn-devel-104
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
The extra fields in the structure that Samba4 does not use should not
bother it.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This matches Samba4's server_id.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This will allow this structure to be shared, and allow us to create a
common messaging system between all Samba processes. Samba4 uses the
task_id to indicate the different tasks within a single unix process.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue May 31 15:19:46 CEST 2011 on sn-devel-104
|
|
in the early CTDB days, the RELEASE_IP message was defined
and some code was added to react on such a message to make
smbd exit if the IP address it was using for the server socket
is removed by CTDB.
Later, it was discovered that we need to stop smbd immediately
and logic was added to ctdb_conn to call release_ip() without
going through the messaging system.
So this code is not used and can be removed
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Fri May 20 16:18:24 CEST 2011 on sn-devel-104
|
|
strcasecmp_m() never needs to call to talloc, and via next_codepoint()
still has an ASCII fast-path bypassing iconv() calls.
Andrew Bartlett
|
|
There is no longer a reason to leave this source3 specific, and this
brings it into a library (avoiding duplicate symbols).
Andrew Bartlett
|
|
These come in via the smb_krb5.h include (and lib/replace/system/kerberos.h)
in the end.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue May 10 23:12:31 CEST 2011 on sn-devel-104
|
|
|
|
needed).
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Apr 27 23:08:48 CEST 2011 on sn-devel-104
|
|
This is constant data according to the man pages I find for this
fucntion, and causes a segfault to free() when linked to Heimdal. I
am advised that while it is constant for gss_mech_krb5, it may not be
for other mechanisms, so an assert will ensure this is dealt with by
the programmer who extends this code in future.
Andrew Bartlett
|
|
This only works for Heimdal and MIT Krb5 1.8, other versions will get
an ACCESS_DEINED error.
We no longer manually verify any details of the PAC in Samba for
GSSAPI logins, as we never had the information to do it properly, and
it is better to have the GSSAPI library handle it.
Andrew Bartlett
|
|
This Heimdal function does not set the global state, and allows the
GSSAPI server to progress further when compiled against Heimdal (such
as in the top level build).
The ability to specify a keytab has been removed from the API as it is
unused, and and the Heimdal function (avoiding setting global
variables) works with an open keytab.
Andrew Bartlett
|
|
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
This will be called from wb_lookupsids to query remote DCs via lsa
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Guenther
|
|
We set the current password twice, rather than the current and old
password.
Andrew Bartlett
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|