summaryrefslogtreecommitdiff
path: root/source3/libsmb/trusts_util.c
AgeCommit message (Collapse)AuthorFilesLines
2010-06-30s3-libsmb: move change_trust_account_password out of smbd into libsmb.Günther Deschner1-0/+74
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-2/+2
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-rpc_client: move protos to cli_lsarpc.hGünther Deschner1-0/+1
Guenther
2010-05-18s3-rpc_client: move protos to cli_netlogon.hGünther Deschner1-0/+1
Guenther
2009-11-26s3-rpc: Avoid including every pipe's client and server stubs everywhere in ↵Günther Deschner1-0/+1
samba. Guenther
2009-11-12Ensure all callers to the rpc_client/cli_pipe functions correctlyJeremy Allison1-1/+1
initialize return variables. Jeremy.
2009-11-03s3: Remove debug_ctx()Volker Lendecke1-1/+1
smbd just crashed on me: In a debug message I called a routine preparing a string that itself used debug_ctx. The outer routine also used it after the inner routine had returned. It was still referencing the talloc context that the outer debug_ctx() had given us, which the inner DEBUG had already freed.
2009-10-13s3: use enum netr_SchannelType all over the place.Günther Deschner1-2/+2
Guenther
2009-10-13s3-netlogon: allow to change any type of trust account password in ↵Günther Deschner1-6/+39
trust_pw_find_change_and_store_it(). Guenther
2009-10-13s3-netlogon: pass down account name to remote password set functions.Günther Deschner1-0/+3
Guenther
2009-10-05Revert "s3: Attempt to fix machine password change"Volker Lendecke1-3/+5
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed.
2009-10-05s3: Attempt to fix machine password changeVolker Lendecke1-5/+3
2009-10-05s3: Fix nonempty blank linesVolker Lendecke1-4/+4
Signed-off-by: Günther Deschner <gd@samba.org>
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-0/+1
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-03-18s3: remove POLICY_HND.Günther Deschner1-1/+1
Guenther
2008-10-19Add TALLOC_CTX pointer to generate_random_str(), for consistency withJelmer Vernooij1-3/+2
Samba 4.
2008-09-21netlogon: move password change code out to rpccli_netlogon_set_trust_password.Günther Deschner1-94/+5
Guenther
2008-09-21netlogon: refactor just_change_the_password a bit.Günther Deschner1-22/+16
Guenther
2008-09-21netlogon: use init_netr_CryptPassword in "just_change_the_password"Günther Deschner1-13/+10
Guenther
2008-08-21Fix Bug #5710 and make machine account password changing work again.Günther Deschner1-23/+52
When we negotiated NETLOGON_NEG_PASSWORD_SET2 we need to use NetrServerPasswordSet2 to change the machine password. Tested with NT4, W2k, W2k3 and W2k8. Guenther (This used to be commit 5820360451e4db0fad0472f814cae667b2ea51fd)
2008-07-20Refactoring: Change calling conventions for cli_rpc_pipe_open_noauthVolker Lendecke1-2/+3
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS (This used to be commit 9abc9dc4dc13bd3e42f98eff64eacf24b51f5779)
2008-04-25Refactoring: Make cli_pipe_auth_data a pointer off rpc_pipe_clientVolker Lendecke1-1/+1
(This used to be commit f665afaaa3eff9ef54112e08ed034a6e1bb30edc)
2008-04-20Add "desthost" to rpc_pipe_clientVolker Lendecke1-1/+1
This reduces the dependency on cli_state (This used to be commit 783afab9c891dd7bcb78895b2a639b6f3a0edf5b)
2008-04-02Fix NETLOGON credential chain with Windows 2008 all over the place.Günther Deschner1-1/+1
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8 netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate flags everywhere (not only when running in security=ads). Only for NT4 we need to do a downgrade to the returned negotiate flags. Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6. Guenther (This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
2008-03-28Add a talloc context parameter to current_timestring() to fix memleaks.Michael Adam1-1/+1
current_timestring used to return a string talloced to talloc_tos(). When called by DEBUG from a TALLOC_FREE, this produced messages "no talloc stackframe around, leaking memory". For example when used from net conf. This also adds a temporary talloc context to alloc_sub_basic(). For this purpose, the exit strategy is slightly altered: a common exit point is used for success and failure. Michael (This used to be commit 16b5800d4e3a8b88bac67b2550d14e0aaaa302a9)
2008-02-27Use new LSA_POLICY defines in lsa rpc server code and other places.Günther Deschner1-1/+1
Guenther (This used to be commit 58cca9faf9db506bd2f6eab4a99ef85153797ab2)
2008-02-16Use rpccli_netr_ServerPasswordSet in "just_change_the_password()".Günther Deschner1-1/+26
Guenther (This used to be commit 33f91c894488687a42500e751eb9016d99d9129c)
2008-02-13Use rpccli_lsa_EnumTrustDom all over the place.Günther Deschner1-2/+26
Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-01-23Windows 2008 (Longhorn) auth2 flag fixes.Andreas Schneider1-1/+1
Interop fixes for AD specific flags. Original patch from Todd Stetcher. (This used to be commit 5aadfcdaacd6f136eab9e107a88b8544e6d2105f)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison1-3/+3
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-2/+2
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.Gerald Carter1-1/+1
The translate_name() used by cli_session_setup_spnego() cann rely Winbindd since it is needed by the join process (and hence before Winbind can be run). (This used to be commit 00a93ed336c5f36643e6e33bd277608eaf05677c)
2007-10-10r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,Gerald Carter1-1/+1
and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>. (This used to be commit 8304ccba7346597425307e260e88647e49081f68)
2007-10-10r23801: The FSF has moved around a lot. This fixes their Mass Ave address.Andrew Tridgell1-2/+1
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r21831: Back out r21823 for a while, this is going into a bzr tree first.Volker Lendecke1-4/+1
Volker (This used to be commit fd0ee6722ddfcb64b5cc9c699375524ae3d8709b)
2007-10-10r21823: Let secrets_store_machine_password() also store the account name. ↵Volker Lendecke1-1/+4
Not used yet, the next step will be a secrets_fetch_machine_account() function that also pulls the account name to be used in the appropriate places. Volker (This used to be commit f94e5af72e282f70ca5454cdf3aed510b747eb93)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison1-1/+1
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16363: Fix Klocwork ID 981 1652Volker Lendecke1-1/+5
Volker (This used to be commit ce1d8423ef7cd86fc64200002fde707bca621d44)
2007-10-10r11492: Fix bug #3224 (I hope). Correctly use machine_account_nameJeremy Allison1-3/+4
and client_name when doing netlogon credential setup. Jeremy. (This used to be commit 37e6ef9389041f58eada167239fd022f01c5fecb)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-2/+2
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-17/+30
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r6392: - Fixes bug 2564: when smbc_opendir() was called with a file rather thanDerrell Lipman1-3/+0
a directory, the errno returned could end up as ENOENT rather than ENOTDIR. - Fixes some compiler warnings which showed up on IRIX, as reported by James Peach. (This used to be commit 615a62b21f8d2f7f97bde2f166ddd6849d39b95c)
2004-01-05Change our Domain controller lookup routines to more carefully seperateAndrew Bartlett1-1/+1
DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett (This used to be commit 32397c8b01f1dec7b05140d210bb32f836a80ca6)
2003-12-28Shutting down the connection closes outstanding sessions, so we don't needAndrew Bartlett1-1/+0
to do it twice... Amdrew Bartlett (This used to be commit 8f9a069c59cbd357cbef8814764c10f6d8b6e6e8)
2003-11-22adding a useful debugGerald Carter1-0/+1
(This used to be commit e374ce779efaec001c1476e0710ceaa9c3b84e8d)
2003-09-16Applied Steve Langasek's patch for bug #450.Tim Potter1-3/+4
(This used to be commit e3cb0cd0d60d90a76e5f74d5bda702148584ab30)
2003-08-19 - Make 'net' use a single funciton for setting the 'use machine account' code.Andrew Bartlett1-5/+4
- Make winbindd try to use kerberos for connections to DCs, so that it can access RA=2 servers, particularly for netlogon. - Make rpcclient follow the new flags for the NETLOGON pipe - Make all the code that uses schannel use the centralised functions for doing so. Andrew Bartlett (This used to be commit 96b4187963cedcfe158ff02868929b8cf81c6ebf)
2003-07-30Add a command line option (-S on|off|required) to enable signing on clientJeremy Allison1-1/+1
connections. Overrides smb.conf parameter if set. Jeremy. (This used to be commit 879309671df6b530e0bff69559422a417da4a307)
2003-07-01* fixed volker's wbinfo -a lockup again. This one was my fault.Gerald Carter1-60/+19
It was caused by the winbind_ping() call in is_trusted_domain() o if we are a DC then we check our own direct trust relationships we have to rely on winbindd to update the truatdom_cache o if we are a domain member, then we can update the trustdom_cache ourselves if winbindd is not there (This used to be commit 22dfcafb37f7109dc455f4fb6323a25ba4f097bc)