Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
Guenther
|
|
In all other places we check the result of secrets_init.
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb 6 17:30:48 CET 2011 on sn-devel-104
|
|
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This helps the s3compat effort by allowing these functions to be
replaced by functions that query the cli_credentials and secrets.ldb
APIs.
Also, this changes a couple of DOM_SID to struct dom_sid along the
way.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
Karolin
|
|
a tdb.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Jeremy.
|
|
Guenther
|
|
It doesn't really matter if the entries
have invalid context in it. Older versions of samba
refuse to open the file if the version doesn't match.
If we can't parse individual records, we'll fail schannel binds,
but the clients are supposed to reestablish the netlogon secure channel
by doing ServerReqChallenge/ServerAuthenticate* again. This
will just overwrite the old record.
metze
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Now secrets.tdb is only writen with transactions.
Michael
|
|
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
|
|
This removes calls to push_*_allocate() and pull_*_allocate(), as well
as convert_string_allocate, as they are not in the common API
To allow transition to a common charcnv in future, provide Samba4-like
strupper functions in source3/lib/charcnv.c
(the actual implementation remains distinct, but the API is now shared)
Andrew Bartlett
|
|
|
|
|
|
|
|
(This used to be commit f91a3e0f7b7737c1d0667cd961ea950e2b93e592)
|
|
Coverity ID 570
(This used to be commit 0f52dc3f7eae7e87b8a71bd099b99b0b3e76a387)
|
|
Coverity ID 571
(This used to be commit a551773e34af1c118f77784a285e1b885da8655d)
|
|
Fix Coverity ID 572, also fix the error check for secrets_fetch failing
(This used to be commit 2663c81a782fd4394a9feaaaa987c7f6d38ca5da)
|
|
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit dead193f46c2b19955ab3e5ac5ba343694f4858a)
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit 5f4de856af1abe63b13059bbe1615cb5877770d0)
|
|
metze
(This used to be commit 986bc7e8b260265da019b67ec751509eb589d24b)
|
|
metze
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit b61b8ca4944f399216d8e67a48ea7d259258b432)
|
|
metze
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit 729f7b9ff30e81537a7257daeaa1728c7ae96853)
|
|
(This used to be commit 9d30e5991c6fe77ef5fd505efb756554bbe77256)
|
|
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not
provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC
mutex is needed per-node anyway, so it is perfectly fine to use a local mutex
only.
(This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
|
|
This is preparing the conversion of secrets.c to ctdb
(This used to be commit 1307f0130c47b8d740d2b7afe7a5d8d1a655e2a2)
|
|
(This used to be commit 3ac4f935c074af768d0b83514f86d010c387817a)
|
|
secrets_init() makes sure that the tdb is initialized
(This used to be commit 8725dbc8888cf7a1d3d9d1205678fcd3ca3c6350)
|
|
(This used to be commit 27065382d9b692b5885265c9d60ffb7ec7748c38)
|
|
Guenther
(This used to be commit 5e60852bae61be72dee9d5b93c59ac900aba73ae)
|
|
Guenther
(This used to be commit dd3fbd93b6e5fe8b5e3a3727a64a38d5ae46fcbf)
|
|
Guenther
(This used to be commit 6ccbf67a0c6f117978df55d4e2565d34fddf9317)
|
|
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
|
|
into a new function secrets_fetch_trust_account_password_legacy() that
does only try to obtain the hashed version of the machine password directly
from secrets.tdb.
Michael
(This used to be commit 91da12b751b3168dc40049f3e90c10d840393efc)
|
|
secrets_store_trust_account_password() and trust_password_delete()
are the write access functions to the SECRETS/$MACHINE.ACC/domain keys
in secrets.tdb, the md4 hashed machine passwords. These are not used
any more: Current code always writes the clear text password.
Michael
(This used to be commit 4788fe392427901f6b1c505e3a743136ac8a91ca)
|