summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r16952: New derive DES salt code and Krb5 keytab generationGerald Carter7-749/+573
Major points of interest: * Figure the DES salt based on the domain functional level and UPN (if present and applicable) * Only deal with the DES-CBC-MD5, DES-CBC-CRC, and RC4-HMAC keys * Remove all the case permutations in the keytab entry generation (to be partially re-added only if necessary). * Generate keytab entries based on the existing SPN values in AD The resulting keytab looks like: ktutil: list -e slot KVNO Principal ---- ---- --------------------------------------------------------------------- 1 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 2 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 3 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) 4 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 5 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 6 6 host/suse10@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) 7 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 8 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 9 6 suse10$@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) The list entries are the two basic SPN values (host/NetBIOSName & host/dNSHostName) and the sAMAccountName value. The UPN will be added as well if the machine has one. This fixes 'kinit -k'. Tested keytab using mod_auth_krb and MIT's telnet. ads_verify_ticket() continues to work with RC4-HMAC and DES keys. (This used to be commit 6261dd3c67d10db6cfa2e77a8d304d3dce4050a4)
2007-10-10r16947: Fix warning with profile separator when profiles notJeremy Allison1-0/+2
being used. Jeremy. (This used to be commit 441c289fd21d00398fb7c4c7c0338b03129a7545)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison259-9042/+19090
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16941: Fix crash bug when the pam conversation receives an empty token.Günther Deschner1-2/+2
Thanks to Bjoern Jacke for the report and test-case. Guenther (This used to be commit f2ebc0e3de396f44f49dabbfe42cb3ad1c1a7ec1)
2007-10-10r16940: libnscd sets errno, use that to display error message.Günther Deschner1-2/+2
Guenther (This used to be commit df10448e2c6166d1c129c2d9a9a74c5b4a42555f)
2007-10-10r16939: Still clear the winbind_cache.tdb when offline logons are not enabled.Günther Deschner1-2/+4
Guenther (This used to be commit 4121ccfc3e39001d5b7b8288e3bc27d919f79167)
2007-10-10r16866: No idea why I did not see the warning, sorry....Volker Lendecke1-1/+1
(This used to be commit 84913caebdb461fed2c94fadfa0039b32a83cb6d)
2007-10-10r16865: This is a proposal to fix bug 3915. Before sending patches around, ↵Volker Lendecke3-8/+24
this is what svn is for. The idea is that we fall back to a pure unix user with S-1-22 SIDs in the token in case anything weird is going on with the 'force user'. Volker (This used to be commit 9ec5ccfe851ac8a1f88b88c8c8461a5cf75b4c57)
2007-10-10r16864: Intermediate checkin -- swap the sid_check_is_in_unix_users andVolker Lendecke1-38/+38
sid_check_is_in_our_domain cases. Volker (This used to be commit dc403cec88d91fdeb09cbd04321d88bbdc0f490c)
2007-10-10r16862: Reverting accidential changes in ads_try_connect() from previous commit.Günther Deschner1-2/+2
Guenther (This used to be commit 6257f9af93f2391940b2c60fe39c0bf106de15dd)
2007-10-10r16861: Fixing crash bug when passing no domain/realm name to the CLDAP request.Günther Deschner2-7/+10
Guenther (This used to be commit 863aeb621afa7dcec1bfef8e503ef8ed363e3742)
2007-10-10r16845: Properly report the error during join when the set password failsGerald Carter1-0/+7
(This used to be commit ef6e9ca5276586c081fcf18bb178a2326309b539)
2007-10-10r16836: When receiving a CLDAP reply make sure that we always store the correctGünther Deschner1-1/+3
netbios domain name in server affinity cache. Guenther (This used to be commit 08958411eeff430fb523d9b73e0259d060bac17b)
2007-10-10r16823: Allow to call wbinfo --domain-info="" or --domain-info="." to get domainGünther Deschner1-4/+7
info for our own domain. Guenther (This used to be commit ebd3c547e508e191d5e1b5bb001797666db7b269)
2007-10-10r16800: correct a probable cut&paste errorSimo Sorce1-1/+1
(This used to be commit c139a2293bfb66554e1be09c6824d04381de58e1)
2007-10-10r16799: Fix remote smbd crash bug by removing half-implemented info level 4Günther Deschner1-8/+0
dfs_Enum. Guenther (This used to be commit 4e5ea585c3482c38f2624e45f1268d3864a99faa)
2007-10-10r16797: Add msdfs proxy junctions in the netdfs rpc enumeration.Günther Deschner1-0/+1
Guenther (This used to be commit 6bf350895a648ef9b824c94b894e8d7a8989eb97)
2007-10-10r16790: Fix memleak.Günther Deschner1-0/+1
Guenther (This used to be commit 48ab7f46814dfbd777f142cdd8f59e6c1962eb15)
2007-10-10r16789: Fix bug #3909, when using ea's getting a directory tries toJeremy Allison2-3/+59
read ea's from an msdfs link. Stop it from doing that. Jerry please merge to 3.0.23. Jeremy. (This used to be commit 95e5ace6b4f348a3244b6a3ea0fd8badf55271f5)
2007-10-10r16785: BUG 3908: Fix rpc bin authentication failure which broke user ↵Gerald Carter1-0/+3
password changes Jeremy, please review. (This used to be commit 154e4a281503f0cbc2e654640f1dfa4b4d35a3cd)
2007-10-10r16766: A warning found by RHEL3. This might actually be 3.0.23 code, maybe ↵Volker Lendecke2-2/+2
there are vasprintf implementations that don't like a NULL format. Volker (This used to be commit 03c665c307e518c9ff66096904873266b145637c)
2007-10-10r16755: Hunting warning has some benefits....Volker Lendecke1-2/+2
Solaris found this one that needs to go into 3.0.23, actually munlock the password memory. Volker (This used to be commit 6fa928f96a70b7b063dd1bdbb08c6a3f5d942229)
2007-10-10r16751: The precompiled header should really be in the $(buildir) andGerald Carter1-2/+2
not the $(srcdir) to allow multiple concurrent compiles when the source tree is shared via nfs. (This used to be commit b79e1c011d577581eebb90b95dbdee11f8a96c3b)
2007-10-10r16749: BUG 3905: don't fail in create_local_nt_token() when aGerald Carter1-3/+4
checking for the builtin Administrators group membership. security = server has no domain info in secrets.tdb (This used to be commit fa477969fbbcd9f707461a2d9015bebf719ddfbb)
2007-10-10r16720: Fix bug #3874 (warning) reported by Jason Mader.Jeremy Allison1-2/+6
Jeremy. (This used to be commit 0606c954668a7bbc08e2338e268405981aa0ad04)
2007-10-10r16717: patch from Bjoern Jacke to fix compiler warnings on AIXStefan Metzmacher1-0/+44
metze (This used to be commit a558abb40d9a0bcce568a336ce7e9f4ae5e066db)
2007-10-10r16713: BUG 3904: fix broken smbwrapper compileGerald Carter1-1/+2
(This used to be commit 9ae1d016d44492327d180fe5e629f3a81ddfe6e4)
2007-10-10r16701: Fix segv when adding a printer caused by not initializing theGerald Carter1-1/+1
realm name in ads_init() in nt_printer_publish(). (This used to be commit a25e75e78db092b3992dfc6f7e2737023d43e2c3)
2007-10-10r16696: Fix the multiple-outstanding write and trans clientJeremy Allison1-2/+22
signing bug. Jeremy. (This used to be commit 3b7fbe856cea7cbb5bf91844f94f221be0a2c627)
2007-10-10r16687: Fix bugs #3901, #3902, #3903 reported by jason@ncac.gwu.edu.Jeremy Allison3-8/+19
Jeremy (This used to be commit c4896b17faa6802f18cc1cec7fcc6168bde2eef0)
2007-10-10r16685: Fix bug #3901 reported by jason@ncac.gwu.edu.Jeremy Allison1-7/+1
Jeremy. (This used to be commit d48655d9c0b31d15327655140c021de29873d2c5)
2007-10-10r16683: Fix bug #3900 reported by jason@ncac.gwu.edu.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 8c7e40f2a469df34aff0e63270a78e669d240b59)
2007-10-10r16681: Fix bug #3899 reported by jason@ncac.gwu.edu.Jeremy Allison1-5/+0
Jeremy. (This used to be commit 1cd9a0ef834f8062500d1aea6183e147fc5e42f4)
2007-10-10r16678: Fix bug #3898 reported by jason@ncac.gwu.edu.Jeremy Allison3-6/+14
Jeremy. (This used to be commit 5c5ea3152f8dbdfd7717b65e035191ffed3ec548)
2007-10-10r16676: .o generates other warnings, use the Solaris trick with .po.o also ↵Volker Lendecke1-3/+3
for AIX. Fix a configure.in output line Volker (This used to be commit 1a80266d77bb95edaa221c14652b2c6fa9932ab6)
2007-10-10r16665: Fix a couple of bugs I discovered now I've lookedJeremy Allison2-11/+33
closer at the wins server code. Firstly, it needs to do the searches on the SELF_NAMES correctly, secondly it needs to flush the in-memory cache out before returning the 1b names - else it might get duplicates returned if many 1b queries are done in quick succession. Jerry, I hate to say this but you might want to consider this for 3.0.23.... Jeremy. (This used to be commit b36b9befbbc4ac318168b7788d3722710ecbf10f)
2007-10-10r16663: Fix coverity #301, memleak in error path.Jeremy Allison1-1/+1
Jeremy. (This used to be commit dfdb4ce89155dc1528b455252751616cc2c6708c)
2007-10-10r16661: Fix from jason@ncac.gwu.edu for bug #3875,Jeremy Allison2-1/+7
bad cast warning. Jeremy. (This used to be commit d60e6e0abc17361fe180d6723b970552dc377741)
2007-10-10r16656: Fix #3894 and #3895 reported by jason@ncac.gwu.edu.Jeremy Allison1-3/+3
Jeremy. (This used to be commit ddf35ad69201cf9a0aa45ff25e17eddef60d75ad)
2007-10-10r16654: Fix bug #3893 reported by jason@ncac.gwu.edu.Jeremy Allison1-4/+2
Jeremy. (This used to be commit 787539489897e79d43eb1833db6f5969b130c934)
2007-10-10r16652: Fix bug #3891 reported by jason@ncac.gwu.edu.Jeremy Allison1-4/+1
Jeremy. (This used to be commit 9b0df8d008bc5574526d68628f351eb4dbf98e8a)
2007-10-10r16650: Fix bug #3890 reported by jason@ncac.gwu.edu.Jeremy Allison1-3/+7
Jeremy. (This used to be commit 590b58cb507e5a6e459ff0c975beb9056336f233)
2007-10-10r16648: Fix bug #3889 reported by jason@ncac.gwu.edu.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 2eefe9b6f52e64927c0ae23adce111a42d821206)
2007-10-10r16646: Fix bug #3888 reported by Jason Mader <jason@ncac.gwu.edu>.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 433d7a1bc91ff479934a256ff84e6866e16d1f85)
2007-10-10r16644: Fix bug #3887 reported by jason@ncac.gwu.eduJeremy Allison12-34/+36
by converting the lookup_XX functions to correctly return SID_NAME_TYPE enums. Jeremy. (This used to be commit ee2b2d96b60c668e37592c79e86c2fd851e15f69)
2007-10-10r16642: Fix show-stopper bug #3876. Double-free in winsJeremy Allison1-1/+1
server code. Jerry please merge for 3.0.23. Jeremy. (This used to be commit d354b430ff0473764db8ea492a68d10946dadc23)
2007-10-10r16640: Fix bug #3886 reported by jason@ncac.gwu.edu.Jeremy Allison1-3/+0
Jeremy. (This used to be commit 76cc25a37e145fb48a8a81df37e790690b5dceac)
2007-10-10r16638: Fix bug #3885, reported by jason@ncac.gwu.edu. UseJeremy Allison1-1/+1
the correct enumerated type in the macro. Jeremy. (This used to be commit 63ad19f71c6b9474042f4ea9d5859e2849a73da8)
2007-10-10r16636: Fix bug #3884 reported by jason@ncac.gwu.eduJeremy Allison1-18/+9
Jeremy. (This used to be commit 7580eb947cdeb786be00efa5da727e32b28c99d6)
2007-10-10r16634: Fix bug #3883 reported by jason@ncac.gwu.edu.Jeremy Allison1-2/+1
Jeremy. (This used to be commit d04462f1d8cf009985b9112f093306a64689af64)