summaryrefslogtreecommitdiff
path: root/source4/auth/auth_sam_reply.c
AgeCommit message (Collapse)AuthorFilesLines
2010-10-02s4-auth Add make_server_info_pac() to include 'resource domain' groupsAndrew Bartlett1-0/+37
Previously, our PAC code didn't include these groups into the server_info from which we would eventually calculate the full list of tokenGroups. Andrew Bartlett
2010-10-02s4-auth Allocate domain SIDs under the sids array, not server_infoAndrew Bartlett1-1/+1
Andrew Bartlett
2010-05-21s4:auth Remove un-needed headers.Andrew Bartlett1-1/+0
2010-05-18s4:auth Make it clear to the callers the talloc lifetime.Andrew Bartlett1-0/+2
In other times, we might have used talloc_reference here, but this isn't used as much these days. Andrew Bartlett
2010-04-12s4:auth/auth_sam_reply.c - fix counter typesMatthias Dieter Wallnöfer1-3/+3
2009-08-03Return infinite time for last last logoff when last logoff = 0Matthieu Patou1-1/+1
2009-01-21s4:auth: move make_server_info_netlogon_validation() function arroundStefan Metzmacher1-0/+139
metze
2008-10-20Make sure prototypes are always included, make some functions static andJelmer Vernooij1-0/+1
remove some unused functions.
2008-01-24netlogon.idl: make use of bitmap samr_GroupAttrsStefan Metzmacher1-1/+1
metze (This used to be commit 6d68161e676d381600c77c3f862bd7e013968724)
2007-12-21r26393: Fix inline comment.Günther Deschner1-3/+1
Guenther (This used to be commit 55c60a374325c875575b93b9792e48082934fb77)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-0/+1
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r14860: create libcli/security/security.hStefan Metzmacher1-1/+1
metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij1-0/+1
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij1-5/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r11272: In trying to track down why Win2k3 is again rejecting our PAC, ensureAndrew Bartlett1-88/+32
we can round-trip all the way back to a server_info structure, not just a filled in PAC_DATA. (I was worried about generated fields being incorrect, or some other logical flaw). Andrew Bartlett (This used to be commit 11b1d78cc550c60201d12f8778ca8533712a5b1e)
2007-10-10r9022: One more step in the game of whack-a-mole with the PAC.Andrew Bartlett1-7/+27
This makes the PAC we generate match (closely) the PAC generated by my test win2k3 DC. Andrew Bartlett (This used to be commit 6172b1868020ac8e828c375f17f4c33fc40eaca4)
2007-10-10r8164: - match the ordering w2k3 uses for the PAC_BUFFER:Stefan Metzmacher1-0/+81
LOGON_INFO LOGON_NAME SRV_CHECKSUM KDC_CHECKSUM - w2k3 also don't use the groupmembership array with rids it uses the othersids array metze (This used to be commit 2286fad27d749ebba14f5448f1f635bb36750c9c)
2007-10-10r7993: Further work on the Krb5 PAC.Andrew Bartlett1-0/+109
We now generate the PAC, and can verifiy both our own PAC and the PAC from Win2k3. This commit adds the PAC generation code, spits out the code to get the information we need from the NETLOGON server back into a auth/ helper function, and adds a number of glue functions. In the process of building the PAC generation code, some hints in the Microsoft PAC specification shed light on other parts of the code, and the updates to samr.idl and netlogon.idl come from those hints. Also in this commit: The Heimdal build package has been split up, so as to only link the KDC with smbd, not the client utils. To enable the PAC to be veified with gensec_krb5 (which isn't quite dead yet), the keyblock has been passed back to the calling layer. Andrew Bartlett (This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)