Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this prevents spurious error messages on client commands when when we
will fallback to NTLM authentication
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
In a long-lived credentials cache situation, we may need to refetch
the ticket after (say) 10 hours. This code should help that happen,
by checking the lifetime before returning any credentials cache or
GSSAPI credentials.
Andrew Bartlett
|
|
This means that we will leave a slew of file based credentials caches
in /tmp, which should give some clues to the administrator or
developer via klist as to what has gone wrong.
Andrew Bartlett
|
|
Otherwise we would not impersonate the desired principal.
This still doesn't work for plaintext auth, but should
avoid ntlmssp.
metze
|
|
cli_credentials_set_impersonate_principal()
This also adds a cli_credentials_get_self_service() helper function.
In order to support S4U2Proxy we need to be able to set
the service principal for the S4U2Self step independent of the
target principal.
metze
|
|
The s3 function doesn't use the keytab_container concept.
Andrew Bartlett
|
|
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
|
|
against system tdb.
|
|
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This exact form of the construction is important, and we match on it
in the installation scripts.
Andrew Bartlett
|
|
This is consistent with the test names used by selftest, should
make the names less confusing and easier to integrate with other tools.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
|
|
|
|
SamDB class
connect_samdb() functino will correctly handle things like:
- session_info param - it will create system_session() using supplied
LoadParm parameter and thus avoiding creation of multiple LoadParm
instances (LoadParm() will mask certain command line supplied options)
- host url will be prefixed with ldap:// automatically
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sun Nov 28 03:00:41 CET 2010 on sn-devel-104
|
|
|
|
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Nov 22 00:52:56 CET 2010 on sn-devel-104
|
|
subunit/python depends on testtools
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov 13 02:02:45 UTC 2010 on sn-devel-104
|
|
The test now binds with user@realm, domain\user, user dn, computer dn
Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-Date: Thu Nov 11 16:15:30 UTC 2010 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
|
|
Samba4 returns error on simple bind, when we do it using openldap
simple_bind_s api.
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This extra code isn't used at the moment, but I noticed the old API
was rather supprising in it's behaviour, and might catch someone out
at some later time.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Oct 27 05:24:22 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
|
|
in "dsdb/common/util.c""
This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0.
Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
|
|
"dsdb/common/util.c"
They're only in use by SAMDB code.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
|
|
|
|
By setting the event context to use for this operation (only) onto
the krb5_context just before we call that operation, we can try
and emulate the specification of an event context to the actual send_to_kdc()
This eliminates the specification of an event context to many other
cli_credentials calls, and the last use of event_context_find()
Special care is taken to restore the event context in the event of
nesting in the send_to_kdc function.
Andrew Bartlett
|
|
A new event context is constructed by LDB when required for secrets.ldb
This will be essentially unused, as LDB on TDB will only trigger 'fake'
events, and blocks on transactions and lock operations anyway.
Andrew Bartlett
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Oct 11 13:01:36 UTC 2010 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Oct 11 02:47:50 UTC 2010 on sn-devel-104
|
|
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Oct 11 00:34:56 UTC 2010 on sn-devel-104
|
|
credentials.c.
|
|
|
|
|
|
with the new py object structure, we need to unlink not free
|
|
This code never really belonged in the credentials layer, and
is easier done with direct access to the ldb_message that is
in secrets.ldb.
Andrew Bartlett
|
|
|
|
|
|
memory leaks.
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
with the latest bind9 nsupdate, we need to be able to control if the
ticket we use is forwardable
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|