Age | Commit message (Collapse) | Author | Files | Lines |
|
This is consistent with lock_path()
Andrew Bartlett
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
we were continually trying the first address returned, instead of
moving to the next address
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sun Nov 14 04:11:28 UTC 2010 on sn-devel-104
|
|
remote_addr was used after free
|
|
|
|
we need the caller to know when the previous_ev was NULL
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
By setting the event context to use for this operation (only) onto
the krb5_context just before we call that operation, we can try
and emulate the specification of an event context to the actual send_to_kdc()
This eliminates the specification of an event context to many other
cli_credentials calls, and the last use of event_context_find()
Special care is taken to restore the event context in the event of
nesting in the send_to_kdc function.
Andrew Bartlett
|
|
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Allow other plugins to init the context without having it try to grab sockets
or set samba specific logging.
|
|
|
|
level 2 for every krb request is a bit much
|
|
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
|
|
metze
|
|
metze
|
|
for sockets
metze
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
wrok with addresses
metze
|
|
Andrew, I was pretty sure these could be removed but if not, please let
me know.
|
|
This commit applies some cosmetic corrections for the KERBEROS library.
|
|
metze
(This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
|
|
(This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
|
|
(This used to be commit d3643c2152a490952e59ee15b7a62ad3ad465462)
|
|
(This used to be commit 801c8c766cb6a104751be8829593e0e123508134)
|
|
(This used to be commit 459e1466a411d6f83b7372e248566e6e71c745fc)
|
|
(This used to be commit b03e5d00110be3f1fe5809dad4eb6ca5cea7463d)
|
|
(This used to be commit 7780bf285fdfc30f89409d0436bad0d4b6de5cd4)
|
|
2007-09-29 More higher-level passing around of lp_ctx.
2007-09-29 Fix warning.
2007-09-29 Pass loadparm contexts on a higher level.
2007-09-29 Avoid using global loadparm context.
(This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
standardise with the rest of the code.
Andrew Bartlett
(This used to be commit 3aa9d70723d4377d29e33281b640499193b06c69)
|
|
context. We now have an event context on the torture_context, and we
can also get one from the cli_credentials structure
(This used to be commit c0f65eb6562e13530337c23e3447a6aa6eb8fc17)
|
|
This replaces a lump of hand-crafted code with the generic packet
system used in the rest of Samba4.
(I started this while chasing down the epoll bug, which turned out to
be seperate)
(This used to be commit 2a7dec4e5dc453f509493f80fc1270416f30a36e)
|
|
problems with order of socket closing in krb5
(This used to be commit 46a7d83c2b49798c6c5389c13ec2b9785c47b85b)
|
|
with krb5:set_dns_canonicalize=yes
needed for the drsuapi replication, but we should fix this with
a kdc locator plugin ...
metze
(This used to be commit f0a12355bcfab47663e62f3d8ae820815210cdc5)
|
|
(This used to be commit 5ff665b6531fdb4c7e56c49b7f923546d93b384c)
|
|
of KDC behaviour. This should allow PKINIT to be turned on and
managed with reasonable sanity.
This also means that the krb5.conf in the same directory as the
smb.conf will always have priority in Samba4, which I think will be
useful.
Andrew Bartlett
(This used to be commit a50bbde81b010bc5d06e3fc3417ade44627eb771)
|
|
This patch updates our build system and glue to support a new snapshot
of lorikeet-heimdal.
We now procude a [SUBSYTEM] in the ans1_deps.pl script, and can depend
on that in the heimdal_build/config.mk. This is much easier than
listing every generated .o file individually.
This required some small changes to the build system, due to the way
the parent directory was handled for the output of scripts. I've also
cleaned up et_deps.pl to handle cleaning up it's generated files on
clean.
The PAC glue in Heimdal has changed significantly: we no longer have a
custom hack in the KDC, instead we have the windc plugin interface.
As such, pac-glue.c is much smaller. In the future, when I'm
confident of the new code, we will also be able to 'downsize'
auth/kerberos/kerberos_pac.c.
(I'll include the updated copy of heimdal in the next chekin, to make
it clearer what's changed in Samba4 itself).
Andrew Bartlett
(This used to be commit 75fddbbc0811010a28ca5bb597b573b3f10ef6d6)
|
|
This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.
This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases.
In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC. This matches windows behavour. We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).
This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.
Andrew Bartlett
(This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
|
|
metze
(This used to be commit 9e93e6f5fb654e4162bbc039306a4b79003e22d7)
|
|
(This used to be commit 180925659fad50ff82693284587ae4e735458c6b)
|
|
talloc_set_destructor() is type safe. The end result will be lots less
use of void*, and less calls to talloc_get_type()
(This used to be commit 6b4c085b862c0932b80b93e316396a53b993544c)
|
|
This is in preperation for making TLS a socket library.
Andrew Bartlett
(This used to be commit a312812b92f5ac7e6bd2c4af725dbbbc900d4452)
|
|
(This used to be commit 13d0cec018185d768b762ff3afc0224f307b8112)
|
|
(This used to be commit 03da4fbcdd66982de8eb376f9f00da97d730c97f)
|
|
Andrew Bartlett
(This used to be commit d1ca106f05ad71b8aa514bf87a4267d61d9dcbf8)
|
|
try and find the real solution.
Andrew Bartlett
(This used to be commit a512d5dd258797cdb41018923502cb4998f1edfe)
|