Age | Commit message (Collapse) | Author | Files | Lines |
|
require top-quality entropy. We don't want to waste system enropy
generating challenges (which simply need to be unpredictable, not
secret) or when generating UUIDs.
Rework generate_random_buffer() to use /dev/urandom less often, only
to seed the existing RC4 based PRNG. (With an exception to ensure we
don't waste this setup cost for very small entropy requests).
Perhaps we should be using heimdal's code for this instead?
This should drasticly reduce our entropy use, particularly in the
build farm (automated Samba build on hosts without much other source
of entropy).
Andrew Bartlett
(This used to be commit 6a5630d37191542022f02fae519227b7829ef620)
|
|
system/network.h because we stripped down includes.
(This used to be commit 262c1c23a61f1f4fae13e0a61179fe98b682cecf)
|
|
metze
(This used to be commit 9fd96e1989e348f87355ed120786399493a9e447)
|
|
(This used to be commit 4f664939af0d6ac389efebc51f2f31e9acee80b4)
|
|
(This used to be commit b8d6b82f1248d36a0aa91a1c58d06b4f7c66d245)
|
|
getnameinfo
(and friends) from SAMBA_3_2, with some minor tweaks:
- avoid including network headers in replace.h unless absolutely required
- autoconf tests for getaddrinfo() in lib/replace
The heimdal-specific code also no longer looks for these functions anymore.
(This used to be commit b6d3fd84a5d7d814035e60d6fa22f19bed9f77da)
|
|
2007-09-29 More higher-level passing around of lp_ctx.
2007-09-29 Fix warning.
2007-09-29 Pass loadparm contexts on a higher level.
2007-09-29 Avoid using global loadparm context.
(This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
|
|
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
|
|
so pass struct cli_credentials *cred instead of
enum credentials_use_kerberos use_kerberos.
metze
(This used to be commit b945aaa9dadc4c0595340d35725b49bac8e5778e)
|
|
metze
(This used to be commit 7d58d0c0c11005ffb6c03d98d53fea7f1ccbcd07)
|
|
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
|
|
(This used to be commit 20b70fbb7af6b6759c3b8c8aa56e10944b32bfdf)
|
|
NOTE: wbinfo.c isn't fully merged here
metze
(This used to be commit eee5327dc2f79c052c2db0ca89f23cc9d2ce355d)
|
|
(This used to be commit 69de86d2d2e49439760fbc61901eb87fb7fc5d55)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
(This used to be commit 5085c53fcfade614e83d21fc2c1a5bc43bb2a729)
|
|
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
|
|
(This used to be commit 777959f862e6428d0bfa4a15a0f45a9bfde64821)
|
|
ts=4 lines that I accidently added earlier.
(This used to be commit 0bcb21ed740fcec0f48ad36bbc2deee2948e8fc7)
|
|
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
|
|
(This used to be commit 925abf74fa1ed5ae726bae8781ec549302786b39)
|
|
(This used to be commit 9647f860bdd5c0a74583e886182bd041a45e7655)
|
|
(This used to be commit 31993cf67b816a184a4a4e92ef8ca2532c797190)
|
|
Andrew Bartlett
(This used to be commit 7865d10a299a84ed42de4435b7e6400d56161ac5)
|
|
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
|
|
Note that the correct return for a failed alter_context is a fault,
not a bind_nak.
Andrew Bartlett
(This used to be commit 52cce94532edf1dd7f26e39bf3377f0077ea6792)
|
|
seen in particular on opi.
This looked like a Heimdal problem, but I think it was simply that we
didn't do a talloc_reference() to keep tabs on the memory we were
using, and in between obtaining the pointer and using it, it was
assigned to unrelated memory.
Andrew Bartlett
(This used to be commit a650ad8b37d58ba64458a33313714d1abfc4850b)
|
|
RPC-SAMLOGON test.
This showed that, as noted by bug #4823, we didn't test for invalid
workstations. In fact, the code had been ported across, but because
untested code is broken code, it never worked...
Andrew Bartlett
(This used to be commit 5e07417ada56d189a911ef888b0c87adebe60763)
|
|
the logon hours, even if set.
This code happily stolen from the great work in Samba3 :-)
Andrew Bartlett
(This used to be commit a4939ab629e0af0615bcecf63c7cd55e6e833505)
|
|
This includes some of the original ildap ldap client API. ldb
provides a much easier abstraction on this to use, and doesn't use
these functions.
Andrew Bartlett
(This used to be commit dc27a7e41c297472675e8c251bb14327a1af3902)
|
|
(This used to be commit 5c9b19271e0e3ad897499707003ce4703ffa4870)
|
|
(This used to be commit 40c0919aaa9c1b14bbaebb95ecce53eb0380fdbb)
|
|
(This used to be commit 84b468b2f8f2dffda89593f816e8bc6a8b6d42ac)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
will now control the auth methods, but an override is still available,
ex:
auth methods:domain controller = <methods>
Andrew Bartlett
(This used to be commit b7e727186ed8eda6a68c873e089f655dc24fe8ae)
|
|
end of teh buffer printing the error strings.
Andrew Bartlett
(This used to be commit 37e7070ca92e2f48fa02f7fd6736e5b26520f559)
|
|
nsswitch/winbindd_nss.h is just copied from SAMBA_3_0.
nsswitch/winbind_nss_config.h is copied from SAMBA_3_0, too, but I had to
drop some of the defines to make things build again.
Kai
(This used to be commit 553b7e146f52975b45941ba850140e312a280513)
|
|
This helps ensure that the kerberos code uses the right event context.
Andrew Bartlett
(This used to be commit cbdce358ae8f86c9b76a50537b931e56b07ee213)
|
|
The problem was, we would set the ccache, then invalidate it as we set
details from it (like the principal name from the ccache).
Instead, set the ccache onto the credentials structure after we are
done processing it.
Andrew Bartlett
(This used to be commit d285bd927c604d930fc44cc84ef3321aa4ce9d9a)
|
|
username/password/realm/etc from the command line.
Also make sure it can't 'come back' from a later call to
cli_credentials_guess(), buy setting a threshold.
This should fix the issues with the build farm...
Andrew Bartlett
(This used to be commit 3b1dfb9306beb9f40d85d38cf6786ef161ec63f1)
|
|
(This used to be commit 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2)
|
|
on credentials don't do anything' bug.
The problem was simple, we didn't set the ccache as having been
initialised, so we always created a new one.
Andrew Bartlett
(This used to be commit ec2014f08b0845bc8aa0e8e6713bc4b21f430811)
|
|
should allow us to fix some long standing memory leaks.
(This used to be commit 3db49c2ec9968221c1361785b94061046ecd159d)
|
|
metze
(This used to be commit 876a6ef4857a73987d1eba127161993cf07a613b)
|
|
standardise with the rest of the code.
Andrew Bartlett
(This used to be commit 3aa9d70723d4377d29e33281b640499193b06c69)
|
|
context. We now have an event context on the torture_context, and we
can also get one from the cli_credentials structure
(This used to be commit c0f65eb6562e13530337c23e3447a6aa6eb8fc17)
|
|
This replaces a lump of hand-crafted code with the generic packet
system used in the rest of Samba4.
(I started this while chasing down the epoll bug, which turned out to
be seperate)
(This used to be commit 2a7dec4e5dc453f509493f80fc1270416f30a36e)
|
|
incorrect.
Andrew Bartlett
(This used to be commit 9dc6f36e43170bc5bf4f94d893b5a3689460d237)
|
|
problems with order of socket closing in krb5
(This used to be commit 46a7d83c2b49798c6c5389c13ec2b9785c47b85b)
|
|
irpc_servers_byname()
metze
(This used to be commit b54584dfabee77ec7743cab431bda9765057a295)
|