Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This commit applies some cosmetic corrections for the KERBEROS library.
|
|
Reverts a part of the patch because it changes the function of the code (suggested by Jelmer).
|
|
This commit applies some cosmetic corrections for the KERBEROS library.
|
|
|
|
|
|
ldap server suddenly dies.
We were creating a wrong talloc hierarchy, so the event.fde was not
freed automatically as expected. This in turn made the event system call
the ldap io handlers with a null packet structure, causing a segfault.
Fix also the ordering in ldap_connection_dead()
Thanks to Metze for the huge help in tracking down this one.
|
|
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
metze
|
|
metze
|
|
metze
|
|
Don't rely on "get*" system calls but rather on SAMBA "lp_*" calls.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
This is implemented by means of a message to the KDC, to avoid having
to link most of the KDC into netlogon.
Andrew Bartlett
(This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
|
|
This uses Heimdal's PAC parsing code in the:
- LOCAL-PAC test
- gensec_gssapi server
- KDC (where is was already used, the support code refactored from here)
In addition, the service and KDC checksums are recorded in the struct
auth_serversupplied_info, allowing them to be extracted for validation
across NETLOGON.
Andrew Bartlett
(This used to be commit 418b440a7b8cdb53035045f3981d47b078be6c1e)
|
|
This will allow a torture suite to inspect some otherwise internal
details.
Andrew Bartlett
(This used to be commit 9701149ef75f9771f42000e2b6f44963abfee938)
|
|
The key may change because we switch from initiator to acceptor
subkey.
metze
(This used to be commit 66244092a457b2cde6339cb31dcfa73b122ba9b5)
|
|
metze
(This used to be commit 9246924effd4d0b08ca1ef87e45ad510020df93e)
|
|
metze
(This used to be commit f4f4bb7fe977301e468ab164ba750b69d9a92306)
|
|
metze
(This used to be commit daa986d1d04e59550bb5d33b5075daa414d087ba)
|
|
metze
(This used to be commit 05a3403967d3cf64bca8b06536dc1b20cf835396)
|
|
metze
(This used to be commit fcabe24f96c9677146ca754a502f336c23050339)
|
|
This is needed to get the correct key, when aes keys are used.
metze
(This used to be commit 7587a7d8b65f27a5865d6873f63a450488da02c9)
|
|
This is for bug 5664 reported by Tom <hto@arcor.de>.
Andrew Bartlett
(This used to be commit b345c9cf535af35c83da040ac965d9690dc802fe)
|
|
(This used to be commit 580cce9de38ddd9d59b272b58caadce528321d09)
|
|
This only works for sign/verify_packet() yet,
seal/unseal_packet() doesn't work yet...
metze
(This used to be commit c62e5d23a69789d23516a6d150fd3b756e270998)
|
|
metze
(This used to be commit d7dfdbaf34843cb6783d8e686e659c53c5ac27ef)
|
|
metze
(This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)
|
|
metze
(This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
|
|
metze
(This used to be commit 49e01d00bded74190c8e3049ac5883fe211e86fd)
|
|
metze
(This used to be commit 6d640ee4b84c72f6c2da0ee047c9bac916bf3e57)
|
|
(This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
|
|
metze
(This used to be commit c01fee80a79cd9e0f7bb295333bb03bd37328d05)
|
|
metze
(This used to be commit 699e3cdb52acdf2524347d8c053730306c579dd9)
|
|
<j.kerihuel@openchange.org>
metze
(This used to be commit c2cc8ef943e8c2e02edb1eb20214de245cc6914c)
|
|
aes keys work"
This reverts commit 73964f069056f46f2f27fc690e42e5c91ae1fe19.
This breaks more than it gains:-( It seems to break the ncacn_np session key
metze
(This used to be commit 9678085f75b6cb0ed068e22f3d9f94247b200ce2)
|
|
SMB signing with aes doesn't work, but still works with
arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc.
metze
(This used to be commit 73964f069056f46f2f27fc690e42e5c91ae1fe19)
|
|
metze
(This used to be commit 88970c4d4192635544cf63e79e929e9bb05ecb5f)
|
|
metze
(This used to be commit dc2847c0acb0adaede4db72a7517046b93221162)
|
|
metze
(This used to be commit 9fc5750156467f579ea8d7755987d091f5b579c2)
|
|
(This used to be commit 5bde586bdb4a1523a62a764b9ff292a4a8cee4fe)
|
|
This includes a simple bind DN, or SASL credentials.
The error messages are reworked as on systems without an LDAP backend,
we will fail to find this record very often.
Andrew Bartlett
(This used to be commit 95825ae6d5e9d9846f3a7505a81ebe603826227e)
|
|
We don't really care (because nobody uses them) what we send as the
domain and workstation in the negotiate packet.
Andrew Bartlett
(This used to be commit 9ac07e14873df2c18d0e9501691c2d4c4047e218)
|
|
metze
(This used to be commit b5187dd58ccae03e22ba8857c344a2d7d94f13b3)
|
|
on 64 bit
Not sure if this check is actually necessary, though:
the second should be sufficient.
Michael
(This used to be commit 2813882ef3cc3609a74ad83bcee6be0c2cd53494)
|
|
metze
(This used to be commit 31cf1a781efce932d0574d7840979fcd0a07ec08)
|
|
gss_cred_id_t.
This call was added in f573c1ff4443f3002c310d3ba29d8c343ad03907.
Metze, please check!
Michael
(This used to be commit 2b40fd7e950a7f06d2c589eadc0f604a4c65e325)
|
|
GSS_C_INTEG_FLAG
metze
(This used to be commit f573c1ff4443f3002c310d3ba29d8c343ad03907)
|
|
(This used to be commit 220b58070239141158d796bd782d62cc36cd19db)
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|