summaryrefslogtreecommitdiff
path: root/source4/heimdal
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r15491: Always initialise is_cfx (found by Valgrind)Andrew Bartlett1-1/+3
Always remember to free the crypto context (found by Luke Howard) (This used to be commit 4b44355d42592f4acaae459c6ae09dd928f083b7)
2007-10-10r15484: Make accept_security_context() more compatible with how Samba3 (andAndrew Bartlett3-16/+46
similarly built clients) behave. This is better than just ignoring the checksum, if it isn't the GSSAPI checksum. (Samba4 clients in Samba3 mode use more than just the MD5 checksum, and will use a signed AES checksum if available. Actual samba3 may well do the same in future, against a suitable KDC). Also a change for easier debugging of checksum issues. Andrew Bartlett (This used to be commit 120374f5f9e9af0653a26e0308e4bfdabbcaa3f3)
2007-10-10r15481: Update heimdal/ to match current lorikeet-heimdal.Andrew Bartlett63-507/+944
This includes many useful upstream changes, many of which should reduce warnings in our compile. It also includes a change to the HDB interface, which removes the need for Samba4/lorikeet-heimdal to deviate from upstream for hdb_fetch(). The new flags replace the old entry type enum. (This required the rework in hdb-ldb.c included in this commit) Andrew Bartlett (This used to be commit ef5604b87744c89e66e4d845f45b23563754ec05)
2007-10-10r15192: Update Samba4 to use current lorikeet-heimdal.Andrew Bartlett66-3977/+2995
Andrew Bartlett (This used to be commit f0e538126c5cb29ca14ad0d8281eaa0a715ed94f)
2007-10-10r15155: Add strsep replacement from heimdal 0.7.2 for systems that don'tJames Peach1-0/+61
have strsep in libc. (This used to be commit 76dea9f68ca9be909c45979c9e5510133e4f2264)
2007-10-10r14949: re-add the two lex.c files for heimdal, these are needed for systemsAndrew Tridgell2-0/+4520
that don't have bison/flex. If we auto-generate these on samba.org we can delete these again. (This used to be commit dca9003ec27747cf7a584ee67fd222ab22601494)
2007-10-10r14711: let windows clients retry after getting ERR_SKEWStefan Metzmacher1-1/+8
metze (This used to be commit 02703f4e8f430233ec4365ea5cee641a9201802f)
2007-10-10r14707: Initialise default value (the rest of this function sets it to 1 ifAndrew Bartlett1-0/+1
this is CFX). Caught by Valgrind. Andrew Bartlett (This used to be commit bdb55ce2b57adf3b7c6eb1455c3775d013c72e5d)
2007-10-10r14635: - Remove lex.c from SVN (it is built anyway, and having it in SVNAndrew Bartlett9-4320/+113
confuses things) - Update Samba4 from lorikeet-heimdal - Remove generated symlink on make clean Andrew Bartlett (This used to be commit a5c2b4cc92e807d18cb8df99bebf004fa4252e1e)
2007-10-10r14605: Create heimdal/lib/des/hcrypto symlink if it doesn't existJelmer Vernooij1-1/+0
(This used to be commit 303832bdc90f371c68185773009d143d1acf93ae)
2007-10-10r14281: Pull apart LIBDIR and MODULESDIRJelmer Vernooij2-120/+249
Move architecture-independent data to DATADIR (was LIBDIR) (This used to be commit 2c7b62a861f702067e8df4c3239ac7e377631a15)
2007-10-10r14198: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett64-863/+3018
Andrew Bartlett (This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)
2007-10-10r13481: As far as I can tell, my changes in -r 12863 were dangerously untested.Andrew Bartlett3-2/+62
We do need the gsskrb5_get_initiator_subkey() routine. But we should ensure that we do always get a valid key, to prevent any segfaults. Without this code, we get a different session key compared with Win2k3, and so kerberised smb signing fails. Andrew Bartlett (This used to be commit cfd0df16b74b0432670b33c7bf26316b741b1bde)
2007-10-10r13144: This seems to be required for Samba4 to talk to Samba4, and to get theAndrew Bartlett1-0/+11
same session key. I need to understand this more, but it works samba/samba, and I don't have access to windows doing AES (longhorn) yet. Andrew Bartlett (This used to be commit 38809b43a5d6bd668e9cb714573dc1e72ceff092)
2007-10-10r13107: Follow the lead of Heimdal's kpasswdd and use the HDB (hdb-ldb in ourAndrew Bartlett4-1/+289
case) as the keytab. This avoids issues in replicated setups, as we will replicate the kpasswd key correctly (including from windows, which is why I care at the moment). Andrew Bartlett (This used to be commit 849500d1aa658817052423051b1f5d0b7a1db8e0)
2007-10-10r12863: As lha suggested to me a while back, it appears that theAndrew Bartlett3-48/+2
gsskrb5_get_initiator_subkey() routine is bougs. We can indeed use gss_krb5_get_subkey(). This is fortunate, as there was a segfault bug in 'initiator' version. Andrew Bartlett (This used to be commit ec11870ca1f9231dd3eeae792fc3268b31477e11)
2007-10-10r12696: Reduce the size of include/structs.hJelmer Vernooij1-0/+3
(This used to be commit 63917616016133c623fc6ff59454bc313ee7dd8f)
2007-10-10r12269: Update to current lorikeet-heimdal. This changed the way the hdbAndrew Bartlett27-634/+850
interface worked, so hdb-ldb.c and the glue have been updated. Andrew Bartlett (This used to be commit 8fd5224c6b5c17c3a2c04c7366b7e367012db77e)
2007-10-10r12037: Fix malloc corruption caused by double-free(), where realloc(ptr, 0)Andrew Bartlett1-3/+9
is equivilant to free(). This is the issue tridge was seeing in the MEMORY: keytab code. Andrew Bartlett (This used to be commit d5a2de8ef06a08274d25ab005f2a68ec32e226f0)
2007-10-10r12000: Update to current lorikeet-heimdal, including in particular supportAndrew Bartlett12-26/+504
for referencing an existing in-MEMORY keytab (required for the new way we push that to GSSAPI). Andrew Bartlett (This used to be commit 2426581dfb9f5f0f9367f846c01dfd3c30fea954)
2007-10-10r11995: A big kerberos-related update.Andrew Bartlett18-219/+258
This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links. (This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
2007-10-10r11940: Love has clarified why this code does what it does.Andrew Bartlett1-0/+6
Andrew Bartlett (This used to be commit 9b3dedbc0bb12897a8f9bd4ec864de26b3835981)
2007-10-10r11931: Add a short README explaining what this directory is all about.Andrew Bartlett1-0/+6
Andrew Bartlett (This used to be commit eaf8777e449f70f5694f29199c18f26b9647d558)
2007-10-10r11930: Add socket/packet handling code for kpasswddAndrew Bartlett1-2/+18
Allow ticket requests with only a netbios name to be considered 'null' addresses, and therefore allowed by default. Use the netbios address as the workstation name for the allowed workstations check with krb5. Andrew Bartlett (This used to be commit 328fa186f2df5cdd42be679d92b5f07f7ed22d87)
2007-10-10r11568: Debuging aids: Let the administrator know when a key/entry expired,Andrew Bartlett1-6/+28
rather than just the fact of the expiry. Andrew Bartlett (This used to be commit 31c4ab26d7ab1e550c2ecc7c3ae6c44b87140aa3)
2007-10-10r11543: A major upgrade to our KDC and PAC handling.Andrew Bartlett5-76/+80
We now put the PAC in the AS-REP, so that the client has it in the TGT. We then validate it (and re-sign it) on a TGS-REQ, ie when the client wants a ticket. This should also allow us to interop with windows KDCs. If we get an invalid PAC at the TGS stage, we just drop it. I'm slowly trying to move the application logic out of hdb-ldb.c, and back in with the rest of Samba's auth system, for consistancy. This continues that trend. Andrew Bartlett (This used to be commit 36973b1eef7db5983cce76ba241e54d5f925c69c)
2007-10-10r11542: Add the netbios name type. We will need it when we start to handleAndrew Bartlett1-0/+1
allowedWorkstations on Krb5. Andrew Bartlett (This used to be commit dbf73a82fc7d1f82e2ad45e545cefdd9a5b24215)
2007-10-10r11541: More logical (I think...) delegation semantics.Andrew Bartlett1-10/+14
Andrew Bartlett (This used to be commit 6bb1b244284a209ebcb50c17ad59d4528658da0b)
2007-10-10r11536: Add a hook for client-principal access control to hdb-ldb, re-usingAndrew Bartlett6-33/+138
the code in auth/auth_sam.c for consistancy. This will also allow us to have one place for a backend directory hook. I will use a very similar hook to add the PAC. Andrew Bartlett (This used to be commit 4315836cd8c94eb8340c4050804face4d0066810)
2007-10-10r11529: Disable DNS lookups for forwarded credentials, unless really, reallyAndrew Bartlett1-34/+41
wanted. There is nothing that suggests that the host we forward credentials to will not have other interfaces, unassoicated with their service name. Likewise, the name may be a netbios, not DNS name. This should avoid some nasty DNS lookups. Andrew Bartlett (This used to be commit da0ff19856a8f41eb64787990d47d2961824711d)
2007-10-10r11477: This seems really nasty, but as I understand it an attacker cannotAndrew Bartlett1-2/+11
change this checksum, as it is inside the encrypted packets. Where the client (such as Samba3) fakes up GSSAPI, allow it to continue. We can't rid the world of all Samba3 and similar clients... Andrew Bartlett (This used to be commit e60cdb63fb37e44252f83a56a6302f0bd22dec4d)
2007-10-10r11469: Fix typo, and use the correct (RFC4120) session key for delegatingAndrew Bartlett2-11/+13
credentials. This means we now delegate to windows correctly. Andrew Bartlett (This used to be commit d6928a3bf86f1ab89f29eac538ceb701c6669913)
2007-10-10r11468: Merge a bit more of init_sec_context from Heimdal CVS into ourAndrew Bartlett1-4/+21
DCE_STYLE modified version, and add parametric options to control delegation. It turns out the only remaining issue is sending delegated credentials to a windows server, probably due to the bug lha mentions in his blog (using the wrong key). If I turn delgation on in smbclient, but off in smbd, I can proxy a cifs session. I can't wait till Heimdal 0.8, so I'll see if I can figure out the fix myself :-) Andrew Bartlett (This used to be commit fd5fd03570c13f5644e53ff89ac8eca7c0985740)
2007-10-10r11462: Fix the build: somehow I lost the header for this samba-specific hack.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 0a4194118974bdde4e10fd32578a5beeb6e768ce)
2007-10-10r11452: Update Heimdal to current lorikeet, including removing the ccache sideAndrew Bartlett9-109/+231
of the gsskrb5_acquire_cred hack. Add support for delegated credentials into the auth and credentials subsystem, and specifically into gensec_gssapi. Add the CIFS NTVFS handler as a consumer of delegated credentials, when no user/domain/password is specified. Andrew Bartlett (This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
2007-10-10r11392: After confirmation from Love, fix a compiler warningVolker Lendecke1-1/+1
(This used to be commit a0b4036ba6ae423bab3ec698d3e404f03bb0f9d5)
2007-10-10r11317: An ugly hack to setup the global gssapi_krb5_context early, when weAndrew Bartlett2-5/+18
have easy access to the event context. This stops Samba dead-locking against itself when the winbindd client tries to contact the KDC. Andrew Bartlett (This used to be commit 57f811115ed768ea1f170dcd71038398bf2ab6e9)
2007-10-10r11314: Use a patch from lha to have the kerberos libs extract the PAC, ratherAndrew Bartlett1-10/+148
than doing ASN.1 parsing in Samba. Also use the API function for getting a client from a ticket, rather than just digging in the structure. Andrew Bartlett (This used to be commit 25d5ea6d724bd2b64a6086ae6e2e1c5148b8ca4a)
2007-10-10r11310: Free the 'if_relevent' portion of the PAC when we build it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit ede638c00b574bf4149d11844c0adf8e0f5c4efb)
2007-10-10r11294: Update Heimdal in Samba4 to lorikeet-heimdal (which is in turn updatedAndrew Bartlett24-690/+1264
to CVS of 2005-10-24). Andrew Bartlett (This used to be commit 939d4f340feaad15d0a6a5da79feba2b2558f174)
2007-10-10r10983: Another case were we want to avoid DNS for unqualified names.Andrew Bartlett1-1/+8
Andrew Bartlett (This used to be commit 1d7094b8dfd53dfda55db7ce30f47f74864093bf)
2007-10-10r10561: This patch takes over KDC socket routines in Heimdal, and directs themAndrew Bartlett4-8/+61
at the Samba4 socket layer. The intention here is to ensure that other events may be processed while heimdal is waiting on the KDC. The interface is designed to be sufficiently flexible, so that the plugin may choose how to time communication with the KDC (ie multiple outstanding requests, looking for a functional KDC). I've hacked the socket layer out of cldap.c to handle this very specific case of one udp packet and reply. Likewise I also handle TCP, stolen from the winbind code. This same plugin system might also be useful for a self-contained testing mode in Heimdal, in conjunction with libkdc. I would suggest using socket-wrapper instead however. Andrew Bartlett (This used to be commit 3b09f9e8f9f6f645cd03073ef833c8d0fb0d84e2)
2007-10-10r10398: Don't do DNS lookups on short names (no .).Andrew Bartlett1-0/+5
Andrew Bartlett (This used to be commit 77aca9619d24a8e118f53bcd1a1e54b8437812a8)
2007-10-10r10386: Merge current lorikeet-heimdal into Samba4.Andrew Bartlett17-866/+570
Andrew Bartlett (This used to be commit 4d2a9a9bc497eae269c24cbf156b43b8588e2f73)
2007-10-10r10382: In the absence of client support for the full KDC-sideAndrew Bartlett1-10/+23
canonicalisation code, I've hacked Heimdal to use the default realm if no other realm can be determined for a given host. Andrew Bartlett (This used to be commit 0f0b0021b7728ce75ca0060003a3d08264ead810)
2007-10-10r10337: This grubby little hack is the implementation of a concept discussedAndrew Bartlett3-0/+11
on the kerberos mailing lists a couple of weeks ago: Don't use DNS at all for expanding short names into long names. Using the 'override krb5_init_context' code already in the tree, this removes the DNS lag on a kerberos session setup/connection. Andrew Bartlett (This used to be commit de3ceab3d064a286e8662a2b9b62b212f0454156)
2007-10-10r10286: This patch is ugly and disgusting, but for now it works better than ↵Andrew Bartlett1-2/+30
the other ideas I have had. When I get a full list of things I want to do to a krb5_context I'll either add gsskrb5_ wrappers, or a way of speicfying the krb5 context per gssapi context. (I want to ensure that the only krb5_context variables created while executing Samba4 are via our wrapper). Andrew Bartlett (This used to be commit 8a22d46e70e9f863831aba0c9913d195f833d625)
2007-10-10r10191: Return the right error code in the case of a time skew. Windows will nowJelmer Vernooij1-1/+1
ignore Kerberos and fallback to NTLMSSP when joining. Thanks to Andrew Bartlett for the assistence. (This used to be commit 3b6bfbe8cf555f4144ed06044d3ecb8044f86bca)
2007-10-10r10159: Dereference padsize before comparing to an int.James Peach1-1/+1
(This used to be commit 5767c05909c9927b3a806614b1f1bd2f90a35dd3)
2007-10-10r10153: This patch adds a new parameter to gensec_sig_size(), the size of theAndrew Bartlett6-24/+159
data to be signed/sealed. We can use this to split the data from the signature portion of the resultant wrapped packet. This required merging the gsskrb5_wrap_size patch from lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no longer use a static 45 byte value). This fixes one of the krb5 issues in my list. Andrew Bartlett (This used to be commit e4f2afc34362953f56a026b66ae1aea81e9db104)