summaryrefslogtreecommitdiff
path: root/source4/kdc
AgeCommit message (Collapse)AuthorFilesLines
2010-03-25s4:kdc Add support for changing password of a servicePrincipalNameAndrew Bartlett1-10/+32
Apparently AD supports setting a password on a servicePrincipalName, not just a user principal name. This should fix (part of) the join of OpenSolaris's internal CIFS server to Samba4 as reported by Bug #7273 Andrew Bartlett
2010-02-26s4-kdc: Fixed the memory context of tstream_bsd_existing()Andreas Schneider1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-02-25s4:kdc add mit plugin codeSimo Sorce3-0/+459
2010-02-25s4:kdc make function staticSimo Sorce2-6/+1
2010-02-22More spelling fixes across source4/Brad Hards1-1/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-22Various source4 spelling fixes.Brad Hards1-1/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-16s4-dsdb: removed gendb_search_single_extended_dn()Andrew Tridgell1-13/+16
Use dsdb_search_one() instead, which allows for arbitrary controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flagsAndrew Tridgell1-1/+1
This allows for controls to be added easily where they are needed.
2010-02-12s4:kdc Fill in created_by principal fieldSimo Sorce1-4/+7
2010-02-12s4:kdc Fix double free and uninitialized memory.Simo Sorce1-2/+13
In samba_kdc_trust_message2entry() on error, hdb_free_entry() may end up trying to access uninitialized memory or double free the hdb_entry.
2010-01-31s4:kdc Streamline client access verification callSimo Sorce3-70/+129
Move the core to pac-glue so that other plugins can use it.
2010-01-31s4:kdc Fix netbios name retrievalSimo Sorce1-2/+2
The code was looping but always checking only the first address.
2010-01-28s4:kdc remove dead code and commentsSimo Sorce1-5/+0
2010-01-28s4:kdc Fill in more data fieldsSimo Sorce1-4/+8
2010-01-28s4:kdc move db functions in their own fileSimo Sorce7-1467/+1618
Keep all heimdal related plugin code within hdb_samba4.c Move interfaces needed by multiple plugins in db-glue.c Move sequence context in main db context so that we do not depend on db->hdb_dbc in the common code. Remove unnecessary paremeters from function prototypes
2010-01-28s4:kdc Use a clearer name for the samba kdc entrySimo Sorce4-32/+30
Renames hdb_samba4_private to samba_kdc_entry Streamlines members of the entry and the kdc db contextto avoid unnecessary duplication.
2010-01-28s4:kdc Use better db context structureSimo Sorce5-88/+109
This allows to use a common structure not tied to hdb_samba4 Also allows to avoid many casts within hdb_samba4 functions This is the first step to abstract samba kdc databse functions so they can be used by the MIT forthcoming plugin.
2010-01-27s4:windc move windc plugin in its own fileSimo Sorce5-191/+228
Keep all heimdal related plugin code within wdc-samba4.c Leave only interfaces common to multiple plugins in pac-glue.c
2010-01-27s4:PAC make common functions publicSimo Sorce2-25/+70
2010-01-27s4:PAC Streamline pac-glue step 2Simo Sorce1-55/+113
Split functions so that no assumption is made about which plugin is using them
2010-01-27s4:PAC Streamline pac-glueSimo Sorce1-19/+40
First step, preparing to share the code between multiple plugins.
2010-01-22s4:kdc Simplify header filesSimo Sorce4-39/+14
2010-01-11Fix comment/debug messagesSimo Sorce1-4/+4
2010-01-08Fix commentSimo Sorce1-1/+1
2010-01-08s4-kdc: Migrate tcp connections to tsocket.Andreas Schneider1-89/+188
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-08s4:kdc: use LIBSAMBA_TSOCKETStefan Metzmacher1-1/+1
metze
2010-01-08s4:kdc: the ->process function returns "bool"Stefan Metzmacher1-9/+9
metze
2009-12-24s4:kdc: use the remote and local address from the stream_connection structStefan Metzmacher1-41/+2
metze
2009-12-23s4:cleanups More trailing spaces and tabsSimo Sorce6-181/+181
2009-12-23s4:cleanups remove trailing spaces and tabsSimo Sorce1-119/+120
2009-12-19s4:kdc: setup the local and remote tsocket_address at accept timeStefan Metzmacher1-44/+49
metze
2009-12-19s4:kdc: convert UDP based communication to tdgram_contextStefan Metzmacher2-177/+138
metze
2009-12-16s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.Andreas Schneider1-1/+1
2009-12-16s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.Andreas Schneider1-17/+1
2009-12-15s4-kdc: Migrate to tsocket_address.Andreas Schneider3-18/+80
2009-12-01s4:kdc - Merged kdc_tcp_accept() and kpasswdd_tcp_accept().Endi S. Dewata1-26/+6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-01s4:kdc - Merged kdc_add_kdc_socket() and kdc_add_kpasswd_socket().Endi S. Dewata1-75/+27
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-01s4:kdc - Disable KDC port when it's set to 0.Endi S. Dewata1-42/+63
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-09s4-hdb: go back to a separate samdb for the KDCAndrew Tridgell1-1/+16
The change to use a common system_session broke replication as the KDC forces CRED_DONT_USE_KERBEROS on session->credentials, which is shared with other parts of the system. This should be fixed once we confirm whether the ldap backend actually relies on CRED_DONT_USE_KERBEROS
2009-11-05s4:kdc: remove unused struct kpasswd_socketStefan Metzmacher1-10/+0
metze
2009-10-30s4:kdc/hdb-samba4 - Remove unused variableMatthias Dieter Wallnöfer1-1/+0
2009-10-25s4-samdb: reduce the number of samdb opens at startupAndrew Tridgell1-3/+3
Using common parameters means that the ldb_wrap code can return a reference rather than a new database
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell1-1/+1
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer1-1/+1
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
2009-10-14Revert "s4:hdb-samba4 - Don't double-free "db""Andrew Bartlett1-0/+1
This reverts commit 11a8a54c825a52d7dd6ab78bc7aeff2d719327d2. The actual fix for bug 6801 is in hdb_end_seq_get() - this attempt leaks 'db' instead. Andrew Bartlett
2009-10-13s4:hdb-samba4 - Don't double-free "db"Matthias Dieter Wallnöfer1-1/+0
"db" is freed anyway after the destructor terminates so this does really make no sense here (rather it makes code crash). Should fix bug #6801.
2009-10-08s3/s4 - Adapt the IDL changes on various locationsMatthias Dieter Wallnöfer1-9/+8
2009-09-18s4-server: kill main daemon if a task fails to initialiseAndrew Tridgell1-14/+14
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state.
2009-09-18s4-kdc: ignore unknown keytypes Andrew Tridgell1-0/+6
don't fail hdb operations if one of the key types is unknown
2009-09-16s4:kdc In the kpasswd server, don't use the client address in mk_privAndrew Bartlett1-0/+8
This code eventually calls into mk_priv in the Heimdal code, and if the client is behind NAT, or somehow has an odd idea about it's own network addresses, it will fail to accept this packet if we set an address. It seems easiser not to. (Found by testing with NetAPP at plugfest) Andrew Bartlett