summaryrefslogtreecommitdiff
path: root/source4/kdc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r17586: merge lib/netif into lib/socket and use -lnsl -lsocket on theStefan Metzmacher1-1/+1
configure check for the interfaces. should fix the build on some old sun boxes metze (This used to be commit f20e251bfd9f1eb7ce5c00739631b1625a2aa467)
2007-10-10r17516: Change helper function names to make more clear what they are meant ↵Simo Sorce2-10/+10
to do (This used to be commit ad75cf869550af66119d0293503024d41d834e02)
2007-10-10r17341: pass a messaging context to auth_context_create()Stefan Metzmacher1-3/+2
and gensec_server_start(). calling them with NULL for event context or messaging context is no longer allowed! metze (This used to be commit 679ac74e71b111344f1097ab389c0b83a9247710)
2007-10-10r16964: Remove extra debugs no longer required in a working KDCAndrew Bartlett1-26/+21
Implement the 'DES only' flag. Andrew Bartlett (This used to be commit 9d42bb4b3d2a45da02f0525386468161494852cd)
2007-10-10r16237: Use an appropriate basedn for these searches, so they occour into theAndrew Bartlett1-2/+4
correct partition. Andrew Bartlett (This used to be commit f661dafe4edcd017a8d3bda1a40ff8b0d7a1348e)
2007-10-10r16056: Fix errors found by trying to use our kpasswd server and the Apple ↵Andrew Bartlett1-4/+1
client. Andrew Bartlett (This used to be commit ae2913898c983dcba69b5d0b89c428e450e9bf5f)
2007-10-10r15883: Make sure timegm() prototype is available (on systems where we've had toJim McDonough1-0/+1
replace it) (This used to be commit eef117e4454ed5faeddfc0b18bd4f0128c922f36)
2007-10-10r15853: started the process of removing the warnings now thatAndrew Tridgell1-2/+1
talloc_set_destructor() is type safe. The end result will be lots less use of void*, and less calls to talloc_get_type() (This used to be commit 6b4c085b862c0932b80b93e316396a53b993544c)
2007-10-10r15830: fixed two kdc memory leaksAndrew Tridgell2-14/+8
(This used to be commit cc290ece92196d2bdf39eaa9d3bb4a0af6ec782c)
2007-10-10r15573: Fix build of systems that have iconv headers in non-standard locationsJelmer Vernooij1-1/+0
Split of system/locale.h header from system/iconv.h Previously, iconv wasn't being used on these systems (This used to be commit aa6d66fda69779d1c2948a1aca85dbd5208f1cba)
2007-10-10r15497: I'm not really sure this is correct in terms of how we should be ↵Andrew Bartlett1-0/+4
responding to krbtgt/MY.REALM@MY.REALM TGS ticket requests, but for the moment, these are still marked as 'server' requests by the kerberos5.c caller. Andrew Bartlett (This used to be commit afaee0a6b7aba3db118e6529c341c9377bc26546)
2007-10-10r15481: Update heimdal/ to match current lorikeet-heimdal.Andrew Bartlett1-161/+199
This includes many useful upstream changes, many of which should reduce warnings in our compile. It also includes a change to the HDB interface, which removes the need for Samba4/lorikeet-heimdal to deviate from upstream for hdb_fetch(). The new flags replace the old entry type enum. (This required the rework in hdb-ldb.c included in this commit) Andrew Bartlett (This used to be commit ef5604b87744c89e66e4d845f45b23563754ec05)
2007-10-10r15480: Patch from lha, to ensure we don't leave a free()'ed element in theAndrew Bartlett1-3/+1
principal on strdup failure. Andrew Bartlett (This used to be commit d72fafc1f0089212634fc1a77352b47970e82410)
2007-10-10r15379: Fix shared library build's unresolved dependenciesJelmer Vernooij1-1/+1
(This used to be commit 0fafa2e59566f8f892d7dfd7dd33d0100b96a780)
2007-10-10r15356: Remove unused 'flags' argument from socket_send() and friends.Andrew Bartlett1-2/+2
This is in preperation for making TLS a socket library. Andrew Bartlett (This used to be commit a312812b92f5ac7e6bd2c4af725dbbbc900d4452)
2007-10-10r15338: Fix build of most things with shared libs enabled.Jelmer Vernooij1-1/+1
(This used to be commit 8985093d3fba90287bd739aaaa0fbfdadca2b999)
2007-10-10r15328: Move some functions around, remove dependencies.Jelmer Vernooij1-1/+1
Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2007-10-10r15301: Use static libraries internally. This required a few hacks in the buildJelmer Vernooij1-1/+3
system - these should be removed later on. (This used to be commit 06547391669e064d2b92f5841b7df5f101a34cb9)
2007-10-10r15297: Move create_security_token() to samdb as it requires SAMDB (and the ↵Jelmer Vernooij1-1/+1
rest of LIBSECURITY doesn't) Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal Some other dependency fixes (This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
2007-10-10r15270: Rename EXTRA_CFLAGS to CFLAGS - initial work on getting DSO's ↵Jelmer Vernooij1-1/+1
working again. (This used to be commit 33e4b92c46f272478b3c9e433f910dbbaab52af8)
2007-10-10r15223: Move heimdal's -I parameters from the global list of includes toJelmer Vernooij1-1/+2
the subsystems in question (This used to be commit 2fbb4d91fa580ccb64e36f0b082f23af33123b13)
2007-10-10r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacementJelmer Vernooij1-2/+2
for REQUIRED_SUBSYSTEMS. (This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
2007-10-10r14856: fix bugs noticed by the ibm code checkerStefan Metzmacher1-8/+10
metze (This used to be commit f72e7d9dcd02f1f983b457163dee0a8df0186c79)
2007-10-10r14571: More improvements on shared library support in Samba. Only ldb is ↵Jelmer Vernooij1-1/+1
left now... (This used to be commit e71cca7f0cec62357eba6ba02d13f1c3f04edaa7)
2007-10-10r14567: Make some more functions public.Jelmer Vernooij1-1/+1
(This used to be commit 8e84e6cb6b172c89072723e07f344da8f4476c1f)
2007-10-10r14542: Remove librpc, libndr and libnbt from includes.hJelmer Vernooij1-0/+1
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
2007-10-10r14537: remove used fileStefan Metzmacher1-339/+0
metze (This used to be commit e3f6e53075b34faea6d8a3b9f75aa739e3b0bb7f)
2007-10-10r14477: Remove the NOPROTO property - it's no longer used as proto.h is gone.Jelmer Vernooij2-3/+0
(This used to be commit 9c37f847d32d2f327a88c53a90af0c73126b76be)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14427: don't reference short_princ after it is freedAndrew Tridgell1-1/+1
(This used to be commit 8ca4681861e24ddf7c4abcc97a4cf0e001d13e24)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij1-0/+2
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14203: Include less private heimdal headers.Andrew Bartlett1-1/+5
Andrew Bartlett (This used to be commit ce80425f6d84e434f4562aa0be7e6e4ad2772b92)
2007-10-10r14079: I just found the setproctitle library from alt linux:-)Stefan Metzmacher1-0/+2
- add set_title hook to the process models - use setproctitle library in process_model standard if available - the the title for the task servers and on connections metze (This used to be commit 526f20bbecc9bbd607595637c15fc4001d3f0c70)
2007-10-10r13960: Generate makefile rules for installing/removing shared modules.Jelmer Vernooij1-2/+2
(This used to be commit 2c746980328431ab04852dc668899e3eb042da99)
2007-10-10r13926: More header splitups.Jelmer Vernooij1-0/+1
(This used to be commit 930daa9f416ecba1d75b8ad46bb42e336545672f)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij3-1/+5
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13910: Fix the 'your password has expired' on every login. We now considerAndrew Bartlett1-7/+5
if the 'password does not expire' flag has been set, filling in the PAC and netlogon reply correctly if so. Andrew Bartlett (This used to be commit c530ab5dc6865c422382bc0afa7a86f7ec1acdf2)
2007-10-10r13903: Don't generate prototypes for modules and binaries in include/proto.h byJelmer Vernooij1-0/+1
default. (This used to be commit c80a8f1102caf744b66c13bebde38fba74983dc4)
2007-10-10r13516: We can't bind to both 0.0.0.0 and specific network interfaces at theAndrew Bartlett1-7/+0
same time. This was causing the kdc to shut itself down if 'bind interfaces only = no'. Andrew Bartlett (This used to be commit 02ff22a25050687478cfcca4dce35c2346cc2241)
2007-10-10r13321: Bind to each interface and to the 0.0.0.0 interface on the KDC. ThisAndrew Bartlett1-9/+24
was pointed out by Maurice Massar. It ensures we get the addresses for the krb5_mk_priv() correct (otherwise an MIT kpasswdd fails over localhost). Also never run the KDC unless we are a DC. Andrew Bartlett (This used to be commit c17007918459678004a009ccaa50fb85e8b6a739)
2007-10-10r13252: Cleanup, both in code, comments and talloc use:Andrew Bartlett1-23/+12
In particular, I've used the --leak-report-full option to smbd to track down memory that shouldn't be on a long-term context. This is now talloc_free()ed much earlier. Andrew Bartlett (This used to be commit c6eb74f42989d62c82d2a219251837b09df8491c)
2007-10-10r13207: Use the new API for using/not using kerbeors in hdb-ldb.cAndrew Bartlett1-5/+3
Update the rootdse module to use the new schema. Andrew Bartlett (This used to be commit b0b150d08ac39ed486071487826da2e306db6a0b)
2007-10-10r13107: Follow the lead of Heimdal's kpasswdd and use the HDB (hdb-ldb in ourAndrew Bartlett5-9/+45
case) as the keytab. This avoids issues in replicated setups, as we will replicate the kpasswd key correctly (including from windows, which is why I care at the moment). Andrew Bartlett (This used to be commit 849500d1aa658817052423051b1f5d0b7a1db8e0)
2007-10-10r13069: adding a hack on instructions from andrewAndrew Tridgell1-1/+2
(This used to be commit 65cf522b5e079de2cfd5fc989350cc127f6c5baa)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett3-58/+38
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12696: Reduce the size of include/structs.hJelmer Vernooij1-0/+2
(This used to be commit 63917616016133c623fc6ff59454bc313ee7dd8f)
2007-10-10r12683: Fix declaration and initialisation placement.Andrew Bartlett1-5/+6
Andrew Bartlett (This used to be commit 17e20930ec05f6385a8fccfc77fb0aca89ecef52)
2007-10-10r12682: This patch finally fixes our kpasswdd implementation to be compatibleAndrew Bartlett3-60/+177
with clients compiled against the MIT Kerberos implementation. (Which checks for address in KRB-PRIV packets, hence my comments on socket functions earlier today). It also fixes the 'set password' operation to behave correctly (it was previously a no-op). This allows Samba3 to join Samba4. Some winbindd operations even work, which I think is a good step forward. There is naturally a lot of work to do, but I wanted at least the very basics of Samba3 domain membership to be available for the tech preview. Andrew Bartlett (This used to be commit 4e80a557f9c68b01ac6d5bb05716fe5b3fd400d4)
2007-10-10r12681: Allow an entry to have no kerberos keys. This occours when an entryAndrew Bartlett1-16/+24
is new, and has no password. It may also occour in the future if we allow PKINIT. In any case, it shouldn't segfault :-) Andrew Bartlett (This used to be commit 686fea241b7a8ca286099eadfa2ed177367dafdc)
2007-10-10r12631: Now we have fixed the provision script, we don't need to work aroundAndrew Bartlett1-1/+1
it here. Andrew Bartlett (This used to be commit f282fab6113cbd6a431139cbe7f021864f31c3d1)