Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit a25770983b34bac5bd7dcce69241716386dc8509)
|
|
favor of talloc_free().
Andrew Bartlett
(This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
|
|
- Update Samba4's kerberos code to match the 'salting' changes in
Samba3 (and many other cleanups by jra).
- Move GENSEC into the modern era of talloc destructors. This avoids
many of the memory leaks in this code, as we now can't somehow
'forget' to call the end routine.
- This required fixing some of the talloc hierarchies.
- The new krb5 seems more sensitive to getting the service name
right, so start actually setting the service name on the krb5 context.
Andrew Bartlett
(This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
|
|
that simplifies the code a lot...
also add a note: we should fail the krb5 auth if there's no
PAC present (when heimdal is ready for that:-)
metze
(This used to be commit 532641a7003d23b034a253d166482f18c2de6191)
|
|
(This used to be commit f78506697ad23456fcac6e8916d0dad05b0df6cc)
|
|
why does samba3 return domain_name as in the unknown_name field in the code
and on the wire it returns DCERPC_FAULT_OP_RNG_ERROR?
all of my test machines NT4,W2K,W2K3,XP returned NULL
and if I file the string in the .in.* the server echos the strings back
and returns NT_STATUS_INVALID_PARAMETER
metze
(This used to be commit 67e765b7e984d7aac2a7786b5bd0c80d10d6de5d)
|
|
lsa_RemovePrivilegesFromAccount()
(This used to be commit 705b870c73995609c8d3ebb24418538bfe20c05b)
|
|
here's the idl to parse it, because we don't want the
callers to manually de/encode this
metze
(This used to be commit 983f74c3651759991378b0d7b13b0952d77b3544)
|
|
(This used to be commit 7bddd4740332017bb5f4bddcc9ba0234d05378bd)
|
|
metze
(This used to be commit 3a6047bc47671bfab14272dfa81f80f4457b209c)
|
|
metze
(This used to be commit 6411c00b3c2c4e11da2b41bfa53e0d42368e3e76)
|
|
so use it in DsReplicaSync()
metze
(This used to be commit ca610da1fc3c059d35e17238e8cac5e5b38790c3)
|
|
(This used to be commit 3538130bf5d656ed4b0e2c84294e995814860e34)
|
|
metze
(This used to be commit 79bdcabcc57da9f7d01b09d3b33fe22770c6e7e8)
|
|
(This used to be commit a4ebef4f53d0eb5aef1bc4ae76ac9ad66bf3b528)
|
|
IDL for NotifyChangeKeyValue
(This used to be commit a40214243136ed5208a1bec494ad1fbf821524ba)
|
|
Support CreateKey in the RPC registry backend
(This used to be commit ad8d9e6f73619332d93c38a1879233e199e8ba25)
|
|
when dangerous tests are enabled.
(This used to be commit a763bd838558bdd7bcab3ca7ee91c1846d7a950f)
|
|
Initialisation data pointer in QueryValue torture test
(This used to be commit 72618dfe95c785d3a3a71cc4a70b59696f2d418e)
|
|
(This used to be commit 1c49de51aeb6041a3b53b8da7dc8e2bcf089bfe0)
|
|
this is mostly just a tidyup, but also adds the privilege_mask, which
I will be using shortly in ACL checking.
note that I had to move the definition of struct security_token out of
security.idl as pidl doesn't yet handle arrays of pointers, and the
usual workaround (to use a intermediate structure) would make things
too cumbersome for this structure, especially given we never encode it
to NDR.
(This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
|
|
(This used to be commit 3040cd65151dbcc54404f9be9d1fbcf539c7b635)
|
|
otherwise the creds structure might be invalid
(This used to be commit 76285b3390f20366d53c7b2509ac07e1f88f7309)
|
|
schannel code.
I would also like to give a gentle reminder to everyone to please run
the appropriate test scripts when you change a subsystem. It's a shame
to have this test code and not use it, and it takes much longer for
another developer to track down a bug in your new code than it would
take for you fix to it at the time you first add it.
- for rpc changes run test_rpc.sh
- for CIFS changes run test_posix.sh
- for ldb changes run test-tdb in lib/ldb/
(This used to be commit 0c58b254cabd236911021aff87c73183356fa8e3)
|
|
of arrays.
(This used to be commit b47e203a054e26d5d0c133a3c3b8d9502bd6ac69)
|
|
QueryValue
(This used to be commit 659d0295314c6a070698fc81223044f4d7366993)
|
|
that depend on variables that come after the array in the structure or function.
This has been something that has been problematic for a while, but the
winreg QueryValue problem finally prompted me to fix it properly. We
should now go back and fix up all the ugly workarounds we have used to
avoid this problem in other calls.
Unfortunately the solution is fairly complex, and involves the use of
the internal ndr token lists (similar to the solution for relative
pointers). I wonder if anyone else will be able to follow the logic if
I get run over by a bus :-)
(This used to be commit e839b19ec5581f669f2a7705b1fb80845313251c)
|
|
Thanks to Michael Allen for some hints on what was wrong with the previous IDL.
(This used to be commit 0fa6d847433eb281eaff15b8be4a26f898689f0a)
|
|
NOTE:
[u]int64 uses 4 Byte alignment
and HYPER_T uses 8 Byte alignment
metze
(This used to be commit 717454eb2fd2bf90e67074acefdae5304cd7433f)
|
|
(many thanks to tridge for telling me that HYPER_T isn't the same as uint64!)
metze
(This used to be commit 74b9ef4de5263953aa2e03401a271f2830163efe)
|
|
(This used to be commit c4c83f04f55d206716380330d2a4d2b31f893346)
|
|
(NOTE: that the drsuapi_DsReplicaObjMetaData2 struct is not corrently parsed yet
and there're some unknown fields left in someother infotypes)
metze
(This used to be commit 4fd57d5e7cff085a8c003ea82f282e26dc1346d9)
|
|
dcerpc_ndr_request_send()
- this allows us to call dcerpc_log_packet() when we receive a packet we
can't parse correctly
metze
(This used to be commit a7a6cea112a180a28188997ca99f30d8dd286bb8)
|
|
metze
(This used to be commit 5d7d6f02cf1aa731d371c97054480d83d85102cb)
|
|
metze
(This used to be commit 717f7c3555ecf6265b5b30783f3214f4ca3b6c00)
|
|
metze
(This used to be commit 0c6d4246a45f649e7373606f12db74c2acd0f538)
|
|
- added string constants for the important privileges.
(This used to be commit d5bc706140faf2d0a917f90f87884cd097e8a48c)
|
|
password".
Guenther
(This used to be commit 18e01ae25493d2b4b9b86d090199d5202d7a9e42)
|
|
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
|
|
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
|
|
auto-generated ndr code
(This used to be commit 90cdfd921e1a6f8806fe94bba61f1bbaa79c79f1)
|
|
metze
(This used to be commit 57bd26f9c528687ca2ca9bbaa56f7f36efd2231f)
|
|
in my compile
(This used to be commit 0928b1f5b68c858922c3ea6c27ed03b5091c6221)
|
|
This removes the duplicate named SEC_RIGHTS_MAXIMUM_ALLOWED and
SEC_RIGHTS_FULL_CONTROL, which are just other names for
SEC_FLAG_MAXIMUM_ALLOWED and SEC_RIGHTS_FILE_ALL. The latter names
match the new naming conventions in security.idl
Also added names for the generic->specific mappings for files are
directories
(This used to be commit 17a4e0b3aca227b40957ed1e0c57e498debc6ddf)
|
|
definitions for security access masks, in security.idl
The previous definitions were inconsistently named, and contained many
duplicate and misleading entries. I kept finding myself tripping up
while using them.
(This used to be commit 01c0fa722f80ceeb3f81f01987de95f365a2ed3d)
|
|
w2k3 trust
metze
(This used to be commit 5101cd51a24fdcda8dd8fc4da446782948290f9b)
|
|
metze
(This used to be commit 6a7eee1d9917e0884072354dddae568645798da5)
|
|
- add idl for drsuapi_DsReplicaSync() not yet complete
- just return WERR_OK for the drsuapi_DsReplicaSync() server function
metze
(This used to be commit e896925ac0b58bd48b5b9cc2d675682409d09ae1)
|
|
metze
(This used to be commit 623411f74ee766dee2170949b118216387779929)
|
|
metze
(This used to be commit 87a92d3d5c7c2ab0bc07a9fb101022b3db1d637b)
|