Age | Commit message (Collapse) | Author | Files | Lines |
|
- Update Samba4's kerberos code to match the 'salting' changes in
Samba3 (and many other cleanups by jra).
- Move GENSEC into the modern era of talloc destructors. This avoids
many of the memory leaks in this code, as we now can't somehow
'forget' to call the end routine.
- This required fixing some of the talloc hierarchies.
- The new krb5 seems more sensitive to getting the service name
right, so start actually setting the service name on the krb5 context.
Andrew Bartlett
(This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
|
|
metze
(This used to be commit 234166606dc86b9e98226cff94b3869ec173671e)
|
|
(This used to be commit 3f75117db921e493bb77a5dc14b8ce91a6288f30)
|
|
secrets. (Which will, I am assured, go away).
Andrew Bartlett
(This used to be commit 415ba959271f6f97d6fe3b923e49a58611edf8bd)
|
|
leak warnings
(This used to be commit 11713da2efc6d45c5594289efa0b6c0e594e6d2e)
|
|
new one
(This used to be commit 283e38aeb210e048302dc2759a75879cfc81eeb5)
|
|
caller doesn't have to worry about the constraint of only opening a
database a single time in a process. These wrappers will ensure that
only a single open is done, and will auto-close when the last instance
is gone.
When you are finished with a database pointer, use talloc_free() to
close it.
note that this code does not take account of the threads process
model, and does not yet take account of symlinks or hard links to tdb
files.
(This used to be commit 04e1171996612ddb15f84134cadded68f0d173b2)
|
|
Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.
In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.
Andrew Bartlett
(This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
|
|
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend
to refactor them into the same format as NTLMSSP.
Andrew Bartlett
(This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
|
|
metze
(This used to be commit 18062d2ed9fc9224c43143c10efbf2f6f1f5bbe0)
|
|
system. I'd like to get rid of DOM_SID completely soon
(This used to be commit e306e27cf333e176195a47b19e3de591b4a59650)
|
|
(This used to be commit bb74a94e2610620987a44ab7289115a8ee361529)
|
|
This adds support for bigendian rpc in the client. I have installed
SUN pcnetlink locally and am using it to test the samba4 rpc
code. This allows us to easily find places where we have stuffed up
the types (such as 2 uint16 versus a uint32), as testing both
big-endian and little-endian easily shows which is correct. I have now
used this to fix several bugs like that in the samba4 IDL.
In order to make this work I also had to redefine a GUID as a true
structure, not a blob. From the pcnetlink wire it is clear that it is
indeed defined as a structure (the byte order changes). This required
changing lots of Samba code to use a GUID as a structure.
I also had to fix the if_version code in dcerpc syntax IDs, as it
turns out they are a single uint32 not two uint16s.
The big-endian support is a bit ugly at the moment, and breaks the
layering in some places. More work is needed, especially on the server
side.
(This used to be commit bb1af644a5a7b188290ce36232f255da0e5d66d2)
|
|
machine account password.
* neater handling on value() options in IDL. The auto-print code
will now display the right value so you don't need to initialise
it in your C code
(This used to be commit 3dd978b12bb5571fba4e1839c0f7ee60cf729aa2)
|
|
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)
|