| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit b27d81dca9fd07c83b11a5bb3a883ec3f28cca6a)
|
|
its own credentials element
(This used to be commit de8975bdd3dc9b4f4d65000e126bbd11c43b3f06)
|
|
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
|
|
This is one of the last places using the latter function.
rafal
(This used to be commit c95d30d38c4969c070766d320ed52e332e131195)
|
|
to match all other _recv functions we have
metze
(This used to be commit bd4f85ab5f60c7430ac88062fa6a9f6cffa9596f)
|
|
metze
(This used to be commit 4d35c2b8e671cc8fe44971cf2a577236afd1abbd)
|
|
This merges Samba4 up to current lorikeet-heimdal, which includes a
replacement for some Samba-specific hacks.
In particular, the credentials system now supplies GSS client and
server credentials. These are imported into GSS with
gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY
keytab, so we now create a FILE based keytab as provision and join
time.
Because the keytab is now created in advance, we don't spend .4s at
negprot doing sha1 s2k calls. Also, because the keytab is read in
real time, any change in the server key will be correctly picked up by
the the krb5 code.
To mark entries in the secrets which should be exported to a keytab,
there is a new kerberosSecret objectClass. The new routine
cli_credentials_update_all_keytabs() searches for these, and updates
the keytabs.
This is called in the provision.js via the ejs wrapper
credentials_update_all_keytabs().
We can now (in theory) use a system-provided /etc/krb5.keytab, if
krb5Keytab: FILE:/etc/krb5.keytab
is added to the secrets.ldb record. By default the attribute
privateKeytab: secrets.keytab
is set, pointing to allow the whole private directory to be moved
without breaking the internal links.
(This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
|
|
2) Set credentials workstation name, otherwise rpc bind function
segfaults on auth stage
rafal
(This used to be commit 6dc67ba6a30e6fc3fc21821d009ea940b093eec2)
|
|
of smb.conf.
rafal
(This used to be commit 739169e8eda74ad53d728fe6d11a30513c218853)
|
|
rafal
(This used to be commit 90db7f13bc0df0a276dc736d2f9439616cb3b2f7)
|
|
functionalities into groups of subcontexts of net subcontext just the
way it's done in net tool. This way we can pass common arguments when
creating subcontext. Also, this may allow easier writing net tool
completely as a script.
At the moment there's a name resolve code segfault to be fixed.
rafal
(This used to be commit 25310d05927dab69d37248977f974bcaedbd081b)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
pieces a string is split into. This allows for a fix in the variable
substitution used in provisioning
(This used to be commit be06785d4835abcbc7d75c0176c85a8ecc0cc11d)
|
|
- speed up provisioning a bit using a ldb transaction (also means you
can't end up with a ldb being half done)
(This used to be commit 91dfe304cf688bb81b69ff3192ac84b78b34b311)
|
|
js arrays are a special type of object where the length property is
automatic, and cannot be modified manually. Our code was manually
setting length, which made it abort when someone passed in a real ejs
array. To fix this we need to create real arrays instead of objects,
and remove the code that manually sets the length
(This used to be commit ebdd1393fde44a0a35446d1a922d29a7c1769ba7)
|
|
logon_parameters for the auth subsystem.
Andrew Bartlett
(This used to be commit 767c5ca7bec3737d1261e209cd895d1300354f25)
|
|
(This used to be commit 3333d71ab6594c1e8977098c31c9437686039f1c)
|
|
- fixed a double free error in ldb.close()
(This used to be commit 7f797e7097cffa1f5b5bac34e100af77d4026f89)
|
|
function execution error.
rafal
(This used to be commit a50a5bef6e4c0051d13ed59fe5ddade709a98ba7)
|
|
Support installing libraries.
Get rid of pkg-config file (will be autogenerated later on).
(This used to be commit b4745032a2c55752c527026feb221ccc3dce10c8)
|
|
rafal
(This used to be commit f9c436bbdf0f071247da025f6984f9ee1c48dca8)
|
|
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
|
|
http://lists.samba.org/archive/samba-technical/2005-October/043443.html)
(This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
|
|
metze
(This used to be commit 0d948cf430f34757a17170cdd26ac6b87341a75f)
|
|
metze
(This used to be commit a3abf10d431f82b12b0795d5bc217c8ec3ce89f7)
|
|
we need some helper functions for this
metze
(This used to be commit e27e36909d367748fc653ddc0fd1c699b77780e9)
|
|
metze
(This used to be commit 5d46cdd1ee8ae2a49a81f0a36a4c3f12d7635de9)
|
|
the time attribute handling functions
(This used to be commit 93c296d52718e77f8b702e1721b548eaadc56c76)
|
|
then StaticLibrary()
(This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
|
|
seem to be able to handle incomplete enum types.
(This used to be commit 540155fad3c8e3d79fb631bb3f14273f82130a73)
|
|
(This used to be commit 03647e1321cf6c9bd6ced3945265f635e9468973)
|
|
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)
This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.
Also don't set the realm from a ccache, as then it overrides --option=realm=.
Andrew Bartlett
(This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
|
|
but final linking still fails (as does generating files asn1, et, idl and proto
files)
(This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
|
|
(This used to be commit 0963ab9c148772b961f17ec779213b0eb861e1dd)
|
|
searches in ldb to be more ldap compliant, but broke the wins server
and the ejs ldb code. This fixes those up so 'make test' passes again.
(This used to be commit dff660c23c97114d0c1be705f4d6a9c114b60456)
|
|
added a ldb.close() method in js. Useful for re-opening the db
(This used to be commit 1f12364a0f23ba39fd3d29b510fdef2423685f0d)
|
|
(This used to be commit dd148451d7d554dc0b102023e6a22439fd3b4b81)
|
|
(This used to be commit 8ff1358f401e0086b941f4ff73af5d4c38a1f8bf)
|
|
(This used to be commit b7992de4b7d42a55e00509c887a269a07c19627d)
|
|
(This used to be commit d2db164d6f674cada470e871c558c75f98244141)
|
|
(This used to be commit 213bcb7e16290da0c26492ced65509a63942d4ce)
|
|
(This used to be commit edf380cb5fa2c168fc05dd54580f024239ef835f)
|
|
(This used to be commit 77f24ed131bf57c30bb500e1d8d387bd4b403ddc)
|
|
Write out new smb.conf file. Parameters that have disappeared
between Samba 3 and 4 will optionally be prefixed with 'samba3:'
(This used to be commit 27eefbd9059fe0a3daca15a71da7b4cb88ed22ec)
|
|
with your loadparm interface. :-/
(This used to be commit bb0cef581a09a86113f3212c776c011ae73def14)
|
|
don't to be pre-declared). Also doesn't use any globals, so multiple files can be loaded at once.
Currently uses the prefix "param" for all functions and structures; suggestions for better ones are welcome...
Remove old smb.conf-parsing code from libsamba3.
(This used to be commit 414e5f7f6dc38a8fde3b61d524a664f56f9ea592)
|
|
Update TODO-list
(This used to be commit d9541535e3f9e1c058410eeb0a54d60181572f2b)
|
|
Fix password support
Make base64 decode/encode functions available to EJS
(This used to be commit 1376a1fe44cd6b01709819095a711c14626b1d3e)
|
|
Still need to polish some rough edges
(This used to be commit a8f309aa812533f57a90410722dfb342c8cf3b48)
|
|
(This used to be commit 6e3e964fb4529260c2fcb09b41eda1a100e690eb)
|
