Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
|
|
metze
(This used to be commit af6f1f8a01bebbecd99bc8c066519e89966e65e3)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
|
|
structures. This was suggested by metze recently.
I checked on the build farm and all the machines we have support 64
bit ints, and support the LL suffix for 64 bit constants. I suspect
some won't support strtoll() and related functions, so we will
probably need replacements for those.
(This used to be commit 9a9244a1c66654c12abe4379661cba83a73c4c21)
|
|
- Remove legacy sid_to_string (which contained a memleak)
- Remove some unused parts of lib/util_sid.c
Andrew Bartlett
(This used to be commit 7c69a85984e47c004ddfd9bb5eadcb3191b56f9d)
|
|
(This used to be commit 770322bfdfad7d7d33de0c5bc95bb0f51f7409c7)
|
|
This involves allowing the password set code in samdb to take an
already hashed password, and some fixes to our torture code.
Andrew Bartlett
(This used to be commit f9f581b5804a20785df06cde157b23c952edc2ce)
|
|
leave) and test that the password change actually worked.
Andrew Bartlett
(This used to be commit a93c70154ac7126a7d6e638dcfdeef49d2966308)
|
|
Currently this only authentiates the machine, not real users.
As a consequence of running the Samba4 NETLOGON test against Samba4, I
found a number of issues in the SAMR server, which I have addressed.
There are more templates in the provison.ldif for this reason.
I also added some debug to our credentials code, and fixed some bugs
in the auth_sam module.
The static buffer in generate_random_string() bit me badly, so I
removed it in favor of a talloc based system.
Andrew Bartlett
(This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
|
|
test
(This used to be commit 6a254e26f17c2b3175023764c02dc73615d585d6)
|
|
out that this was missing)
(This used to be commit 00916f236d3437a9080614d20a3ab589be6f9196)
|
|
Andrew Bartlett
(This used to be commit d75558cdcbbb89dbe66287d7461b7abae14a8d36)
|
|
includes all
of the password complexity, password history and other password restrictions.
(This used to be commit cb070b9084d95cf5178edbef951b75eab62b7220)
|
|
samr_DeleteDomainGroup.
I've added the hidden attribute numMembers that must be maintained by
Add/DelGroupMember for the GroupInfoAll query.
Volker
(This used to be commit 945d7478605c1bd67e4162ebb0635ab7da11faaf)
|
|
Andrew Bartlett
(This used to be commit a04b074c049db832f4c02a35d951d40875fce6d1)
|
|
Now that all session keys are DATA_BLOBs, fix the callers.
This assumes some things about the behaviour of certain crypto
algorithms, without the ability to test it on session keys != 16 bytes
in length. We will just need to retest when we get the KRB5 support
in (DES keys are 8 bytes).
Andrew Bartlett
(This used to be commit e4355a7ec1eba92bdecef8cc478272897276dbae)
|
|
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
|
|
added test code for SamLogon validation level 2 and 3, so we test both
SamInfo and SamInfo2
(This used to be commit 321dbb61cc0743379ceb6b8fff6a0ca37f308bc2)
|
|
unmapped names
(This used to be commit e3b31625f476cb1b8a4d5003dee2c574582c9b46)
|
|
in our new samr server
(This used to be commit 0f2503111498e809237e0155962db55dfde8cbfb)
|
|
added tests for the level 23 and 25 password change methods
(This used to be commit d49f7a6a0d1895de3d654a5b46c6aec3a57fde76)
|
|
thanks to Luke Howard for this test
(This used to be commit 891653e7d40f581016085e2c32e2802eea7e7ade)
|
|
afterwards for the RPC-NETLOGON test. This makes it much simpler to
run the test and also means that it doesn't distrurb any existing
domain join you might have.
(This used to be commit feac996794d5cc16e3612fb2901668a9b1e1d274)
|
|
(This used to be commit 4b4f025504cb5b92c8b119259f1df622cd72ec7c)
|
|
yay!
(This used to be commit 0221566cf5ff7dc5ce0de9af451b935ed8615f4e)
|
|
stick
(This used to be commit b2ebaf95b75b050ad02ca967867337cd81faa859)
|
|
(This used to be commit 0be7a866dc39e2d63c9c114d0f668287259e7c9e)
|
|
possibly destructive tests. Use with care!
Added IDL and test code for samr_Shutdown() and samr_SetDsrmPassword()
(This used to be commit 84de0b7e58c69e0817b9d475de0895a54cc95927)
|
|
request (a dead socket). I discovered this when testing against Sun's
PC-NetLink.
cleaned up the naming of some of the samr requests
add IDL and test code for samr_QueryGroupMember(),
samr_SetMemberAttributesOfGroup() and samr_Shutdown(). (actually, I
didn't leave the samr_Shutdown() test in, as its fatal to windows
servers due to doing exactly what it says it does).
(This used to be commit 925bc2622c105dee4ffff809c6c35cd209a839f8)
|
|
(for example, not filling in extra
fields in level21 setuserinfo)
(This used to be commit d06ed158f9aef94159bfc09065ca5ad0c4c99de3)
|
|
Also added much better handling of random password generation in the
password change test code
(This used to be commit 67ae0b2a9851c1e77fdaa9f317a83bd54950618f)
|
|
samr_GetBootKeyInformation() and samr_Connect3()
also added some stub IDL for samr_SetBootKeyInformation() although I
don't yet have working test code. This one is tricky, as if you get it
wrong then the target system won't boot any more :)
(This used to be commit 118b6fc292ba3257511b1b83846582013fb59b23)
|
|
- completed the IDL and test code for the various set user password
mechanisms in samr. Three password mechanisms are now working, the
UserInfo24 method, the OemChangePasswordUser2() method (which only
sets the LM password) and the ChangePasswordUser2() method which sets
both the LM and NT passwords.
- updated some crypto routines to support the password change tests
(This used to be commit 051efa2abf9d1fbbf783df411c02f2714027f813)
|
|
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
(This used to be commit 849d0d314a2add80f2b2be6b503fea05973f998e)
|
|
samr_QueryUserInfo2(), samr_QueryDisplayInfo2() and
samr_GetDisplayEnumerationIndex2()
(This used to be commit fddda52500d482bde79994c14a0a822a1d305ac3)
|
|
samr_GetDisplayEnumerationIndex(), samr_TestPrivateFunctionsDomain(),
samr_TestPrivateFunctionsUser() and samr_RemoveMemberFromForeignDomain()
(This used to be commit 53c66708874f9f8e7868530cd2a780160e2eca01)
|
|
a few more samr functions). Still a hack tho.
(This used to be commit 15199a384f63ff206c8bcd483d615a3f91e9877d)
|
|
(This used to be commit 747351140b839879abe1a79a005d81ca4b35a658)
|
|
(This used to be commit 0b8203306d9eb61aaec9549d56c40831fcd091c3)
|
|
(This used to be commit fe1fc81ba76515b79069881d2d62f60201314d04)
|
|
test code
(This used to be commit 46185a71ba0e06544cacf117654e4dbf39385378)
|
|
(This used to be commit 9f12fb39dbac886582d0ccce418491522c042fe6)
|
|
group names.
Volker
(This used to be commit 481cec94c47ffda341e00d628cf34c2c7b5de2fa)
|
|
(This used to be commit 02ddf78e5563b15cb45ae4bc6234469be0dc0210)
|
|
(This used to be commit 0a67057e9626c1539f964e978537e24544784263)
|
|
- Small fixess in nt4 and dir backends
- Start on w95 file backend
(This used to be commit aa739e8d3c7108f6f2089af2d8d522feacc7f698)
|
|
(This used to be commit 1d8a6d762aa4dab54bb58959cb1e7957a76e5b6e)
|
|
(This used to be commit dcb172d207ca0b56e62165633b2f7f7fcc188f7c)
|
|
- Start with the LDB backend
- The API is now more windows-like, which should make it easier to use
in rpc_server
- Added a GTK+ front-end
- Added some more IDL
More updates will follow, especially in the RPC field..
(This used to be commit 3adffa021779b26047a20f16a3c0b53d74751560)
|