Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit c4266c7f688145a9b7da8977aff7fb972b7d0aa4)
|
|
thanks to Stephen Zarkos for finding this
(This used to be commit 8331eee64cb679c091ca46cc001ff9851eb91f0e)
|
|
(This used to be commit 89039683db4f2f492b292b32e2dd783e977ae165)
|
|
(This used to be commit d340ea7906c091a1400d3e73a8f530174aa8a965)
|
|
that some values aren't handled. The remaining warnings I think are
actual bugs or required functionality that is missing (mostly lack of
server side Unix extensions).
(This used to be commit 03c7da27a06736f2a27d76e6a00a24ab54453af9)
|
|
crash on i386 but was on ia64.
(This used to be commit 12c77bb2e17ef3cb3264da86852832dffb5474c1)
|
|
(This used to be commit f177c223e6b881a65ed49ceacf9106e42d2a7d0a)
|
|
metze
(This used to be commit 6bae17d279205a0d75f609f6a026b5c99d73cea5)
|
|
We now put the PAC in the AS-REP, so that the client has it in the
TGT. We then validate it (and re-sign it) on a TGS-REQ, ie when the
client wants a ticket.
This should also allow us to interop with windows KDCs.
If we get an invalid PAC at the TGS stage, we just drop it.
I'm slowly trying to move the application logic out of hdb-ldb.c, and
back in with the rest of Samba's auth system, for consistancy. This
continues that trend.
Andrew Bartlett
(This used to be commit 36973b1eef7db5983cce76ba241e54d5f925c69c)
|
|
(This used to be commit 419b28d02d6c5a03bd33eaeabf1b42bfab9155dd)
|
|
metze
(This used to be commit fc53eab2f1bdae471ee68c4b67f57b1eb0821f61)
|
|
metze
(This used to be commit 1b62959a3dd11fface6642e5843224752e188b4a)
|
|
metze
(This used to be commit 630f571934c1119dc3156a1e4b909fc6d5ae95fc)
|
|
not the addresses that are returned in it
metze
(This used to be commit 82e19d68086e795d68cd11eda21448f695aac0a3)
|
|
metze
(This used to be commit 5f45d070208eedaef59bff5f7e05f37719285d84)
|
|
metze
(This used to be commit 0231926e0a017bb65a900867a6dee7ca52d7ffe9)
|
|
requests. If it's
not there (it's not yet on *any* call... :-)), the rpc client strictly
sequences calls to an rpc pipe. Might need some more work on the exact
sequencing semantics when a pipe with both sync and async calls is actually
deployed, but I want it in for winbind simplification.
Volker
(This used to be commit b8f324e4f000971b7dafc263c16dd4af958ee7f9)
|
|
work again. The automatic value() is fine for the length, but cannot
be used for the size as the size is not the number of bytes being
sent, but the number of bytes that the server is allowed to use in the
reply
(This used to be commit 46e91f269c83707863a726e716325eade38e1142)
|
|
Andrew Bartlett
(This used to be commit c0ba414a38de7ffa7b2a59c664598e64e911fe7c)
|
|
special group vs. special group will be done later
metze
(This used to be commit 25a35c697795ff802d735cfd3e6c11ea73d92126)
|
|
metze
(This used to be commit 70166bb2a9085e08915fc0f560e660b7edd0c2b3)
|
|
metze
(This used to be commit a70cf6f87b975861bb7af4080c56f146faf3369d)
|
|
metze
(This used to be commit 061e2e67daeb920b2613564814738adc56c58017)
|
|
- we handle incoming release demands for that
metze
(This used to be commit 1db4d8e456895d18a864fa740ec0d8198226cba0)
|
|
metze
(This used to be commit dccaceee182066e15e7a4fd9a5f3f0b2e2beda19)
|
|
- remove useless .release attribute, we have seperate tests for this
now
- add first owned,active vs. replica test, including handling incoming
name queries from the server
metze
(This used to be commit 7843b6c5c84b7543fd30242e0d5c8414b56fd383)
|
|
return the pesky USER_EXISTS 'error' code any more, and it is much
easier to handle this inline.
Andrew Bartlett
(This used to be commit a7eb796cf544db3fe16986d8e233d2defe7a7d1b)
|
|
The warnings were caused by the structure assignements, which we don't
need to do. The actual values are filled in by the NDR layer later.
Andrew Bartlett
(This used to be commit f140117535c3281f0a0a7970ea4127498737d112)
|
|
volker's urging on the use of -O1.
Andrew Bartlett
(This used to be commit 6a7bb391ba62a4f90f57aa76c5dcc0d35fca54a4)
|
|
Andrew Bartlett
(This used to be commit de83b8cd187b28ecb30550c44f9f84e373df692e)
|
|
IDL and testsuites. The server-side of this remains a stub, we should
probably be doing ldb searches for the server reference record.
Andrew Bartlett
(This used to be commit 0141ed309a664e7a9893c95232c2dcb9768f9315)
|
|
This avoids the nasty user@DOMAIN test for now, as it has very odd
semantics with NTLMv2.
Allow only user accounts to do an interactive login.
Andrew Bartlett
(This used to be commit 690cad8083e176b2e58fc243a11a003a78ce4074)
|
|
Andrew Bartlett
(This used to be commit 75b002746af3788c71f99854ce983ff807f12b37)
|
|
expect funny buisness.
Andrew Bartlett
(This used to be commit b2810bd702b14375ddc237ba39be0badbae20aa5)
|
|
Andrew Bartlett
(This used to be commit 35cbdd5c9ddb95a78fd56b854edca1b62f118fa7)
|
|
'workstation for account on NTLM' flag.
Andrew Bartlett
(This used to be commit aa5b6cf7c4cabd25655dc11d90d00c5faec67d6c)
|
|
plaintext and machine account logins.
Update tests to confirm this behaviour.
Andrew Bartlett
(This used to be commit a0ed41d379f4b15a7f44ca93de9907f02bada163)
|
|
Andrew Bartlett
(This used to be commit 326ffb2cc03bfde37b6fe34779848e9a191198e2)
|
|
- complete owned,released tests
metze
(This used to be commit ba82ffb261d5ef59216cec75fb617b4d7022aaee)
|
|
Support installing libraries.
Get rid of pkg-config file (will be autogenerated later on).
(This used to be commit b4745032a2c55752c527026feb221ccc3dce10c8)
|
|
credentials system for password -> NTLM translation.
Andrew Bartlett
(This used to be commit d22cbf1b0cae9ca211c916320754d5edfe360c30)
|
|
converting username/pass into the NTLM responses.
Andrew Bartlett
(This used to be commit 272861b8ede591073cc3a26635fefbc784976764)
|
|
Win2k3 SP1.
Only a few operations are supported (LookupSids3 and LookupNames4),
and these are only supported under schannel. This appears to be the
operations Win2k3 SP1 uses to verify part of the PAC back to the
server.
The test is setup to pass, but not enforce (so far) this new
behaviour.
Andrew Bartlett
(This used to be commit e15e39866e9775ba662f669a19836d33f7633f6f)
|
|
Andrew Bartlett
(This used to be commit c8bf7d32ebdc9bc795ce45a6d250a2378ac803aa)
|
|
metze
(This used to be commit 4d956b17c1f9e0d7a3c275b621380f1bc821b56e)
|
|
we can round-trip all the way back to a server_info structure, not
just a filled in PAC_DATA. (I was worried about generated fields being
incorrect, or some other logical flaw).
Andrew Bartlett
(This used to be commit 11b1d78cc550c60201d12f8778ca8533712a5b1e)
|
|
metze
(This used to be commit c8d3c2f1a1231de49bca1a72e696a833366a0493)
|
|
the other interfaces.
(This used to be commit 8eb582b5780188b6304c560b3e84fd7d75c483f8)
|
|
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
|
|
(This used to be commit 99444c129d08fe3e3e381b04c2da5ea5c9c10270)
|