Age | Commit message (Collapse) | Author | Files | Lines |
|
completely covered now)
(This used to be commit 06048d0dac60ae04a677786c0bd3df4f516d8034)
|
|
(This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
|
|
ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
|
|
include files.
this brings us down to about 11k lines of headers included with
includes.h, while still retaining the speed of building with pch
(This used to be commit 10188869ef072309ca580b8b933e172571fcdda7)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
the ldb part isn't ideal, I will have to think of a better solution
(This used to be commit 6b1f86aea8427a8e957b1aeb0ec2f507297f07cb)
|
|
(This used to be commit 264ce9181089922547e8f6f67116f2d7277a5105)
|
|
I have created the include/system/ directory, which will contain the
wrappers for the system includes for logical subsystems. So far I have
created include/system/kerberos.h and include/system/network.h, which
contain all the system includes for kerberos code and networking code.
These are the included in subsystems that need kerberos or networking
respectively.
Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C
file, instead each C module includes the include/system/XXX.h file for
the logical system support it needs, and the details are kept isolated
in include/system/
This patch also creates a "struct ipv4_addr" which replaces "struct
in_addr" in our code. That avoids every C file needing to import all
the system networking headers.
(This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
|
|
use ndrdump for replies that depend on variables from requests
(This used to be commit 5d83de4c64fbbd6775ba6d42c430ef2cba11be4f)
|
|
(This used to be commit 5921587ec26e4892efc678421277e4969417d7f5)
|
|
metze
(This used to be commit d331a83f08b492ea463fb8781b4c46a71f80bf42)
|
|
rather than doing everything itself. This greatly simplifies the
code, although I really don't like the socket_recv() interface (it
always allocates memory for you, which means an extra memcpy in this
code)
- fixed several bugs in the socket_ipv4.c code, in particular client
side code used a non-blocking connect but didn't handle EINPROGRESS,
so it had no chance of working. Also fixed the error codes, using
map_nt_error_from_unix()
- cleaned up and expanded map_nt_error_from_unix()
- changed interpret_addr2() to not take a mem_ctx. It makes absolutely
no sense to allocate a fixed size 4 byte structure like this. Dozens
of places in the code were also using interpret_addr2() incorrectly
(precisely because the allocation made no sense)
(This used to be commit 7f2c771b0e0e98c5c9e5cf662592d64d34ff1205)
|
|
(This used to be commit 5c46747c36aa09289c6b2df3927833aec78059fd)
|
|
also fixes a memory leak found with --leak-check.
(This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
|
|
(This used to be commit 7124949140141513193f41bb8491aa6a283efed7)
|
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
Add missing break;
Andrew Bartlett
(This used to be commit cdb8261775a3100e1b95b485d91ba1f94c879905)
|
|
Andrew Bartlett
(This used to be commit 8f4dab5d44480b40fc14afc70172861c229ba77d)
|
|
lsa_SidArray on stdout.
(This used to be commit d7d8a7ffc66cf6f78f11e8aed975d746c7a520a3)
|
|
{get,set}ntacl
programs can build on non-xattr machines.
(This used to be commit daad76207dbb4060c231a58c99970e837e1e858f)
|
|
'security.ntacl'
extended attribute.
(This used to be commit 5b88226f9002711baac73e66d04ecf92b7765809)
|
|
Andrew Bartlett
(This used to be commit 5c5b45c1a870693c6201a09b508109b121ddc030)
|
|
(This used to be commit dce43a535c9f6135c162711bc12cee266fc46c4a)
|
|
use it like:
net time <server>
net time <server> -U "" -N
net time <server> -U DOM\\user
...
metze
(This used to be commit ea14b2780f1cb6597ba4e71b83364e6a39e966fe)
|
|
(This used to be commit 6ffdfd779936ce8c5ca49c5f444e8da2bbeee0a8)
|
|
use it like:
net password set user
net password set DOM\\user
net password set user pass
net password set DOM\\user pass
net password set -U DOM\\Administrator%admpass DOM\\user pass
metze
(This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
|
|
now you're prompted when cmdline_get_userpassword() is called
and the password is not yet known
metze
(This used to be commit d14a01533c5d465ff3709c48576b798b3be807e0)
|
|
but we need to find the real pdc for the users domain
and fallback to other levels
metze
(This used to be commit f1b9c1f3dd0fb927c065541da900ae43e0018a62)
|
|
and print the user domain when prompting for a new password
metze
(This used to be commit aedb2e9e1c418a7ac3cc18299707ae9146e4047a)
|
|
metze
(This used to be commit 52b866c40332ab408c57a0eab415e0755e4b5081)
|
|
declarations
Does any knows if there are flags to let gcc 3.4.1 fail with that?
metze
(This used to be commit 6ad57a86c8583df90a93fdf36b7184010d2054bc)
|
|
- add 'net password change' command
(it doesn'T work yet because libnet_rpc_connect() isn't implemented yet,
and we don't fill in the net_context user substruct yet)
metze
(This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
|
|
the inlcude has to move to includes.h
metze
(This used to be commit 97fe38183b6a03c01f6ac2d28a958d632eb4ff8a)
|
|
and add it to the build
metze
(This used to be commit 14b9858800f6944bf78bee34338242cd3292b297)
|
|
- and remove all unneeded files
we'll reimplement the stuff step by step using the functions from
libnet/ which will do the hard work for us
metze
(This used to be commit 8b2d5ec973fde980389bfe03cbcd70274b98b2dc)
|
|
jelmer: you forgot lookupsid.c
metze
(This used to be commit 2d4b806156842af84dd6de217a8652f4c9b0e090)
|
|
- IDL fixes + adding comments
- Start working on dcom infrastructure
(This used to be commit ef0fc269f06c82594c34ad8673c76c5ea099250e)
|
|
(This used to be commit 85fb26a05d57e58795b0c0ffa93dc9e0fa902431)
|
|
rename CLI_ -> SMBCLI_
metze
(This used to be commit 8441750fd9427dd6fe477f27e603821b4026f038)
|
|
changes
- got rid of global_myname(), using lp_netbios_name() instead
(This used to be commit e8d4b390884e487163d81f66a5a7ac1de1305d9a)
|
|
Andrew Bartlett
(This used to be commit 871e98ce5771bc96527f7ad4da07a7d6c1ae1c3c)
|
|
Declare variables at the start of a block.
Andrew Bartlett
(This used to be commit 9f5394703e81db9ed93648e06e48b0364a04a696)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
This layer is used for DCERPC security, as well as ntlm_auth at this
time. It expect things like SASL and the CIFS layer to use it as
well.
The particular purpose of this layer is to introduce SPENGO, which
needs generic access to the actual implementation mechanisms.
Schannel, due to it's 'interesting' setup properties is in GENSEC, but
is only in the RPC code.
Andrew Bartlett
(This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
|
|
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend
to refactor them into the same format as NTLMSSP.
Andrew Bartlett
(This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
|
|
- dump unused data in ndrdump
(This used to be commit 65c5590bd0cd23c65a94786846740180c7f175ba)
|
|
metze
(This used to be commit 57151e80eb1090281401930c8fe25b20a8cf3a38)
|
|
metze
(This used to be commit 9f914e4af99e18b469d4cf9d8b1514a2bd28ddec)
|
|
metze
(This used to be commit 18062d2ed9fc9224c43143c10efbf2f6f1f5bbe0)
|
|
metze
(This used to be commit b5378803fdcb3b3afe7c2932a38828e83470f61a)
|