summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r8006: I have seen w2k3 send multiple encoding syntaxes in rpc bindAndrew Tridgell1-1/+2
requests. This is a simple change to accept that, as long as the first one is NDR. (This used to be commit 330293ddff39266abb688c6292e59472ff47aebe)
2007-10-10r8005: escape '"' characters in ldap expressions. Makes scripting easier.Andrew Tridgell1-2/+2
(This used to be commit 2de986455c9b616132f06a69c2f135019da2bb8b)
2007-10-10r8004: added a maximum EAs size test from Kukks.Andrew Tridgell1-1/+228
(This used to be commit 426c4d08ac9191c02dcd604a21ea390b7d255a41)
2007-10-10r8003: ensure that we don't try to send a trans request with more than 64k ↵Andrew Tridgell1-0/+8
data or params (This used to be commit b4f2d17ace6a609ec87da103a89e36edee8903f9)
2007-10-10r8002: favor addresses on our local interfaces in NBT name resolution ifAndrew Tridgell2-1/+27
possible. This is needed because w2k3 will return bogus IPs in its name resolution replies when it has an unplugged network interface. (This used to be commit 2fafc230520fb5bbe9f763de94aaba87b56f5411)
2007-10-10r8001: Also fill in the krbtgt checksum, and make sure to put the rightAndrew Bartlett4-9/+30
checksum in the right place... Andrew Bartlett (This used to be commit 90d0f502da20add6784c883b2085cde519604933)
2007-10-10r7999: Fix lacking structure definition.Rafal Szczesniak1-0/+1
rafal (This used to be commit 6886aefe4c78e3e208eacb3c4b76f1189bd1352a)
2007-10-10r7993: Further work on the Krb5 PAC.Andrew Bartlett20-118/+426
We now generate the PAC, and can verifiy both our own PAC and the PAC from Win2k3. This commit adds the PAC generation code, spits out the code to get the information we need from the NETLOGON server back into a auth/ helper function, and adds a number of glue functions. In the process of building the PAC generation code, some hints in the Microsoft PAC specification shed light on other parts of the code, and the updates to samr.idl and netlogon.idl come from those hints. Also in this commit: The Heimdal build package has been split up, so as to only link the KDC with smbd, not the client utils. To enable the PAC to be veified with gensec_krb5 (which isn't quite dead yet), the keyblock has been passed back to the calling layer. Andrew Bartlett (This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
2007-10-10r7991: I forgot to free the keyblock once we are done with it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit a68e348375ab026385e7d5162ed8da8f2adbd84e)
2007-10-10r7989: Allow the use of hashed passwords in the kerberos client and server,Andrew Bartlett2-17/+137
and create the in-memory keytab with the correct kvno, if available. Andrew Bartlett (This used to be commit 7b7b2b038e25f3d767b5db7d6e41dd947fdde091)
2007-10-10r7988: Store the KVNO for the machine account, and set it up in the provision.Andrew Bartlett4-1/+25
Andrew Bartlett (This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
2007-10-10r7986: Fix the compile, thanks to HotaruT.Andrew Bartlett1-1/+1
This won't actually work until I get the keyblock filled in again, but at least it will compile. I first need to decide if we want to keep the server-side gensec_krb5 code at all, now we have the GSSAPI layer doing what we want. Andrew Bartlett (This used to be commit 28e49de9293002ee89f0666144c9028daefdde88)
2007-10-10r7980: Forgot to add kerberos_pac.c to this config.mk file.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit bba58a1876353effbef540dd0db9e66db5343c35)
2007-10-10r7979: Metze reminded me to try one more combination, and we can now verifyAndrew Bartlett1-32/+14
the 'PAC', required for interopability with Active Directory. This is still a cludge, as it doesn't handle different encryption types, but that should be fairly easy to fix (needs PIDL/IDL changes). Andrew Bartlett (This used to be commit 690cfc44cef9b349cc31417d8353b6ce1c7832e1)
2007-10-10r7978: A start again on PAC verification. I have noticed that the kerberosAndrew Bartlett3-52/+43
keys appear at the end of the PAC, which I feel is deliberate (it makes this much easier). I still can't make it work, but I'm sure we are closer. Andrew Bartlett (This used to be commit 6f0e1c80ae7b1e31e7a3fbff84f07442ee5a31cf)
2007-10-10r7977: split up 'make clean' a little more as it is overflowing the command ↵Andrew Tridgell1-2/+6
line size limits on some platforms (This used to be commit e18dc32074fe56d7ccbcf9cc621a4b88abe957b1)
2007-10-10r7971: structs.h updateAndrew Bartlett1-4/+3
(This used to be commit 31e7df1392f39e170e3d072b8356e746208d0621)
2007-10-10r7970: This SMB signing code (merged from 3.0) turned out to be bogus.Andrew Bartlett1-8/+0
Andrew Bartlett (This used to be commit 817160ec1a85724c8bf482f128ea687396de0888)
2007-10-10r7969: It seems reasonable that our tickets be marked renewable, in theAndrew Bartlett1-0/+2
absense of an apparent AD flag to control this behaviour. Andrew Bartlett (This used to be commit 9886aa6f0e64cdb30774bfba3f2c683a3dbec9c4)
2007-10-10r7968: Pull the PAC from within GSSAPI, rather than only when using our ownAndrew Bartlett6-216/+278
'mock GSSAPI'. Many thanks to Luke Howard for the work he has done on Heimdal for XAD, to provide the right API hooks in GSSAPI. Next step is to verify the signatures, and to build the PAC for the KDC end. Andrew Bartlett (This used to be commit 2e82743c98e563e97c5a215d09efa0121854d0f7)
2007-10-10r7967: We don't have the ms_krb5 stuff any more.Andrew Bartlett1-1/+0
Andrew Bartlett (This used to be commit 56a5ccd7d924343609698b034b91b4891fb3f08a)
2007-10-10r7966: We need a better way to do this, but enable the KDC by default, if weAndrew Bartlett1-0/+4
have kerberos. Andrew Bartlett (This used to be commit 3d82b1417b9f2e31089cb8ee7e4f98bd226f2e75)
2007-10-10r7965: Remove the GENSEC password callback structure members, as these are noAndrew Bartlett2-5/+0
longer used. Andrew Bartlett (This used to be commit 14be7d95694dd7557af67dc94ee83a983d2f05f6)
2007-10-10r7958: More debian packaging updates; packages build now withJelmer Vernooij10-14/+23
a few minor issues. Move ldb manpages one level higher - there is no longer a need to have subdirectories. (This used to be commit e8e3524b2394f4107230715ea38fb619332e0251)
2007-10-10r7955: we should not free a struct which is passed as a parameter, to a functionStefan Metzmacher1-2/+0
the caller should free it this fixed a double free bug noticed by Дейтер Александр Валериевич <tiamat@komi.mts.ru>  metze (This used to be commit ee1a5d5419f4d79af5c447a6b397a0f4dc89310a)
2007-10-10r7943: Add 'make manpages', fix 'make installman' and 'make uninstallman'.Jelmer Vernooij12-91/+107
Not part of the "all" make target yet, as it requires xsltproc (This used to be commit fd3f4636438cf1d9c0dd802064033271b9e4d935)
2007-10-10r7941: fixed handling of ASN.1 objects bigger than 64kAndrew Tridgell1-1/+10
(This used to be commit f88a6018821163a52bdf384142c7d16f5011ab4e)
2007-10-10r7940: use local path first for ldbadd in provisioningAndrew Tridgell1-1/+1
(This used to be commit cff7507f593816a831a14f03862f7bdb24c15d4f)
2007-10-10r7939: fix default hostname in provisionAndrew Tridgell1-1/+1
(This used to be commit 79d174005e3508745ea8b0bda2321abd184bf68b)
2007-10-10r7937: main file was missingSimo Sorce3-527/+482
(This used to be commit 3898cdb0dc4722a7eb60a61b54ef778dab475aed)
2007-10-10r7936: new ldb_dn_explode and ldb_dn_casefold functions and coSimo Sorce7-86/+70
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
2007-10-10r7935: auth_unix now uses crypt(), so depend on -lcrypt.Andrew Bartlett1-1/+1
This builds on the work tridge did to make -lcrypt conditional, rather than globally linked. This was needed for Heimdal stuff, but then I 'fixed' heimdal, and we now reintroduce it here. Andrew Bartlett (This used to be commit 83d9d8f4827280a68dfd07beccf2924c9e0825b0)
2007-10-10r7934: ported samba3 pass_check functions to auth_unix.cSimo Sorce1-5/+332
not having these platforms they are untested, let's hope the buildfarm can catch any problem (This used to be commit 08ec299dcbdc8dba12568b95b636866f147b2e7c)
2007-10-10r7933: darn, forgot to add thisAndrew Tridgell1-0/+39
(This used to be commit 773f7afb7a99ae1f6df45dcf52cc358b52c0ba22)
2007-10-10r7932: don't use the nbt called name as server name, for dcerpc_server_name()Stefan Metzmacher1-9/+8
in the ncacn_np trnaport it's now supported to use the ip address in smbtorture for ncacn_np tests that use dcerpc_server_name(), and we can now pass the dns host name in the tree connect when we have the dns name on the smbtorture command line metze (This used to be commit e29edbc7e62c738564ae842c9c01c969f5c70e5d)
2007-10-10r7931: fixed a bug in the cifs backend found with the new test codeAndrew Tridgell1-1/+12
(This used to be commit 447d5fcc1bdbdeaf2d96dbcace36b480b5a18c73)
2007-10-10r7930: - added testing of the cifs passthru backendAndrew Tridgell1-8/+18
- removed redundent $ADDARG code in selftest (This used to be commit e431d0e9525c633c663ca48baea321369e39b226)
2007-10-10r7929: yet another attempt at fixing installswat on freebsd 5Andrew Tridgell1-1/+1
nodie assures me this works now ... (This used to be commit 3c17207487a84ac4f71a88e2efe57c153e9889b4)
2007-10-10r7928: Add rename, unlink and list commands.Tim Potter1-2/+139
list() returns a list of strings, but maybe it should be a list of objects with size, attrib, short name etc. (This used to be commit 696aa182d5a159c26b80829e1eae9a9894cb7986)
2007-10-10r7927: fixed an error on partial socket writes in the rpc serverAndrew Tridgell2-2/+2
(This used to be commit 3c7b5de67294ef161289af7da6716b44ffc5d526)
2007-10-10r7926: poptGetNextOpt() returns int, not charAndrew Tridgell1-1/+1
this was breaking ldbadd on some platforms (This used to be commit dd0ac3f68d709c0364d992673e76db73398c0369)
2007-10-10r7925: small tidyup (please keep lines at a reasonable length)Andrew Tridgell1-1/+2
(This used to be commit 0bfd91c32a62e651e81ce8d3b102158ec9c680fe)
2007-10-10r7924: Add mkdir() and rmdir() functions.Tim Potter1-2/+81
Write a macro to check tree handle parameters. (This used to be commit 043feb131f1877886a9ab7e25ada5e54692f6487)
2007-10-10r7923: removed dependence on Data::DumperAndrew Tridgell2-5/+0
please use util::MyDumper() rather than adding this back in (This used to be commit 155da538f91c28e845a60065f19b042bf8c167ff)
2007-10-10r7922: Comment out complicated connect/session/tree API for the moment. ReplaceTim Potter1-2/+83
with tree_connect() and tree_disconnect() functions. (This used to be commit 9ed763f7fa9e6138d8c1da29c1e0adf2e18cb5e1)
2007-10-10r7921: fixed newuser script (letting samldb module allocate the sid)Andrew Tridgell1-13/+0
(This used to be commit 45d08e94d27f837ab7788471b07e8c0c9b061c39)
2007-10-10r7920: another attempt at making installswat.sh portableAndrew Tridgell1-17/+13
(This used to be commit 46416ebd9d61038eff96ede77ca0823ea43923a6)
2007-10-10r7919: use more portable shell syntax for MALLOC_CHECK_Andrew Tridgell5-16/+6
(This used to be commit 694882ffa62ae88e43e78e8e496720575630e523)
2007-10-10r7918: fixed a crash bug in the ldap serverAndrew Tridgell1-1/+1
(This used to be commit 44ded17bc2501cd8d03fb3a94a3b7c502f5a2128)
2007-10-10r7917: macosx doesn't have a group called 'users'Andrew Tridgell1-0/+2
(This used to be commit 2b39736c35168b2e6b1ef094de4d83b604ea39f1)