summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11271: Fix a warning and an infinite recursionVolker Lendecke1-2/+3
(This used to be commit 7bc855359a82010fefa9fd1d4c719292bfc83528)
2007-10-10r11270: Move the core CrackNames code from rpc_server/drsuapi to dsdb/samdb.Andrew Bartlett9-165/+143
I'm sure this will not be the final resting place, but it will do for now. Use the cracknames code in auth/ for creating a server_info given a principal name only (should avoid assumtions about spliting a user@realm principal). Andrew Bartlett (This used to be commit c9d5d8e45dd7b7c99b6cf35b087bc18012f31222)
2007-10-10r11267: Fix a memleak and an uninitialized variable. Andrew Bartlett, this ↵Volker Lendecke1-4/+5
was the one I sent to you. Sorry for bothering you. Volker (This used to be commit 3a9f2291ae6e96a715f463899957c6c598fc7627)
2007-10-10r11265: add a bunch of owned vs. replica conflict testsStefan Metzmacher1-0/+1414
metze (This used to be commit c8d3c2f1a1231de49bca1a72e696a833366a0493)
2007-10-10r11264: Winbind does not rely on the hostname resolution mechanisms ofVolker Lendecke1-1/+5
composite_connect, so in io.in.dest_host I'm setting the IP address. Gensec does not like that as a target hostname, so if a called name is present, use that. So we can session setup using kerberos now. Volker (This used to be commit c26b432c27954c8dc6ac8e702bd5e34a351d15bd)
2007-10-10r11263: Some cleanupVolker Lendecke1-133/+38
(This used to be commit 4fe3c9871bff512a464c688a5f6fdb37387833ed)
2007-10-10r11262: Try to get the equivalent of a subcontext in pidl ethereal conformanceTim Potter2-0/+6
files working. It doesn't quite work though. (-: This patch also allows a struct.field format to be used in an IMPORT statement instead of a type name. Jelmer, what do you think? (This used to be commit d770f853475d12a33d23fc86ab30223dfde22dd7)
2007-10-10r11261: Rename access_required field in winreg idl to access_mask so it matchesTim Potter4-16/+16
the other interfaces. (This used to be commit 8eb582b5780188b6304c560b3e84fd7d75c483f8)
2007-10-10r11260: Delete a leftover scons file.Tim Potter1-21/+0
(This used to be commit 7b750a785bd2c77f4a299a5cb77a2c456b9c6610)
2007-10-10r11259: Map system_name and handle fields to new hf fields.Tim Potter1-0/+40
(This used to be commit 9be707bc4d07ef47f332ef5019549044bc239e03)
2007-10-10r11258: Dissect all access_required fields as hex using the same hf.Tim Potter1-1/+10
(This used to be commit 4365462dc62d78eb433748262c5ca7feb16be785)
2007-10-10r11257: Add and use output functionJelmer Vernooij3-145/+128
(This used to be commit 734da63a4e7ff44d9417066300383bbf7cd08d8f)
2007-10-10r11254: Remove support for [TARGET:foo]-like .mk-file entriesJelmer Vernooij2-25/+0
(it is already possible to include verbatim make data) (This used to be commit 21e355d031c6233ed0f40207d716987931927c6c)
2007-10-10r11252: Make makefile.pm OO and descend from envJelmer Vernooij3-126/+127
(This used to be commit c53b32e0932ef6c048f8aec23ec6df2fe66a7887)
2007-10-10r11250: Fix a couple of issues in the heimdal/ dirs.Jelmer Vernooij1-2/+1
(This used to be commit f76374eba7d45b8ff2625914344e4b31ecdeca1d)
2007-10-10r11249: More OpenBSD make fixes...Jelmer Vernooij3-3/+8
(This used to be commit 118e3bc507b2694f7e5ea191950626931d8ebf29)
2007-10-10r11248: Fix anon fallback with spnegoVolker Lendecke1-0/+5
(This used to be commit 13ebdea11532f4810d01095a54d430c36c91d826)
2007-10-10r11247: Add environment classJelmer Vernooij3-85/+123
(This used to be commit 90c3f8b3beda525b700688fc4d6ed0584ff2e27c)
2007-10-10r11246: Another fix for OpenBSD's makeJelmer Vernooij1-2/+2
(This used to be commit f04072f7a9fe341efced4aff57cc061cf789d5bd)
2007-10-10r11245: Hopefully fix heimdal build on some hostsJelmer Vernooij2-2/+2
Fix manpage locations (This used to be commit 33c71c0fb13b55741f1b1fffc8945ccda6f3bf51)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij58-1388/+1406
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11243: length and size can now be filled in automatically.Jelmer Vernooij2-12/+3
(This used to be commit 99444c129d08fe3e3e381b04c2da5ea5c9c10270)
2007-10-10r11241: - fix compiler warningStefan Metzmacher1-2/+2
- fix comment metze (This used to be commit 4f999625a164e58b87d915bbb2914038ea96162a)
2007-10-10r11239: Use ${REALM} for the realm in rootdse.ldifAndrew Bartlett8-100/+740
Add the kpasswd server to our KDC, implementing the 'original' and Microsoft versions of the protocol. This works with the Heimdal kpasswd client, but not with MIT, I think due to ordering issues. It may not be worth the pain to have this code go via GENSEC, as it is very, very tied to krb5. This gets us one step closer to joins from Apple, Samba3 and other similar implementations. Andrew Bartlett (This used to be commit ab5dbbe10a162286aa6694c7e08de43b48e34cdb)
2007-10-10r11226: Cope with Samba3's behaviour on LDAP with GSS-SPNEGO.Andrew Bartlett1-2/+3
Andrew Bartlett (This used to be commit 4d9667f5a037eb15f6f0e4329314a37f148e9db7)
2007-10-10r11225: Remove pointless goto.Andrew Bartlett1-2/+0
Andrew Bartlett (This used to be commit 30f4ece4d2e55d2d50061f74a491d3f77551a6ae)
2007-10-10r11223: Only pass around the ldb handle (make this code easier to seperateAndrew Bartlett1-21/+21
into a general lib). Andrew Bartlett (This used to be commit e3abbfca4ae3c06f34774edab5ed38ebd5ebc097)
2007-10-10r11222: Small provision fixes: canonicalName is now generated, and the DC=Andrew Bartlett2-2/+1
list should be from the dnsdomain (ie lowercae). Andrew Bartlett (This used to be commit 10d692a1c216134b301b5851ce1e71ed93cc6164)
2007-10-10r11221: I don't quite know how I tested this before, but clearly I didn't.Andrew Bartlett1-3/+4
The samdb_set_password_sid helper function now works. Andrew Bartlett (This used to be commit 629595f27c3f721c4b317df871814ac5ba06be9c)
2007-10-10r11220: Add the ability to handle the salt prinicpal as part of theAndrew Bartlett5-29/+51
credentials. This works with the setup/secrets.ldif change from the previous patch, and pretty much just re-invents the keytab. Needed for kpasswdd work. Andrew Bartlett (This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
2007-10-10r11219: Now that we have the credentials hooked in here, we have a much moreAndrew Bartlett1-1/+10
reasonable value to fill in for the mechListMIC. Andrew Bartlett (This used to be commit 51d78de2b79f4ab75c86c3255c23a478c6822a0e)
2007-10-10r11218: Always return the mutual authentication reply (needed for kpasswd),Andrew Bartlett2-45/+13
and remove now duplicated unwrap_pac(). Andrew Bartlett (This used to be commit 90642d54e02e09edc96b9498e66befda20dbb68d)
2007-10-10r11217: Ensure the realm is substituted in UPPER case.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 0c29f0e30d64be09baad792eb2850aa0b8fa9981)
2007-10-10r11216: Upgrade to gd's PAC extraction code from Samba3. While I still wantAndrew Bartlett4-47/+140
to make some this the kerberos library's problem, we may as well use the best code that is around. Andrew Bartlett (This used to be commit a7fe3078a65f958499779f381731b408f3e6fb1f)
2007-10-10r11215: Remove no-op prompter intended to work around bugs in old kerberos libs.Andrew Bartlett1-27/+1
I'm also worried this might cause loops, if we get a 'force password change', and the prompter tries to 'deal with it'. Andrew Bartlett (This used to be commit 5bc10c4e472b45c5b5b0ea0c3dd100be6f4dabca)
2007-10-10r11214: Remove scons files (see ↵Jelmer Vernooij53-1243/+0
http://lists.samba.org/archive/samba-technical/2005-October/043443.html) (This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
2007-10-10r11212: Enable sealing of data with raw krb5, consolidate some code into theAndrew Bartlett1-61/+63
main gensec_krb5_start and always ask for sequence numbers. Andrew Bartlett (This used to be commit 801cd6c6ffa96ac79eb425adf7c97eb2cfcbed4a)
2007-10-10r11211: Append an error message to COL_INFO if the RPC call returned an error.Tim Potter1-2/+8
(This used to be commit b70dd7a757e7341d90c89dffa7e1c4eab790020a)
2007-10-10r11210: Log registry open function name when starting hive tests.Tim Potter1-6/+12
(This used to be commit 3416a6d78f205f9d3fd73161cbed6dcd9c2bfdf8)
2007-10-10r11209: We can't read the priorSecret unless we ask for it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit ee9a93688d31d8da91b81e9b0f6fac3fa4894c13)
2007-10-10r11208: Add DNS entries for finding the kpasswd server to the default zone.Andrew Bartlett1-0/+7
Andrew Bartlett (This used to be commit 7e01ff11fdcd70b54e30b438076bf1293638c61e)
2007-10-10r11207: Correct principal search defineAndrew Bartlett1-1/+1
(This used to be commit 90cf4f8e1a1051a58635e126d56118701875bc5d)
2007-10-10r11206: It appears to me that any account may operate as a server.Andrew Bartlett1-1/+5
Andrew Bartlett (This used to be commit 3b6c9c7cbc1d5c4dd32d3c1db18ddbccbb8cf17a)
2007-10-10r11205: Another test for cracknames.Andrew Bartlett1-1/+10
Andrew Bartlett (This used to be commit 3810282a24b8aea36627f43321e76f34057e3135)
2007-10-10r11204: Allow us to read credentials from secrets.ldb without aAndrew Bartlett1-6/+2
secureChannelType (non machine join records). Andrew Bartlett (This used to be commit 3dddf497ccf246af435e6e2802d8f3745f2e4fd3)
2007-10-10r11203: Use different variable names to make it easier to tell which assert ↵Andrew Bartlett1-4/+4
fired. Andrew Bartlett (This used to be commit df6a40c2d261804f1cd4feb24572135a4c62a802)
2007-10-10r11202: Add more structs to structs.hAndrew Bartlett1-0/+3
(This used to be commit b0f11d85214fe83a8ce738cfa597f5cf9f5d3897)
2007-10-10r11201: New filters for searching in secrets.ldbAndrew Bartlett1-1/+3
Andrew Bartlett (This used to be commit b48c6df60c15ee6134a49d163bed90ea8b85550b)
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett17-286/+389
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r11199: Push an objectSid into the schannel state database, to match the new ↵Andrew Bartlett1-10/+2
header. Andrew Bartlett (This used to be commit a665b56085cbf89c6deaeef0deaed31fcbc07458)