summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10855: Put the domain SID in secrets.ldb by default, and add http as aAndrew Bartlett2-1/+2
default SPN alias. Andrew Bartlett (This used to be commit e4fe5802dae544f4dabf0c6d04a55be1144d8820)
2007-10-10r10854: talloc_get_type() can return NULL..Jelmer Vernooij1-0/+12
(This used to be commit 8f7070055fc577cb4234654420539c68992d9671)
2007-10-10r10853: Convert wbinfo -n to properly init the domain.Volker Lendecke3-401/+32
Volker (This used to be commit 512ae49270197146e5967acd654dd97452cf4e77)
2007-10-10r10852: Continuation-based programming can become a bit spaghetti...Volker Lendecke7-249/+665
Initialize a domain structure properly. Excerpt from wb_init_domain.c: /* * Initialize a domain: * * - With schannel credentials, try to open the SMB connection with the machine * creds. Fall back to anonymous. * * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon * pipe. * * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back * to schannel and then to anon bind. * * - With queryinfopolicy, verify that we're talking to the right domain * * A bit complex, but with all the combinations I think it's the best we can * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we * have a signed&sealed lsa connection on all of them. * * Is this overkill? In particular the authenticated SMB connection seems a * bit overkill, given that we do schannel for netlogon and ntlmssp for * lsa later on w2k3, the others don't do this anyway. */ Thanks to Jeremy for his detective work, and to the Samba4 team for providing such a great infrastructure. Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr with all we have. Volker (This used to be commit 3e69fdc07cd76b4bc01b032148609ee4b59b8be7)
2007-10-10r10849: Fix handling of [charset] for strings with fixed or "inline" sizeJelmer Vernooij1-6/+3
(This used to be commit 3c2558d11ec1d0b41e5b36b793d9e64db2e203b6)
2007-10-10r10848: Fix warningJelmer Vernooij1-1/+1
(This used to be commit 48d22a991024f19eccaa63848566b311524260c8)
2007-10-10r10847: Fix up new 'decrypt samlogon reply' routine to be more robust, and useAndrew Bartlett2-61/+37
it in the RPC-SAMLOGON test. Andrew Bartlett (This used to be commit 675b7df2eedbcb7ea89c0411f76429d8e2357222)
2007-10-10r10846: Create a "wbsrv_domain", change wb_finddcs to the style of the rest ↵Volker Lendecke6-200/+263
of the async helpers. Volker (This used to be commit 10585ba4e81e979a03aec747db6fc059978fa566)
2007-10-10r10845: Add new function to decrypt the session keys in samlogon responses.Andrew Bartlett1-0/+44
Andrew Bartlett (This used to be commit 6d24d8d12cdc64b180fd6277f0775e943f26e82b)
2007-10-10r10844: Add challenge-response authentication to Samba4's winbindd for VL.Andrew Bartlett3-1/+128
Plaintext should be simple, but I'm going to do some infrustructure work first. Andrew Bartlett (This used to be commit c9273729e4db4adc0061087fe7e0332e2bc24384)
2007-10-10r10843: ReformattingVolker Lendecke1-16/+26
(This used to be commit ecaa70f63b7f38a1daf8e33ded738107c5f6b53a)
2007-10-10r10842: Fix some issues with [out] unions that have a discriminator that is onlyJelmer Vernooij4-76/+37
[in] (This used to be commit 3a4086d6142fa73b3adb2d66b1bfc9cd2585f31d)
2007-10-10r10840: Fix indentationJelmer Vernooij1-1/+1
(This used to be commit 7877d436576a1e7c6b02347f87e3f7e14e683888)
2007-10-10r10839: Add some [ref] (required for ethereal and Samba3 parser generators)Jelmer Vernooij1-18/+20
(This used to be commit 5556deee30616396bbaf1182eca08bf1213c0860)
2007-10-10r10838: Get us an schannel'ed netlogon pipe.Volker Lendecke3-16/+130
Abartlet, now I think I need some assistance to implement the pam auth & crap auth calls. Volker (This used to be commit 90a30c8b6585ed48b50e6aed75f3ecfd3543bbdc)
2007-10-10r10836: giving NT_STATUS_NO_MEMORY, when the connection fails wasn't a good ↵Stefan Metzmacher1-1/+8
idea... metze (This used to be commit e7ee73a747a025a66ac6563172e51f160bc28e0a)
2007-10-10r10834: Work in progress on winbind. With some helper routines the composite ↵Volker Lendecke5-672/+478
functions start to look sane. Question: What about providing all winbind commands as irpc interfaces that are called from the samba3 compatibility layer? This way it would be easy for other samba components to access its functionality. Does that make sense? Volker (This used to be commit 2a6b8053859ea5690f90a8d2074d2bb4f06551f8)
2007-10-10r10832: free the old session infoStefan Metzmacher1-0/+5
metze (This used to be commit 16b2569788348ee3654557cf714ea3b204375c3c)
2007-10-10r10830: we should use the same name in all places:-)Stefan Metzmacher1-1/+1
metze (This used to be commit fbe8fd06b700b78f02b7f01fc2ad45eee419d216)
2007-10-10r10829: Documentation updatesJelmer Vernooij8-100/+180
Update TODO Some small fixes to the modules (This used to be commit 0c53e7c3cf7fd91fd34c48a5e68c1bcf70569854)
2007-10-10r10825: Complete wbinfo -nVolker Lendecke4-12/+388
(This used to be commit 1afa893506f3d7157e251eec9baeba28dc011587)
2007-10-10r10820: Use talloc_get_type as suggested by tridge.Andrew Bartlett2-7/+7
Andrew Bartlett (This used to be commit 9c511a16f829df5f177b94c7234875d4ec8afe52)
2007-10-10r10812: Fix capitalisation (thanks tridge).Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit f78982a0f1079b07be6d7bfd9cc0f92c2cebcf1c)
2007-10-10r10811: Revert accidental commit, I still need to finish the displayName andAndrew Bartlett1-55/+0
syntatical mapping work. Andrew Bartlett (This used to be commit 7ec5084f63148d748b6bc87d6817363b079eebe1)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett27-1179/+425
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10809: Add struct declAndrew Bartlett1-0/+2
(This used to be commit aa30c16de0405f43ed35a28764ef25e234f3b2a7)
2007-10-10r10807: Make the split-out files actually compile...Andrew Bartlett2-7/+7
Andrew Bartlett (This used to be commit a4282c14d5cf6b5eceb293d657c7cd5eaea89046)
2007-10-10r10806: Add missing file.Andrew Bartlett1-0/+35
(This used to be commit 9becd2c0d6ed8fe6de4b8bca0f2290f81fea28f7)
2007-10-10r10805: Move RPC-SAMLOGON to C99 initialisationAndrew Bartlett1-97/+97
Andrew Bartlett (This used to be commit 0f994275ce5d84bdb746524c5da7d9661fbadb63)
2007-10-10r10804: Move the DRSUAPI cracknames test into a seperate file, and collapseAndrew Bartlett3-1219/+719
the file size by converting it to a table-driven system. Andrew Bartlett (This used to be commit f5499877722d6c4636036325efb75d35aa853cc4)
2007-10-10r10803: Remove a duplicate krbtgt test, and add a test looking for theAndrew Bartlett1-10/+10
'support account'. This shows that we need to be searching on displayName, and probably CN too. Andrew Bartlett (This used to be commit 28194504951af22a76cf26f3de749cb448518bbc)
2007-10-10r10800: IndentAndrew Bartlett1-2/+2
(This used to be commit 057cede8b44e1b53f5d94a7270e9b6a90d50de4c)
2007-10-10r10796: Make getting an anonymous session info a utility function.Andrew Bartlett2-21/+27
Andrew Bartlett (This used to be commit 6021fa373405f8788dc216aae82a3f4a80df4ba7)
2007-10-10r10791: Add copyright, fix comments (this isn't the timestamps module any more)Andrew Bartlett1-3/+2
Andrew Bartlett (This used to be commit efdc6d834aecbf978f538365c72149fa7afe0828)
2007-10-10r10790: allow updating of existing ldb opaque values (thanks to abartlet forAndrew Tridgell1-1/+11
spotting this) (This used to be commit ef13569ca94da00cc410318e61505e70f3606674)
2007-10-10r10788: - Give unions a nameJelmer Vernooij2-2/+3
- Check initialisation function return value (This used to be commit ebb8e75ebd572d62bdb3615d41c210bcc918fa41)
2007-10-10r10787: Fix silly nodiscriminant-issueJelmer Vernooij2-1/+5
(This used to be commit 43a5c863bf81af9b8415b6ccf8a386c36d4fa7f9)
2007-10-10r10768: add a function to create a stream_connection from an alreadyStefan Metzmacher1-0/+33
existing socket connection, that's used for protocols which switch the client/server roles inside a session metze (This used to be commit d4b4d963353e6986da5b42680739329069f5affe)
2007-10-10r10766: - make it possible to mark a wrepl_request as send only,Stefan Metzmacher4-18/+137
used for WREPL_REPL_INFORM* messsages - make it possible to close the connection after a request was send used for WREPL_ASSOCIATION_STOP - fix the torture test that tests the assoc context handling between connections, you can issue a request and get the reply on another connection, I think we should not implement that in our server code, as I think it's a security hole, you can cause a windows server to send the replies to someone another client, that doesn't wait for data, and as there're no massage_id in the protocol the client would be confused by a replies that doesn't belong to a query metze (This used to be commit dfc95de8fa7ded8ea92cafe58cf86efcc7920156)
2007-10-10r10765: Actually use VALS() setting for enumsJelmer Vernooij1-21/+21
(This used to be commit 6b33e3eedd13ade5c7c9f4b5062e8b8f919fe39c)
2007-10-10r10764: To match Win2k3 SP1, we need to set an anonymous user token forAndrew Bartlett3-13/+24
schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett (This used to be commit 1c3911374ec65e4770c2fe9109d7b7d3ecd99f6a)
2007-10-10r10763: PROOF of the single, easily understood cause of all of our schannel ↵Andrew Bartlett1-4/+87
PAIN! This test currently passes against Win2k3 SP0, but not SP1. The problem was not a convoluted series of changes in policy handles, but a simple rule that schannel logins would be regarded as ANONYMOUS not SYSTEM. Andrew Bartlett (This used to be commit e843a7fcba496b91b014ec1bff2f2dfb2a2fcdb1)
2007-10-10r10761: we need to use a pointer to a nbt_name to fix compiler warnings, ↵Stefan Metzmacher3-19/+25
because we can only use a pointers to unknown types in proto.h metze (This used to be commit 2f46e54e1bcf43f1bee062ff9a21e646cc3676e9)
2007-10-10r10760: remove only one star from the pointers, and not from the stars thatStefan Metzmacher1-1/+3
come from the array nesting this fixes a compiler warning and but in the eventlog.h, where the idl uses nstring strings[num_strings] metze (This used to be commit c4a252bd4678ef991705aaaf91c03c697f2f568e)
2007-10-10r10759: make modules easier to write by allowing modules to only implement theAndrew Tridgell8-248/+78
functions they care about, instead of all functions. This also makes it more likely that future changes to ldb will not break existing modules (This used to be commit 45f0c967b58e7c1b2e900a4d74cfde2a2c527dfa)
2007-10-10r10757: remove the proxy module (it is not complete yet)Andrew Tridgell1-1/+0
(This used to be commit 3c5f3032fcb092545580b986e0ce58bb49e4d9cb)
2007-10-10r10756: another fix for the construction of expressions from subtrees forAndrew Tridgell1-4/+6
SUBSTRING searches. This time fix multi-part substring searches. (This used to be commit bf5cef6f00466fc1dc3c2864a109f1ccd92681b0)
2007-10-10r10755: fixed the construction of expressions from subtrees for SUBSTRING ↵Andrew Tridgell1-1/+8
searches (This used to be commit 71c06778d4a3ac1ca4198071ae3351acdc0656d9)
2007-10-10r10754: fixed a valgrind error for unmatched SMB repliesAndrew Tridgell1-3/+3
(This used to be commit b714ab64fd79d5cabc39779774fae7c3861a84da)
2007-10-10r10753: don't require every ldb module to implement both a search_bytree() andAndrew Tridgell18-237/+95
a search() function, instead each module now only implements the bytree method, and the expression based search is handled generically by the modules code. This makes for more consistency and less code duplication. fixed the tdb backend to handle BASE searches much more efficiently. They now always only lookup one record, regardless of the search expression (This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
generated by cgit (git 2.34.1) at 2024-07-08 17:11:41 +0000