summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2012-01-11gensec: move gensec_util.c to the top levelAndrew Bartlett3-104/+1
To do this some defines need to move to common_auth.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11auth: make auth4_context common to provide access to generate_session_info_pac()Andrew Bartlett1-52/+0
By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-10krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett1-4/+0
2012-01-10krb5: Require krb5_get_renewed_creds be available to build with krb5Andrew Bartlett1-1/+0
2012-01-10krb5: Remove now unused checks for krb5_verify_checksumAndrew Bartlett1-2/+0
2012-01-10krb5: Require krb5_c_enctype_compare is available to build with krb5Andrew Bartlett1-1/+0
2012-01-10s4:provision: add "+dns" to server services if the dns backend is SAMBA_INTERNALMichael Adam1-2/+7
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104
2012-01-10s4:provision: add a server services line to the smb.conf template for the dcMichael Adam1-0/+2
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: add the possibility to provision "server services" in smb.confMichael Adam1-2/+9
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: improve a messageMichael Adam1-1/+1
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10samba: check for AES encryption type defines.Günther Deschner1-0/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
2012-01-10s4:python tests __init__.py - do not depend on "subprocess.check_call()"Matthias Dieter Wallnöfer1-1/+4
Method not present in Python 2.4 Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Jan 10 00:41:59 CET 2012 on sn-devel-104
2012-01-09s4:python tests __init__.py - do not depend on "subprocess.CalledProcessError"Matthias Dieter Wallnöfer1-6/+11
The class is not present in Python 2.4 Reviewed-by: Jelmer
2012-01-09s4:scripting/devel: add repl_cleartext_pwd.py scriptStefan Metzmacher1-0/+377
This is useful to sync passwords from an AD domain. $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 \ 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[0] dn: CN=Test User1,CN=Users,DC=bla,DC=base cleartext_utf8: A1b2C3d4 displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA= # up to usn[16449] $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[16449] # up to usn[16449] $ metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
2012-01-09s4-kerberos: remove some unused prototypes.Günther Deschner1-22/+0
These are defined in the krb5 abstraction headers elsewhere. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
2012-01-09s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()Stefan Metzmacher1-2/+3
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 10:28:30 CET 2012 on sn-devel-104
2012-01-06ntlmssp: merge initial packet implementationsAndrew Bartlett1-6/+25
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06samba-tool:dns: Check through all the DNS records for a matchAmitay Isaacs1-16/+16
There can be multiple dns records for a specified record type. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Fri Jan 6 02:41:22 CET 2012 on sn-devel-104
2012-01-06s4-rpc:dnsserver: Do not replace @ with zone_name in update operationAmitay Isaacs1-1/+6
This fixes the problem when updating DNS record for '@' or domain name.
2012-01-05s3-librpc Use gsskrb5_get_subkey() where available to get the session keyAndrew Bartlett1-0/+1
This allows gse_get_session_key() to work against Heimdal. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s4:repl_meta_data LDB module - set "isRecycled" time correctlyMatthias Dieter Wallnöfer1-9/+8
"unix_to_nt_time()" which is based on "time_t" behaves differently for literals > 32 bit on 32 and 64 bit platforms. Reviewed-by: ekacnet Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
2012-01-04s4:pyrpc: add 'user_session_key' getter to the connection objectStefan Metzmacher2-1/+45
This gets the session key from gensec for usage in DRSUAPI. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 22:31:52 CET 2012 on sn-devel-104
2012-01-04s4:pygensec/tests: check that the client and server have the same session keyStefan Metzmacher1-1/+4
metze
2012-01-04s4:pygensec: add session_key() methodStefan Metzmacher1-0/+29
metze
2012-01-04LDAP-CLDAP: demonstrate that pdc name is not an unc pathStefan Metzmacher1-0/+9
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 20:06:14 CET 2012 on sn-devel-104
2012-01-04s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as ↵Matthias Dieter Wallnöfer1-0/+5
UNC path Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-04s4:cldap_server/netlogon.c: it is wrong to specify "\\" in front of the hostnameStefan Metzmacher1-2/+6
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. Bases on a patch from Matthias Dieter Wallnöfer <mdw@samba.org>. metze
2012-01-04LDAP-CLDAP: demonstrate that pdc name is an unc pathStefan Metzmacher1-0/+6
For LOGON_SAM_LOGON_RESPONSE and LOGON_SAM_LOGON_USER_UNKNOWN, I assume all levels without _EX in the name, pdc name is in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 13:37:42 CET 2012 on sn-devel-104
2012-01-04s4:torture/nbt/dgram.c: NBT samlogon requests without _EX return the PDC ↵Stefan Metzmacher1-0/+22
name as UNC path metze
2012-01-04dlz_bind9: create session info from PAC using auth contextAmitay Isaacs1-7/+59
This fixes the creation of session info from PAC, after changes in gensec code. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Wed Jan 4 01:59:09 CET 2012 on sn-devel-104
2012-01-03upgradeprovision: do not hold references to messageElementsMatthieu Patou1-10/+17
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Tue Jan 3 08:20:02 CET 2012 on sn-devel-104
2012-01-03upgradeprovision: treat provision without oem attribute as quite recent, ↵Matthieu Patou1-1/+1
it's provision that comes from Windows replication
2012-01-03s4-provision: Fix the problem of DnsProperty values not being set correctlyAmitay Isaacs1-0/+7
DnsProperty can have empty 'data' member. To parse Dnsproperty with empty data, dnsp.idl has a hack as follows: [switch_is(wDataLength?id:DSPROPERTY_ZONE_EMPTY)] dnsPropertyData data; This implies, to set 'data' value, wDataLength has to be set to a non-zero value first. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Jan 3 05:26:32 CET 2012 on sn-devel-104
2012-01-02s4:torture/rpc/netlogon.c - enhance the "DsRGetDCName*" testsMatthias Dieter Wallnöfer1-0/+96
To check for the expected behaviour (DS_* flags). Always according to MS-NRPC 2.2.1.2.1. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 2 20:43:05 CET 2012 on sn-devel-104
2012-01-02s4-provision: Fix tdbdump path lookup in make test.Andreas Schneider1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-01s4: Happy New Year 2012Stefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jan 1 22:23:48 CET 2012 on sn-devel-104
2011-12-29pyregistry: Remove directory support.Jelmer Vernooij1-32/+0
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Dec 29 19:59:57 CET 2011 on sn-devel-104
2011-12-29Remove the 'dir' registry backend.Jelmer Vernooij4-491/+1
This backend was incomplete, and we already have plenty of other backends.
2011-12-29s4-toture: Rename memory contexts in rpc.pac for greater clarityAndrew Bartlett1-13/+13
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 14:14:06 CET 2011 on sn-devel-104
2011-12-29s4-gensec: Rename memory contexts in gensec_util for greater clarityAndrew Bartlett1-2/+2
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec: Rename memory contexts in gensec_krb5 for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec: Rename memory contexts in gensec_gssapi for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-auth: Rename memory contexts for greater clarityAndrew Bartlett2-10/+10
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec remove auth_session dep from gensec_gssapi.cAndrew Bartlett1-1/+1
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 05:37:11 CET 2011 on sn-devel-104
2011-12-29s4-gensec Remove fallback for simple privilegesAndrew Bartlett1-6/+2
This makes the dependencies simpler, as this code path is no longer required. (That is, it makes no sense to have an NTLM login without an auth context, and the gensec_gssapi and gensec_krb5 modules call the PAC blob function below instead). Andrew Bartlett
2011-12-29s4-torture: Demonstrate handling of the PAC in a custom auth_contextAndrew Bartlett3-62/+85
This demonstrates how a different function pointer can be supplied to handle the PAC blob, without depending on the provisioned samdb etc. Andrew Bartlett
2011-12-29s4-gensec: Pass the auth context in during gensec testAndrew Bartlett1-2/+3
2011-12-29s4-pyauth: Make sure event context allows nestingAndrew Bartlett1-1/+2
2011-12-29s4-gensec: Move parsing of the PAC blob and creating the session_info into authAndrew Bartlett8-169/+247
This uses a single callback to handle the PAC from the DATA_BLOB format until it becomes a struct auth_session_info. This allows a seperation between the GSS acceptor code and the PAC interpretation code based on the supplied auth context. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 01:10:59 CET 2011 on sn-devel-104
2011-12-29s4-gensec: fix cyrus sasl module after update() protype changeAndrew Bartlett1-0/+1