Age | Commit message (Collapse) | Author | Files | Lines |
|
To do this some defines need to move to common_auth.h
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
By providing this context, a function pointer for
generate_session_info_pac() can be inserted into gensec, allowing the
s3 PAC processing in an otherwise more generic gensec module.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Kai Blin <kai@samba.org>
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
|
|
Method not present in Python 2.4
Reviewed-by: Jelmer
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Jan 10 00:41:59 CET 2012 on sn-devel-104
|
|
The class is not present in Python 2.4
Reviewed-by: Jelmer
|
|
This is useful to sync passwords from an AD domain.
$
$ source4/scripting/devel/repl_cleartext_pwd.py \
-Uadministrator%A1b2C3d4 \
172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName
# starting at usn[0]
dn: CN=Test User1,CN=Users,DC=bla,DC=base
cleartext_utf8: A1b2C3d4
displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA=
# up to usn[16449]
$
$ source4/scripting/devel/repl_cleartext_pwd.py \
-Uadministrator%A1b2C3d4
172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName
# starting at usn[16449]
# up to usn[16449]
$
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
|
|
These are defined in the krb5 abstraction headers elsewhere.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan 9 10:28:30 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
There can be multiple dns records for a specified record type.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Jan 6 02:41:22 CET 2012 on sn-devel-104
|
|
This fixes the problem when updating DNS record for '@' or domain name.
|
|
This allows gse_get_session_key() to work against Heimdal.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
"unix_to_nt_time()" which is based on "time_t" behaves differently for
literals > 32 bit on 32 and 64 bit platforms.
Reviewed-by: ekacnet
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
|
|
This gets the session key from gensec for usage in DRSUAPI.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 4 22:31:52 CET 2012 on sn-devel-104
|
|
metze
|
|
metze
|
|
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX,
pdc name is not in unc path form.
[MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form,
while NetbiosComputerName is not in unc form.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 4 20:06:14 CET 2012 on sn-devel-104
|
|
UNC path
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX,
pdc name is not in unc path form.
[MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form,
while NetbiosComputerName is not in unc form.
Bases on a patch from Matthias Dieter Wallnöfer <mdw@samba.org>.
metze
|
|
For LOGON_SAM_LOGON_RESPONSE and LOGON_SAM_LOGON_USER_UNKNOWN,
I assume all levels without _EX in the name, pdc name is
in unc path form.
[MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form,
while NetbiosComputerName is not in unc form.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 4 13:37:42 CET 2012 on sn-devel-104
|
|
name as UNC path
metze
|
|
This fixes the creation of session info from PAC, after changes
in gensec code.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Wed Jan 4 01:59:09 CET 2012 on sn-devel-104
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue Jan 3 08:20:02 CET 2012 on sn-devel-104
|
|
it's provision that comes from Windows replication
|
|
DnsProperty can have empty 'data' member. To parse Dnsproperty with
empty data, dnsp.idl has a hack as follows:
[switch_is(wDataLength?id:DSPROPERTY_ZONE_EMPTY)] dnsPropertyData data;
This implies, to set 'data' value, wDataLength has to be set to a non-zero
value first.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue Jan 3 05:26:32 CET 2012 on sn-devel-104
|
|
To check for the expected behaviour (DS_* flags). Always according to
MS-NRPC 2.2.1.2.1.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan 2 20:43:05 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jan 1 22:23:48 CET 2012 on sn-devel-104
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Dec 29 19:59:57 CET 2011 on sn-devel-104
|
|
This backend was incomplete, and we already have plenty of other backends.
|
|
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba.
Thankyou Simo for the suggestion.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Dec 29 14:14:06 CET 2011 on sn-devel-104
|
|
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba.
Thankyou Simo for the suggestion.
Andrew Bartlett
|
|
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba.
Thankyou Simo for the suggestion.
Andrew Bartlett
|
|
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba.
Thankyou Simo for the suggestion.
Andrew Bartlett
|
|
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba.
Thankyou Simo for the suggestion.
Andrew Bartlett
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Dec 29 05:37:11 CET 2011 on sn-devel-104
|
|
This makes the dependencies simpler, as this code path is no longer
required. (That is, it makes no sense to have an NTLM login without
an auth context, and the gensec_gssapi and gensec_krb5 modules call
the PAC blob function below instead).
Andrew Bartlett
|
|
This demonstrates how a different function pointer can be supplied
to handle the PAC blob, without depending on the provisioned samdb etc.
Andrew Bartlett
|
|
|
|
|
|
This uses a single callback to handle the PAC from the DATA_BLOB
format until it becomes a struct auth_session_info.
This allows a seperation between the GSS acceptor code and the PAC
interpretation code based on the supplied auth context.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Dec 29 01:10:59 CET 2011 on sn-devel-104
|
|
|