summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2012-01-12s4-kdc Do the KDC PAC checksum validation in the Samba pluginAndrew Bartlett6-44/+152
Here we can fetch the right key, and check if the PAC is likely to be signed by a key that we know. We cannot check the KDC signature on incoming trusts. Andrew Bartlett
2012-01-12s4-kdc: use IDL constant NETLOGON_GENERIC_KRB5_PAC_VALIDATEAndrew Bartlett1-1/+1
2012-01-12samba-tool:dns: DNS names are case insensitiveAmitay Isaacs1-3/+3
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Thu Jan 12 06:43:01 CET 2012 on sn-devel-104
2012-01-12s4-rpc:dnsserver: DNS names are case insensitiveAmitay Isaacs3-17/+17
2012-01-11s4:auth: Make sure to check the optional auth_context hooks before using themAndrew Bartlett1-18/+26
These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
2012-01-11gensec: Rename want_flags and got_flags in gensec_gssapiAndrew Bartlett1-26/+26
This make it clearer what type of flags these are. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11gensec: make gensec_gssapi.h commonAndrew Bartlett1-67/+0
This will make it easier to share elements of the GSSAPI gensec mechs, in much the same way elements of the NTLMSSP mech are shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11gensec: move gensec_util.c to the top levelAndrew Bartlett3-104/+1
To do this some defines need to move to common_auth.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-11auth: make auth4_context common to provide access to generate_session_info_pac()Andrew Bartlett1-52/+0
By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-10krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett1-4/+0
2012-01-10krb5: Require krb5_get_renewed_creds be available to build with krb5Andrew Bartlett1-1/+0
2012-01-10krb5: Remove now unused checks for krb5_verify_checksumAndrew Bartlett1-2/+0
2012-01-10krb5: Require krb5_c_enctype_compare is available to build with krb5Andrew Bartlett1-1/+0
2012-01-10s4:provision: add "+dns" to server services if the dns backend is SAMBA_INTERNALMichael Adam1-2/+7
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Jan 10 21:17:45 CET 2012 on sn-devel-104
2012-01-10s4:provision: add a server services line to the smb.conf template for the dcMichael Adam1-0/+2
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: add the possibility to provision "server services" in smb.confMichael Adam1-2/+9
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10s4:provision: improve a messageMichael Adam1-1/+1
Signed-off-by: Kai Blin <kai@samba.org>
2012-01-10samba: check for AES encryption type defines.Günther Deschner1-0/+2
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Jan 10 15:05:38 CET 2012 on sn-devel-104
2012-01-10s4:python tests __init__.py - do not depend on "subprocess.check_call()"Matthias Dieter Wallnöfer1-1/+4
Method not present in Python 2.4 Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Jan 10 00:41:59 CET 2012 on sn-devel-104
2012-01-09s4:python tests __init__.py - do not depend on "subprocess.CalledProcessError"Matthias Dieter Wallnöfer1-6/+11
The class is not present in Python 2.4 Reviewed-by: Jelmer
2012-01-09s4:scripting/devel: add repl_cleartext_pwd.py scriptStefan Metzmacher1-0/+377
This is useful to sync passwords from an AD domain. $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 \ 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[0] dn: CN=Test User1,CN=Users,DC=bla,DC=base cleartext_utf8: A1b2C3d4 displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA= # up to usn[16449] $ $ source4/scripting/devel/repl_cleartext_pwd.py \ -Uadministrator%A1b2C3d4 172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName # starting at usn[16449] # up to usn[16449] $ metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
2012-01-09s4-kerberos: remove some unused prototypes.Günther Deschner1-22/+0
These are defined in the krb5 abstraction headers elsewhere. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
2012-01-09s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()Stefan Metzmacher1-2/+3
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 9 10:28:30 CET 2012 on sn-devel-104
2012-01-06ntlmssp: merge initial packet implementationsAndrew Bartlett1-6/+25
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-06samba-tool:dns: Check through all the DNS records for a matchAmitay Isaacs1-16/+16
There can be multiple dns records for a specified record type. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Fri Jan 6 02:41:22 CET 2012 on sn-devel-104
2012-01-06s4-rpc:dnsserver: Do not replace @ with zone_name in update operationAmitay Isaacs1-1/+6
This fixes the problem when updating DNS record for '@' or domain name.
2012-01-05s3-librpc Use gsskrb5_get_subkey() where available to get the session keyAndrew Bartlett1-0/+1
This allows gse_get_session_key() to work against Heimdal. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-05s4:repl_meta_data LDB module - set "isRecycled" time correctlyMatthias Dieter Wallnöfer1-9/+8
"unix_to_nt_time()" which is based on "time_t" behaves differently for literals > 32 bit on 32 and 64 bit platforms. Reviewed-by: ekacnet Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Jan 5 11:59:20 CET 2012 on sn-devel-104
2012-01-04s4:pyrpc: add 'user_session_key' getter to the connection objectStefan Metzmacher2-1/+45
This gets the session key from gensec for usage in DRSUAPI. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 22:31:52 CET 2012 on sn-devel-104
2012-01-04s4:pygensec/tests: check that the client and server have the same session keyStefan Metzmacher1-1/+4
metze
2012-01-04s4:pygensec: add session_key() methodStefan Metzmacher1-0/+29
metze
2012-01-04LDAP-CLDAP: demonstrate that pdc name is not an unc pathStefan Metzmacher1-0/+9
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 20:06:14 CET 2012 on sn-devel-104
2012-01-04s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as ↵Matthias Dieter Wallnöfer1-0/+5
UNC path Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-04s4:cldap_server/netlogon.c: it is wrong to specify "\\" in front of the hostnameStefan Metzmacher1-2/+6
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX, pdc name is not in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. Bases on a patch from Matthias Dieter Wallnöfer <mdw@samba.org>. metze
2012-01-04LDAP-CLDAP: demonstrate that pdc name is an unc pathStefan Metzmacher1-0/+6
For LOGON_SAM_LOGON_RESPONSE and LOGON_SAM_LOGON_USER_UNKNOWN, I assume all levels without _EX in the name, pdc name is in unc path form. [MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form, while NetbiosComputerName is not in unc form. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 4 13:37:42 CET 2012 on sn-devel-104
2012-01-04s4:torture/nbt/dgram.c: NBT samlogon requests without _EX return the PDC ↵Stefan Metzmacher1-0/+22
name as UNC path metze
2012-01-04dlz_bind9: create session info from PAC using auth contextAmitay Isaacs1-7/+59
This fixes the creation of session info from PAC, after changes in gensec code. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Wed Jan 4 01:59:09 CET 2012 on sn-devel-104
2012-01-03upgradeprovision: do not hold references to messageElementsMatthieu Patou1-10/+17
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Tue Jan 3 08:20:02 CET 2012 on sn-devel-104
2012-01-03upgradeprovision: treat provision without oem attribute as quite recent, ↵Matthieu Patou1-1/+1
it's provision that comes from Windows replication
2012-01-03s4-provision: Fix the problem of DnsProperty values not being set correctlyAmitay Isaacs1-0/+7
DnsProperty can have empty 'data' member. To parse Dnsproperty with empty data, dnsp.idl has a hack as follows: [switch_is(wDataLength?id:DSPROPERTY_ZONE_EMPTY)] dnsPropertyData data; This implies, to set 'data' value, wDataLength has to be set to a non-zero value first. Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Jan 3 05:26:32 CET 2012 on sn-devel-104
2012-01-02s4:torture/rpc/netlogon.c - enhance the "DsRGetDCName*" testsMatthias Dieter Wallnöfer1-0/+96
To check for the expected behaviour (DS_* flags). Always according to MS-NRPC 2.2.1.2.1. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 2 20:43:05 CET 2012 on sn-devel-104
2012-01-02s4-provision: Fix tdbdump path lookup in make test.Andreas Schneider1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-01s4: Happy New Year 2012Stefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jan 1 22:23:48 CET 2012 on sn-devel-104
2011-12-29pyregistry: Remove directory support.Jelmer Vernooij1-32/+0
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Dec 29 19:59:57 CET 2011 on sn-devel-104
2011-12-29Remove the 'dir' registry backend.Jelmer Vernooij4-491/+1
This backend was incomplete, and we already have plenty of other backends.
2011-12-29s4-toture: Rename memory contexts in rpc.pac for greater clarityAndrew Bartlett1-13/+13
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 29 14:14:06 CET 2011 on sn-devel-104
2011-12-29s4-gensec: Rename memory contexts in gensec_util for greater clarityAndrew Bartlett1-2/+2
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec: Rename memory contexts in gensec_krb5 for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-gensec: Rename memory contexts in gensec_gssapi for greater clarityAndrew Bartlett1-16/+16
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
2011-12-29s4-auth: Rename memory contexts for greater clarityAndrew Bartlett2-10/+10
This should better follow the mem_ctx/tmp_ctx pattern used elsewhere in Samba. Thankyou Simo for the suggestion. Andrew Bartlett
generated by cgit (git 2.34.1) at 2024-07-06 00:13:03 +0000