summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2008-09-03Implement NETLOGON PAC verfication on the server-sideAndrew Bartlett6-38/+164
This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
2008-09-03Merge krb5_cksumtype_to_enctype from Heimdal svn -r 23719Andrew Bartlett1-32/+70
(This used to be commit cc1df3c002e6af25add3c8ae20e7efc2ab6f2fa8)
2008-09-03Test a few more error cases in RPC-PACAndrew Bartlett1-2/+179
(This used to be commit 50502b3b8faf89cf5ad396102f4fe80eaa213908)
2008-09-02Start testing CreateTrustedDomainEx2Andrew Bartlett1-1/+108
Andrew Bartlett (This used to be commit 91ae8dca254aa8c032daf0c87fa2a47760d32586)
2008-09-02Share IDL between the LSA and drsblob representations of trustsAndrew Bartlett2-41/+51
(This used to be commit e5520706c88911c66b3ce5817e371900212ca083)
2008-09-01Follow MS-LSAD 3.1.4.7.12 and set defaults when creating a trust.Andrew Bartlett2-3/+24
Also check we get the defaults correct with a query in the torture suite. Andrew Bartlett (This used to be commit b55a1b63cc2f7de889f046e975e3414bc5000613)
2008-08-30Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell540-38311/+51243
(This used to be commit f008c3b6ee324056fd9b63f6151ad6849640c959)
2008-08-30Add a setexpiry operation in samdb.pyAndrew Tridgell9-102/+233
This makes it easy to set the expiry (or no expiry) for a samdb user (This used to be commit 25171f18a4b242b5a731f4ac1eefc51cc82efd74)
2008-08-30added a simple script for setting password expiryAndrew Tridgell1-0/+44
(This used to be commit cf37126ac7b833a3a739b151157c296afc0c979c)
2008-08-29Start implementing the server-sde NETLOGON PAC verification.Andrew Bartlett1-1/+46
(This used to be commit 8741e8fee619cccd84f2f10e00426df1d4f34074)
2008-08-29It turns out that the Netlogon PAC verification is encrypted.Andrew Bartlett3-3/+12
This test now passes against Win2k3, and a implementation in the Samba4 server should follow shortly. Andrew Bartlett (This used to be commit c6b8ba893dd3ed90bca32c0ae89fd33be729c238)
2008-08-28Further rework the RPC-PAC test.Andrew Bartlett2-35/+16
This would seem to match the documentation requirements for the PAC verfication over NETLOGON, but I can't get Win2k3 to accept it so far. Andrew Bartlett (This used to be commit acfa87f3411a61bdd9066fbbba2bcfbe2a60cbbe)
2008-08-28Heimdal provides Kerberos PAC parsing routines. Use them.Andrew Bartlett6-129/+243
This uses Heimdal's PAC parsing code in the: - LOCAL-PAC test - gensec_gssapi server - KDC (where is was already used, the support code refactored from here) In addition, the service and KDC checksums are recorded in the struct auth_serversupplied_info, allowing them to be extracted for validation across NETLOGON. Andrew Bartlett (This used to be commit 418b440a7b8cdb53035045f3981d47b078be6c1e)
2008-08-28Don't wipe the PAC checksums, the caller may actually need them.Andrew Bartlett1-14/+0
(This used to be commit 9db5a966fce0b71a0d2167b4aff70cc081abc1cc)
2008-08-27Add missing file - netlogon.hAndrew Bartlett1-0/+6
This file allows the remote_pac.c code to call into netlogon.c's setup credentials code. Andrew Bartlett (This used to be commit 0343987cf18c1287d98ae542d397ab1fab0a04b7)
2008-08-27Add a test to explore Netlogon PAC validationAndrew Bartlett8-9/+263
However, I have still not figured out this protocol yet, and the docs are rather unclear... :-( Andrew Bartlett (This used to be commit d878643071a1477435a267e2944461d367cdfa79)
2008-08-27Put the internal gensec_gssapi state into a header.Andrew Bartlett2-43/+69
This will allow a torture suite to inspect some otherwise internal details. Andrew Bartlett (This used to be commit 9701149ef75f9771f42000e2b6f44963abfee938)
2008-08-27Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett509-37923/+49820
(This used to be commit 32143287c7eb452c6ed9ccd15e8cd4e5a907b437)
2008-08-27Add definition for NT_STATUS_DOWNGRADE_DETECTEDAndrew Bartlett2-0/+2
(This used to be commit f6e227b72bb56d12cb270d76f7f458136c4ca160)
2008-08-26heimdal: add missing heimdal/lib/hcrypto/{evp-aes-cts.c,evp-hcrypto.c}, sorry...Stefan Metzmacher2-0/+453
metze (This used to be commit 0c4227e45d6b8e31a0219358042318e9d2a0b36d)
2008-08-26heimdal_build: include heimdal's new EVP code to fix the buildStefan Metzmacher2-1/+6
metze (This used to be commit f454342d48e1dce7dff0bcff246c7237bed94fd5)
2008-08-26heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patchesStefan Metzmacher465-1953/+2747
This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo. metze (This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53)
2008-08-26heimdal_build: fix parse.h lex.c dependenciesStefan Metzmacher1-15/+12
metze (This used to be commit dbfbd1b018f7c29dde2e291cbb7bb54bf147a10e)
2008-08-26heimdal_build: autogenerate the heimdal private/proto headersStefan Metzmacher14-8824/+452
Now it's possible to just use a plain heimdal tree in source/heimdal/ without any pregenerated files. metze (This used to be commit da333ca7113f78eeacab4f93b401f075114c7d88)
2008-08-26heimdal_build: autogenerate table files in heimdal/lib/wind/Stefan Metzmacher33-26563/+46096
metze (This used to be commit f4cfba26aebb18fecdb50478bec9c07d4910ab3b)
2008-08-26heimdal_build: autogenerate heimdal/lib/roken/roken.hStefan Metzmacher1-0/+10
metze (This used to be commit 3ab59dc66fe2d40533a66ff786d0b2373eea1ab8)
2008-08-26heimdal_build: add fallback for AC_WARNING_ENABLE()Stefan Metzmacher2-1/+3
metze (This used to be commit 8d6d96898dcc948aa0ee004eaeb48dc847946361)
2008-08-26heimdal: remove unused old filesStefan Metzmacher3-510/+0
metze (This used to be commit 94cef56212d7d7c1150aea760dba24bda7190442)
2008-08-26heimdal_build: split heimdal/lib/asn1 file listsStefan Metzmacher1-14/+12
metze (This used to be commit d3e939bf75fb85cf0eb3551856e161e3e58c0031)
2008-08-26heimdal_build: split handwritten and generated hx509 file listsStefan Metzmacher1-3/+6
metze (This used to be commit 848067033c40c3a4681f196ac5da289cd488d962)
2008-08-26heimdal_build: split out gssapi_spnego and gssapi_krb5 file listsStefan Metzmacher1-51/+57
metze (This used to be commit 95135ade447e04329afa7581c66c4df8de63ca24)
2008-08-26heimdal_build: add a fake sqlite keytab implementationStefan Metzmacher2-2/+21
This remove a difference against lorikeet-heimdal. metze (This used to be commit 4314df3561dfe60228db0af220549300b0137c85)
2008-08-26heimdal_build: split glue.c into krb5 and gssapi partsStefan Metzmacher3-20/+33
metze (This used to be commit 1c7bb21bd85900206e9ad831bc4795c1f765a9aa)
2008-08-26kdc: move references to heimdal internals into heimdal_build/kpasswd-glue.hStefan Metzmacher2-2/+4
metze (This used to be commit 65057f17b0d9e83f1b775afdeb7ea91ce0e52cd1)
2008-08-26Revert "gsskrb5: add support for DCE_STYLE and des and des3 keys"Stefan Metzmacher2-64/+22
This reverts commit 86848dd0f217774faed81af8fbf68618013e20a1. This should come back via a merge from heimdal's trunk later. metze (This used to be commit 585e5360e2d9f722e80850eb86c3d4253530e8ba)
2008-08-26Revert "gsskrb5: always return an acceptor subkey"Stefan Metzmacher1-18/+4
This reverts commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8. This isn't strictly needed and will come back in the next merge from heimdal's trunk. metze (This used to be commit 8ed040c8c4bed082ab74ab267090b35bb57db3f3)
2008-08-26build: generate :: rules for automatic dependenciesStefan Metzmacher1-2/+2
metze (This used to be commit 66d8da17a4c3543e133452f9a87702a2a8fb609c)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett1-2/+3
(This used to be commit 2a1adaa759d9201670519b3938109e13c0476a83)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett11-173/+802
(This used to be commit d7db5fe161429163a19d18c7e3045939897b9b2a)
2008-08-26Don't use lsa_Delete any more, as smbd now refuses it.Andrew Bartlett1-2/+3
(This used to be commit 8e1285a1ee60e3d3b7352ab7269d535c41916b46)
2008-08-26Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into pac-verifyAndrew Bartlett136-2905/+4835
(This used to be commit b706708210a05d6f10474a3cd2bbc550704d4356)
2008-08-26More LSA server and testuite work.Andrew Bartlett2-8/+63
- Implement QueryDomainInformationPolicy in Samba4 - Allow RPC-LSA to pass against Windows 2008 (which does not allow the Audit privilage to be removed) Andrew Bartlett (This used to be commit d94c7bbcd6eee6d975eac32a1d172f4164c97137)
2008-08-26Make RPC-LSA test deterministic with an msleep(200).Andrew Bartlett1-5/+8
(This used to be commit 914e1865aa9fba417f74a3abdd8b4b2659feb001)
2008-08-26Implement matching logic to Windows 2008 on handling of secrets.Andrew Bartlett1-16/+8
This is enforced by the new RPC-LSA test. Andrew Bartlett (This used to be commit da200ac64485fd9531b1aa048570c682b680b012)
2008-08-26Fix LSA server to pass more of RPC-LSA and match Windows 2008Andrew Bartlett1-17/+32
This fixes some info levels in the QueryTrustedDomainInfo call, and changes from implementing lsa_Delete to lsa_DeleteObject (which has an explicit close and reutrns a NULL handle). Andrew Bartlett (This used to be commit 1f12c368b2566b378a6c521c389b8b1bafbcf916)
2008-08-26Only allow the trust in the correct direction (per the flags).Andrew Bartlett1-3/+9
(This used to be commit 2c7195429411d68bc66f4100659c622df4f5a20a)
2008-08-26Update RPC-LSA to (almost) pass against Windows 2008.Andrew Bartlett3-72/+153
(This used to be commit a17cb558c23142e522de3ed56d65c7694477395f)
2008-08-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett54-1213/+2080
(This used to be commit a555334db67527b57bc6172e3d08f65caf1e6760)
2008-08-24fixed the data in SAVEFILE op in RAW-OFFLINEAndrew Tridgell1-1/+1
(This used to be commit 3441ea5df5b750442d17b90de73d392d2d802ab1)
2008-08-24show the bad data in RAW-OFFLINEAndrew Tridgell1-3/+10
also show the worst case latencies so far, matching tsm_torture (This used to be commit 5859bb337ce2ec5091425ebd02cad14c4da40457)