Age | Commit message (Collapse) | Author | Files | Lines |
|
- use "sambaPassword" only as virtual attribute for passing
the cleartext password (in unix charset) into the ldb layer
- store des-cbc-crc, des-cbc-md5 keys in the Primary:Kerberos
blob to match w2k and w2k3
- aes key support is disabled by default, as we don't know
exacly how longhorn stores them. use password_hash:create_aes_key=yes
to force creation of them.
- store the cleartext password in the Primary:CLEARTEXT blob
if configured
TODO:
- find out how longhorn stores aes keys
- find out how the Primary:WDigest blob needs to be constructed
(not supported by w2k)
metze
(This used to be commit e20b53f6feaaca2cc81ee7d296ca3ff757ee3953)
|
|
always bring it back if we need to. This code was getting in the way while
refactoring.
Add some tests for TDR.
Get rid of typedef in lib/registry/tdr_regf.idl and fix the
TDR code to be able to deal with it.
(This used to be commit 1ad0f99a439f0d52a735b391bf9900d50171aca5)
|
|
(This used to be commit 0d739c7e9807682cd5bc433c3e4f2d4bbe4f1b69)
|
|
(This used to be commit a91e624af22aae5b460ccf94d2540b8780f90070)
|
|
struct foo {
...
};
in IDL will now work. This is the first step towards nested types and
using typedefs for partial types (such as "typedef int *bar;"), a requirement
for complex uses of represent_as().
(This used to be commit a716aa70f0c90898e6fcf57d63a2cf4c40e7d4df)
|
|
(This used to be commit 88fbf9af24a346d3d99af32b8574507b0590846a)
|
|
(This used to be commit 34517c69e67d7eafa00e6fe0072bd04f074cdbde)
|
|
(This used to be commit a21e7b22ac99c66e2b23d0fa694a8a2ea6e7994e)
|
|
(This used to be commit 8b31fba826e5e76031979755f9682a8da5c59148)
|
|
(This used to be commit 745d0eae1a0f681f6a08a7cc259834ddbb5fa023)
|
|
(This used to be commit 0ed195f45fed12905278ba60eabe02a11b59eb90)
|
|
fails that test, so disabling it for now.
(This used to be commit d6026c2046a26f42ca0cd6ebf1f45488fbfb22e1)
|
|
(This used to be commit 883df28d6ebb1993add95174fe2694154995354b)
|
|
Volker
(This used to be commit 573ba38722e338fb4158dfda181308a1a736c5c0)
|
|
(This used to be commit 76b377d5ad5c115e5fbb24a10d543883f04283a6)
|
|
(This used to be commit 56ed4499d69adf57a41632ba12cbfef383a35ab2)
|
|
(This used to be commit 5d4dd136ed29c6418377eae1227cae53fc510356)
|
|
(This used to be commit 61cb52b65b9be2fd09a5c5a02536600c0ac500f7)
|
|
(This used to be commit 9e6d43c45cec24a391d8134a9c177461aabb3e6c)
|
|
metze
(This used to be commit 18a5bf850bad9643e09e111d8c2c4e2c2efce989)
|
|
Not as bad
as not doing it at all, but needs fixing. Also simplify the logic, I had
missed the "goto out" at the end of the function.
Volker
(This used to be commit ed30a0ff602d0a1d4409bee4faf12b6979b5f4b8)
|
|
(This used to be commit 361977448210dfd889abca19b520cd259b9d0855)
|
|
succeeded. Found while testing the brlock seqnum patch.
Tridge, please check!
Volker
(This used to be commit e518c68fc5446304611d096ac2e3cab744734fc3)
|
|
(This used to be commit 33142f7646265a05892f69b52f04fac9a50af914)
|
|
metze
(This used to be commit 307aabe0257559a9211f4f627cb38150a24dc40f)
|
|
of supplementalCredentials
metze
(This used to be commit b708d0729e03a78868f18fd37c9a01d7c75c900e)
|
|
this is handles the content of the 'Packages' element in the supplementalCredetials
metze
(This used to be commit 07fe22f82ebe66464ef73274a109d1e21a0d7f0f)
|
|
metze
(This used to be commit 925f1f40cf8318d0a72fe3da958db52ccbf14b39)
|
|
(This used to be commit a620dc359476de9440f3b84dc8b45f569d103270)
|
|
metze
(This used to be commit 97fc985bd062b6ad5a58dd6ce883a637043283a1)
|
|
- fix parsing of Primary:Kerberos blob
metze
(This used to be commit c6fa95ef2263774901c8871396b4eec5b7409c5e)
|
|
uint16 size;
[relative,subcontext(0),subcontext_size(size),flag(STR_NOTERM|NDR_REMAINING)] string *string;
as
uint16 size;
[relative,charset(UTF16)] uint8 *string[size];
isn't supported by pidl yet...
metze
(This used to be commit 9fcfa658430f04658c692eb26db9280fda6e4e25)
|
|
which contrusts the keys...
later we need to get the key version number from the
"replPropertyMetaData" attribute entry to the (I assume)
the "unicodePwd" attribute.
msDs-KeyVersionNumber is a constructed attribute,
and is "1" when no "supplementalCredentials" is present.
we need to make some tests with a password change function
which don't give a cleartext to the server...
metze
(This used to be commit 9e4324221764c1413be34d5b14915a86740acc04)
|
|
metze
(This used to be commit 03b06398a405e491ce4e2bc91513a57e0d59466f)
|
|
Samba3's IDL.
(This used to be commit 15a4b81ba0b5eeb25126a0b1a7bea7d3bf921ab2)
|
|
(This used to be commit a45a677084ba1bc63a8f74892c12ca6f0d9b5071)
|
|
(This used to be commit 3ef8a6834df63a0bfa68996daea6432e98243d40)
|
|
inside the supplementalCredentials attribute
w2k uses keys1 and keys2 where both seem identical
w2k3 only uses keys1 and num_keys2 = 0
the Salt is only stored once for all keys
the following keys are stored:
ENTYPE_DES_CBC_MD5 = 3
ENTYPE_DES_CBC_CRC = 1
metze
(This used to be commit 03d7d05e4fa607271f84878bc238e7cf0560bc67)
|
|
(This used to be commit b29170c8eaafa3a573b0e26efecd6cacd68250b6)
|
|
(This used to be commit f3680ba118d4de4c535ceabda69e3b9f00424cd6)
|
|
(This used to be commit 2e2b15e3d258b66c3a150b97748ff6b4eed69a9a)
|
|
(This used to be commit 88fa90778a0e1f5efca08e5e6ba1b165399de30c)
|
|
(This used to be commit bfc2a1c50596ac3aee871de63fdd99362a65d7d8)
|
|
(This used to be commit 83a47e30b59f5289cdcb68ba54aa236795bc42b2)
|
|
they test is broken at the moment.
(This used to be commit 8f039a25cd75e4acdaec0afce3cc159b0abe99ec)
|
|
for the keytype field...
metze
(This used to be commit e96aa8980097712d7666a85f17c7214486d99618)
|
|
when no krb5key attribute is present or it doesn't contain the KEYTYPE_ARCFOUR
key.
metze
(This used to be commit b4af29da700a71fe021c5f31cad31a494d884e07)
|
|
"ntPwdHash" => "unicodePwd"
"lmPwdHash" => "dBCSPwd"
"sambaLMPwdHistory" => "lmPwdHistory"
"sambaNTPwdHistory" => "ntPwdHistory"
Note: you need to reprovision after this change!
metze
(This used to be commit dc4242c09c0402cbfdba912f82892df3153456ad)
|
|
- don't overwrite the passwords with 'test' as we now understand the windows
format for the password hashes
metze
(This used to be commit 252a4d67020da19de44893349bd476ec88d5b746)
|
|
We decided to store them plain in our ldb
metze
(This used to be commit ff13b21102641a308bd48a8efa6b94a98f567e15)
|