Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-07-31 | s4:libnet: use talloc_strdup() instead of talloc_reference() | Stefan Metzmacher | 2 | -2/+2 | |
metze | |||||
2009-07-31 | s4:build: make sure that we regenerate proto headers when source files change | Stefan Metzmacher | 1 | -0/+2 | |
metze | |||||
2009-07-31 | s4:auth: make sure we have elements returned at all in ↵ | Stefan Metzmacher | 1 | -0/+6 | |
authsam_expand_nested_groups() metze | |||||
2009-07-31 | s4: Patch to implement nested group and privileges | Matthias Dieter Wallnöfer | 1 | -34/+100 | |
This patch adds a function "authsam_expand_nested_groups" (calculation of rights through expanding groups of a certain SID) which basically collects all memberships through "memberOf" attributes. It works with either user or group SIDs. For avoiding loops it tests on each call if the SID hasn't been added yet (through the helper function "sids_contains_sid"). The function itself is called by "authsam_make_server_info". | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsDoScanvengingNew() | Stefan Metzmacher | 1 | -1/+14 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsStatusWHdl() | Stefan Metzmacher | 1 | -1/+5 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsStatusNew() | Stefan Metzmacher | 1 | -1/+17 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsGetDbRecsByName() | Stefan Metzmacher | 1 | -2/+9 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsGetBrowserNames() | Stefan Metzmacher | 1 | -1/+10 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsSetFlags() | Stefan Metzmacher | 1 | -1/+3 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsDeleteWins() | Stefan Metzmacher | 1 | -1/+3 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsGetBrowserNames_Old() | Stefan Metzmacher | 1 | -1/+13 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsGetNameAndAdd() | Stefan Metzmacher | 1 | -1/+9 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsWorkerThreadUpdate() | Stefan Metzmacher | 1 | -1/+3 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsResetCounters() | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsSetPriorityClass() | Stefan Metzmacher | 1 | -1/+3 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsPullRange() | Stefan Metzmacher | 1 | -1/+6 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsDelDbRecs() | Stefan Metzmacher | 1 | -1/+5 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsBackup() | Stefan Metzmacher | 1 | -1/+4 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsTerm() | Stefan Metzmacher | 1 | -1/+3 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsGetDbRecs() | Stefan Metzmacher | 1 | -1/+13 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsDoScavenging() | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsDoStaticInit() | Stefan Metzmacher | 1 | -1/+4 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsTrigger() | Stefan Metzmacher | 1 | -1/+10 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of winsif_WinsStatus() | Stefan Metzmacher | 1 | -1/+76 | |
metze | |||||
2009-07-31 | winsif.idl: add definition of WinsRecordAction() | Stefan Metzmacher | 1 | -1/+53 | |
metze | |||||
2009-07-31 | winsif.idl: add missing function calls | Stefan Metzmacher | 1 | -1/+74 | |
metze | |||||
2009-07-31 | s4:librpc: rename wins.idl => winsif.idl | Stefan Metzmacher | 2 | -8/+8 | |
metze | |||||
2009-07-30 | python: Cope with the dom_sid2 alias in pidl's python generating code. | Jelmer Vernooij | 1 | -2/+2 | |
This fixes some problems in the samr Python bindings that pidl was (correctly) warning about. | |||||
2009-07-30 | DCE/RPC(Python): Rename py_talloc_import to py_talloc_steal. | Jelmer Vernooij | 3 | -12/+12 | |
Use py_talloc_reference in DCE/RPC code, fixes access to SAMR pipe. | |||||
2009-07-30 | Remove RFC's from the release tarballs to make the lives of the Debian | Jelmer Vernooij | 1 | -0/+3 | |
maintainers of Samba4 a bit easier. | |||||
2009-07-29 | s4:provision We no longer add krbtgt or kpasswd account into secrets.ldb | Andrew Bartlett | 1 | -1/+1 | |
2009-07-28 | s4:gensec/spnego: only generate the mechListMic when the server expects it | Stefan Metzmacher | 1 | -1/+2 | |
This fixes the ntvfs.cifs tests. metze | |||||
2009-07-28 | Fix compile of py_net.c | Andrew Bartlett | 1 | -1/+3 | |
2009-07-28 | s4:libnet Add in a 'credentials' parameter for python libnet_Join | Andrew Bartlett | 1 | -7/+20 | |
2009-07-28 | s4:tls Enable GnuTLS back to version 1.4 (an into the future) | Andrew Bartlett | 1 | -1/+1 | |
We think we have the bug fixed. Andrew Bartlett | |||||
2009-07-28 | s4:kerberos Add support for user principal names in certificates | Andrew Bartlett | 6 | -34/+123 | |
This extends the PKINIT code in Heimdal to ask the HDB layer if the User Principal Name name in the certificate is an alias (perhaps just by case change) of the name given in the AS-REQ. (This was a TODO in the Heimdal KDC) The testsuite is extended to test this behaviour, and the other PKINIT certficate (using the standard method to specify a principal name in a certificate) is updated to use a Administrator (not administrator). (This fixes the kinit test). Andrew Bartlett | |||||
2009-07-28 | s4:kerberos Add 'net export keytab' command for wireshark decryption | Andrew Bartlett | 15 | -38/+418 | |
It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett | |||||
2009-07-27 | Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption" | Stefan Metzmacher | 10 | -361/+8 | |
This reverts commit a40ce5d0d9d06f592a8885162bbaf644006b9f0f. This breaks the build... Andrew, please repush it, when it's fixed:-) metze | |||||
2009-07-27 | s4:kerberos Add test to show that we actually export the keytab | Andrew Bartlett | 1 | -0/+1 | |
While it is hard to prove it is correct, at least the new 'nettestuser' principal and the Administrator principal are correct. We had to fix the case of 'Administrator' in the selftest code to match the DB, as the keytab lookup is case sensitive. Andrew Bartlett | |||||
2009-07-27 | s4:kerberos Add 'net export keytab' command for wireshark decryption | Andrew Bartlett | 10 | -8/+361 | |
It is much easier to do decryption with wireshark when the keytab is available for every host in the domain. Running 'net export keytab <keytab name>' will export the current (as pointed to by the supplied smb.conf) local Samba4 doamin. (This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4, and so has a good chance of keeping working in the long term). Andrew Bartlett | |||||
2009-07-27 | s4:kdc Push context to hdb_samba4 by way of the 'name' of the DB | Andrew Bartlett | 6 | -29/+39 | |
This overloads the 'name' part of the keytab name to supply a context pointer, and so avoids 3 global variables! To do this, we had to stop putting the entry for kpasswd into the secrets.ldb. (I don't consider this a big loss, and any entry left there by an upgrade will be harmless). Andrew Bartlett | |||||
2009-07-27 | s4:setup add 'cn' attribute to Samba4 local schema | Andrew Bartlett | 1 | -0/+4 | |
(We recently made the ms_schema.py script also add this attribute) | |||||
2009-07-27 | s4:heimdal Extend the 'hdb as a keytab' code | Andrew Bartlett | 1 | -4/+145 | |
This extends the hdb_keytab code to allow enumeration of all the keys. The plan is to allow ktutil's copy command to copy from Samba4's hdb_samba4 into a file-based keytab used in wireshark. One day, with a few more hacks, we might even make this a loadable module that can be used directly... Andrew Bartlett | |||||
2009-07-27 | s4:kdc Tidy up hdb_samba4 some more | Andrew Bartlett | 5 | -63/+90 | |
This removes the last use of the prefix hdb_ldb and makes it clear that we pass in 3 global variables to get state information into hdb_samba4 when used as a keytab. (And that they belong to hdb_samba4, not to the KDC) Andrew Bartlett | |||||
2009-07-24 | s4:gensec_gssapi: pass the correct oid to the gssapi layer. | Stefan Metzmacher | 1 | -4/+11 | |
metze | |||||
2009-07-24 | s4:gensec/spengo: make sure we send the blob with the micListMech signature ↵ | Stefan Metzmacher | 1 | -1/+1 | |
to the peer We should even do this if the submech has no more data to send. metze | |||||
2009-07-23 | s4:ldb: add support for the new Recycle Bin Feature LDAP controls | Stefan Metzmacher | 2 | -0/+68 | |
LDB_CONTROL_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064 LDB_CONTROL_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065 metze | |||||
2009-07-23 | s4:libcli/ldap: add support for new Recycle Bin Feature LDAP Controls | Stefan Metzmacher | 1 | -0/+40 | |
LDAP_SERVER_SHOW_RECYCLED_OID 1.2.840.113556.1.4.2064 LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065 metze | |||||
2009-07-23 | [SAMBA 4 / NETLOGON] Modify type of SAM contexts | Matthias Dieter Wallnöfer | 1 | -9/+7 | |
In the SAMBA 4 DCE/RPC NETLOGON server the SAM context references have generally the type "void *". But we know that those context objects are based on the "struct ldb_context" type. We've always to cast for using a SAM/LDB call. This I didn't find very appealing and so I assigned the right (detailed) type to each "sam_ctx". Therefore, the casts could disappear. Also this change is only cosmetic. |