summaryrefslogtreecommitdiff
path: root/source4
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11600: remove unused codeStefan Metzmacher2-1678/+0
metze (This used to be commit 06ccbc3fa99dc6396b2fe46adb51ef42431669eb)
2007-10-10r11599: remove local (and broken) version of strhaslower() strhasupper()Stefan Metzmacher1-24/+0
metze (This used to be commit 35e17abb8763e4d90725d007fefa76965260c124)
2007-10-10r11598: fixed strhaslower() and strhasupper() to not falsely recogniseAndrew Tridgell1-4/+10
caseless characters as lower/upper (This used to be commit 74fb317f2acf7a5963f37c0cd9e21a34d7da2f4f)
2007-10-10r11597: revert a commit by mistakeSimo Sorce1-0/+12
(This used to be commit 09e6f494b490127ace1a9d1077c2757d813abc55)
2007-10-10r11596: switched the libcli/raw/ code over to using the lib/stream/ genericAndrew Tridgell6-109/+55
packet parsing code. This simplifies the logic in the raw client library a fair bit (This used to be commit f8d43f1f67876360e1295d85a3c3702d1d60ed7b)
2007-10-10r11595: added a helper layer to parse streams into individual packets. This isAndrew Tridgell3-0/+368
something that Andrew Bartlett has been asking for for a while, and when I started having to re-invent this packet parsing code yet again for SMB2 I decided it was time to do it generically you use it by providing a "is this a full packet yet?" helper function to the packet_*() functions, which then handle all the logic of partial packet buffering. This also goes to great lengths to operate efficiently, minimising the number of recv system calls. (This used to be commit e6c47b954a6f09c53ea419800ce873295fcd0be9)
2007-10-10r11594: ensure ldb_search() sets *res to NULL on failure (some of the updatedAndrew Tridgell1-0/+2
ldb_result code coud rely on that) (This used to be commit cd567bcb24125827c746c1c0902631b0e7c2cea5)
2007-10-10r11593: added a data_blob_realloc() functionAndrew Tridgell1-0/+12
(This used to be commit e04262d391d81f863256a9fe69a2884fbce641af)
2007-10-10r11592: fixed a crash bug from the ldb_result changes (res was being used ↵Andrew Tridgell1-4/+6
after being freed) (This used to be commit 5c7f3fef3e2324f0d1edda0f0f06f662bbcf7e08)
2007-10-10r11588: Remove unused (at the moment) variable and quiet compiler warning.Rafal Szczesniak1-1/+0
rafal (This used to be commit 90db7f13bc0df0a276dc736d2f9439616cb3b2f7)
2007-10-10r11586: Further work on ejs interface for libnet. The idea is to split libnetRafal Szczesniak2-4/+57
functionalities into groups of subcontexts of net subcontext just the way it's done in net tool. This way we can pass common arguments when creating subcontext. Also, this may allow easier writing net tool completely as a script. At the moment there's a name resolve code segfault to be fixed. rafal (This used to be commit 25310d05927dab69d37248977f974bcaedbd081b)
2007-10-10r11572: Add support for accountExpires and password expiry (should cause theAndrew Bartlett1-2/+32
ticket to be reduced in validity). Andrew Bartlett (This used to be commit 5575a1443b5225140f401bde7f897f96dfe73b39)
2007-10-10r11568: Debuging aids: Let the administrator know when a key/entry expired,Andrew Bartlett1-6/+28
rather than just the fact of the expiry. Andrew Bartlett (This used to be commit 31c4ab26d7ab1e550c2ecc7c3ae6c44b87140aa3)
2007-10-10r11567: Ldb API change patch.Simo Sorce39-807/+1212
This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo. (This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
2007-10-10r11555: - change socket_wrapper to support multiple IP'sStefan Metzmacher3-61/+277
- SOCKET_WRAPPER_DEFAULT_IFACE=X specifies the default interface for 127.0.0.X - we now use multiple interfaces for smbtorture in make test 127.0.0.26-127.0.0.31 - and 127.0.0.1 only for smbd the are more work needed for better support for broacast messages... but this is enough for the winsrepl tests metze (This used to be commit dbd01110d1a3e0f5914ae8d156723d6d6edf160c)
2007-10-10r11554: make us able to run without depending on 127.0.0.1Stefan Metzmacher1-6/+8
metze (This used to be commit 6bae17d279205a0d75f609f6a026b5c99d73cea5)
2007-10-10r11553: give an error when the lookup failedStefan Metzmacher1-7/+19
metze (This used to be commit 363c000944ad40c3f8ba2b28f4cfed2bbd26fd65)
2007-10-10r11552: fix indentStefan Metzmacher1-3/+3
metze (This used to be commit 021060b4292dfe2495bcea635f6ce6467ca731ad)
2007-10-10r11547: - don't do pull replication when pullIntervall is 0Stefan Metzmacher3-9/+14
- don't do push replication when pushChangeCount is 0 metze (This used to be commit 4122e9ec3a4394738fa3c261dc92938ea86c3822)
2007-10-10r11546: add more errno ntstatus mappings, to get more usefull errors from ↵Stefan Metzmacher1-0/+15
socket_wrapper metze (This used to be commit 6375a9a95da1eb2d5fd60b265047d98b264ff93f)
2007-10-10r11545: Remove old #define.Andrew Bartlett1-8/+0
Andrew Bartlett (This used to be commit 5adaf00e4486f5f4895fd816c9db45133db38f1a)
2007-10-10r11544: Allow delegation in a Samba4 realm.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit c4a9d025d6485c19bf1f2e98f83ac68b276247e4)
2007-10-10r11543: A major upgrade to our KDC and PAC handling.Andrew Bartlett14-238/+545
We now put the PAC in the AS-REP, so that the client has it in the TGT. We then validate it (and re-sign it) on a TGS-REQ, ie when the client wants a ticket. This should also allow us to interop with windows KDCs. If we get an invalid PAC at the TGS stage, we just drop it. I'm slowly trying to move the application logic out of hdb-ldb.c, and back in with the rest of Samba's auth system, for consistancy. This continues that trend. Andrew Bartlett (This used to be commit 36973b1eef7db5983cce76ba241e54d5f925c69c)
2007-10-10r11542: Add the netbios name type. We will need it when we start to handleAndrew Bartlett1-0/+1
allowedWorkstations on Krb5. Andrew Bartlett (This used to be commit dbf73a82fc7d1f82e2ad45e545cefdd9a5b24215)
2007-10-10r11541: More logical (I think...) delegation semantics.Andrew Bartlett1-10/+14
Andrew Bartlett (This used to be commit 6bb1b244284a209ebcb50c17ad59d4528658da0b)
2007-10-10r11540: Some notes to myself on RFC complience.Andrew Bartlett1-0/+7
Andrew Bartlett (This used to be commit 6d439cae989efff7530d75e5dd21faa8e5230059)
2007-10-10r11539: Fix indentation in templates. Always generate lower-caseJelmer Vernooij5-8/+10
UUID strings as GUID_from_string seems to have trouble with uppercased ones. (This used to be commit 16ea96c81ed88f197007335f442c9e62b4ccd6de)
2007-10-10r11538: More notes on things we need.Andrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit 890ad0412b9ee285fa25e8bab785a960a201057e)
2007-10-10r11537: Make the authsam_account_ok routine callable by external users (the ↵Andrew Bartlett1-19/+21
KDC). Andrew Bartlett (This used to be commit 1643ad169cff56f20ba03644dec12124139ac44a)
2007-10-10r11536: Add a hook for client-principal access control to hdb-ldb, re-usingAndrew Bartlett7-44/+231
the code in auth/auth_sam.c for consistancy. This will also allow us to have one place for a backend directory hook. I will use a very similar hook to add the PAC. Andrew Bartlett (This used to be commit 4315836cd8c94eb8340c4050804face4d0066810)
2007-10-10r11535: Support void functions when generating templates.Jelmer Vernooij1-2/+10
(This used to be commit e8926a4e171a7bf74c220fa825ef5fa9e297fa47)
2007-10-10r11534: Consider ntvfs as a libraryJelmer Vernooij1-1/+5
(This used to be commit f9bbc83f5316773520ce06c267ac9c0f1eb189e6)
2007-10-10r11533: Be a bit less intrusiveVolker Lendecke1-1/+2
(This used to be commit f341c8b4c8e8b8096c604b5842b9b7f7c4c9653c)
2007-10-10r11532: Enable kerberos session setup for winbind smb connectionsVolker Lendecke1-0/+9
(This used to be commit f0e4075db5e913d2262058bb7234c446160823d9)
2007-10-10r11529: Disable DNS lookups for forwarded credentials, unless really, reallyAndrew Bartlett1-34/+41
wanted. There is nothing that suggests that the host we forward credentials to will not have other interfaces, unassoicated with their service name. Likewise, the name may be a netbios, not DNS name. This should avoid some nasty DNS lookups. Andrew Bartlett (This used to be commit da0ff19856a8f41eb64787990d47d2961824711d)
2007-10-10r11528: Separate finding dcs from initializing a domain. Makes it easier to ↵Volker Lendecke12-355/+571
possibly support cldap and other stuff in the future. This temporarily disables wbinfo -t, but that will come back soon. Try an ldap bind using gss-spnego. This got me krb5 binds against "our" w2k3 and a trusted w2k, although with some memleaks from krb5 and a BAD_OPTION tgs-rep error. Volker (This used to be commit d14948fdf687c8f70ef9ec35445b7eb04da84253)
2007-10-10r11527: Has this ever been run?Volker Lendecke1-0/+1
(This used to be commit 419b28d02d6c5a03bd33eaeabf1b42bfab9155dd)
2007-10-10r11526: And another warning...Volker Lendecke1-1/+1
(This used to be commit 16467008c64d84f29bec0ea45767bb1050726b34)
2007-10-10r11525: Move lookups (including the attribute search) for users fromAndrew Bartlett2-112/+127
kdc/hdb-ldb.c to share the routines used for auth/ This will require keeping the attribute list in sync, but I think it is worth it for the next steps (sharing the server_info generation). Andrew Bartlett (This used to be commit da38bcefa752a508abd28e8ff6277b493d24c2dd)
2007-10-10r11524: More work on our hdb backend in the KDC.Andrew Bartlett1-116/+78
The aim here is to restructure the queries to match the queries we do in auth, then to share the code that does the actual query (at least for user logins). Then we can generate the PAC from that shared query, rather than a seperate query. Andrew Bartlett (This used to be commit 4395d087e19286536dbb41fa5758491b302fa437)
2007-10-10r11523: Working towards having Samba3 join Samba4, this allows the SASLAndrew Bartlett1-3/+7
credentials to be NULL, where the client is requesting a CIFS style server-first negTokenInit. Andrew Bartlett (This used to be commit eba652ecc89766304fdad14463072dc311693701)
2007-10-10r11522: Add support for delegated credentials and machine account credentialsAndrew Bartlett2-2/+28
to ldb, based on the sessionInfo we now pass around. Andrew Bartlett (This used to be commit 84e16e4ea7240409f15efd9f64344f9e0cec8111)
2007-10-10r11521: Add in client support for checking supportedSASLmechanisms, and thenAndrew Bartlett4-7/+129
determining a mechanism to use. Currently it doesn't to fallbacks like SPNEGO does, but this could be added (to GENSEC, not to here). This also adds a new function to GENSEC, which returns a list of SASL names in our preference order (currently determined by the build system of all things...). Also make the similar function used for OIDs in SPNEGO do the same. This is all a very long-winded way of moving from a hard-coded NTLM to GSS-SPNEGO in our SASL client... Andrew Bartlett (This used to be commit 130eb9bb9a37957614c87e0e6846a812abb51e00)
2007-10-10r11520: indentAndrew Bartlett1-1/+1
(This used to be commit ce611eb5f31bc63fc23700e7a2c47e68b8f826aa)
2007-10-10r11519: And an uninitialized variable...Volker Lendecke1-1/+1
(This used to be commit dc0e9f8d1a2285623e99dcccf055b4860ddd1294)
2007-10-10r11518: Fix a warningVolker Lendecke1-1/+1
(This used to be commit 4a32df49e66b49b20b78bf165869b7592bb626fd)
2007-10-10r11517: Cleanup time, this looks larger than it is. This mainly gets rid ofVolker Lendecke16-703/+489
wb_domain_request, now that we have queued rpc requests. Volker (This used to be commit 848522d1b64c1c283ac1ea7ce7f1a7a1b014a2aa)
2007-10-10r11516: Fix a valgrind bug I introduce with queued requestsVolker Lendecke1-3/+6
(This used to be commit 3e4ab756f421acd747e9ea4c48b0f61d48dfa8fd)
2007-10-10r11515: Add some talloc_get_typeVolker Lendecke1-2/+2
(This used to be commit 558c29971d5855308a9d8dfd21e8ac7ec24abc01)
2007-10-10r11514: Fixup debug messageAndrew Bartlett1-1/+1
(This used to be commit b2372cad367a29d7dca596dace703a349b381a09)