1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

7039 Commits

Author SHA1 Message Date
Andrew Bartlett
12d4dd28a5 r11394: Allow KDC unreachable as another 'forget about gssapi' error on SPNEGO.
Andrew Bartlett
(This used to be commit da24074860)
2007-10-10 13:45:30 -05:00
Andrew Bartlett
5e456b38ed r11393: Avoid error messages and get more correctness with long plaintext passwords.
Andrew Bartlett
(This used to be commit cb0b3c0057)
2007-10-10 13:45:30 -05:00
Volker Lendecke
0ea06b97c2 r11392: After confirmation from Love, fix a compiler warning
(This used to be commit a0b4036ba6)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
66014ca14d r11391: Add includedir to the list of directories to create
(This used to be commit dab450a501)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
fc6bdfa8be r11388: Move dot-generating to a seperate perl executable
(This used to be commit 31406f7aa5)
2007-10-10 13:45:30 -05:00
Jelmer Vernooij
3f2136b919 r11387: Remove pidl from the default 'install' target as it doesn't obey the
user specified install paths.
(This used to be commit d537a35ec3)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
42c5211bf4 r11386: Add install rule for pidl
(This used to be commit b740d0d280)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
773f0ecf5a r11385: Fix issues in module.c. Calling function should pass in path
to directory rather then subsystem name now.
(This used to be commit 2a868ab3b5)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
a4e7bf3a89 r11382: Require number of required M4 macros
Make MODULE handling a bit more like BINARY, LIBRARY and SUBSYSTEM
Add some more PUBLIC_HEADERS
(This used to be commit 875eb8f4cc)
2007-10-10 13:45:29 -05:00
Volker Lendecke
5a67b508d8 r11378: Fix an uninitialized variable warning. Tridge, I'm 99.999% sure this was a
simple cut&paste error, but you might recheck this.

Volker
(This used to be commit 55b5b100e9)
2007-10-10 13:45:29 -05:00
Jelmer Vernooij
93fd08168f r11377: Add support for building LIBRARY elements as shared libraries:
- Adds -rpath bin/ so you don't have to install Samba in order to use compiled binaries.
 - Writes out pkg-config files when building shared libs
 - Supports automatic fallback to MERGEDOBJ (which is the default) or
   OBJ_LIST (if ld -r is not supported)

Building with shared libs reduces the size of the Samba binaries from
197 Mb to 60 Mb (including libraries) on my system (GCC4, with debugging).

To build with shared libraries support enabled, run:

LIBRARY_OUTPUT_TYPE=SHARED_LIBRARY ./config.status

init functions don't get called correctly yet when using shared libs, so
you won't be able to actually run anything with success :-)

Once init functions are done, I'll look at support for loading shared
modules once again.

Based on a patch by Peter Novodvorsky (nidd on IRC).
(This used to be commit 0b54405685)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
17f8b87cb0 r11374: On request from VL, put the plaintext auth patch in.
I still have some gremlins that get in the my way in testing this.

Andrew Bartlett
(This used to be commit 3353e906ad)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
4378c3c9cc r11373: Handle an apparent alias in NBT ntlogin replies.
Andrew Bartlett
(This used to be commit 51d55d2211)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
a2b93c3f5f r11372: Now RPC-SAMLOGON works, place it into the default 'make test'.
Andrew Bartlett
(This used to be commit 381c4f9fef)
2007-10-10 13:45:28 -05:00
Andrew Bartlett
ea2d6d482f r11371: Fix the ntlm_auth build.
Andrew Bartlett
(This used to be commit 708476d0b2)
2007-10-10 13:45:27 -05:00
Andrew Bartlett
546f63df5b r11370: Samba4 now passes it's own RPC-SAMLOGON test again.
This avoids the nasty user@DOMAIN test for now, as it has very odd
semantics with NTLMv2.

Allow only user accounts to do an interactive login.

Andrew Bartlett
(This used to be commit 690cad8083)
2007-10-10 13:45:27 -05:00
Volker Lendecke
134b2488c8 r11369: Implement socket_connect_multi: Connect to multiple ipv4 tcp ports in
sequence, with a 2-millisecond timeout between firing the syn packets. Build
smbcli_sock_connect_send upon that.

Volker
(This used to be commit 5718df44d9)
2007-10-10 13:45:27 -05:00
Andrew Bartlett
3dc75cc84f r11367: Ensure to intialise the new logon_parameters (0 for session setups).
Andrew Bartlett
(This used to be commit abff53b633)
2007-10-10 13:45:26 -05:00
Andrew Bartlett
152988a828 r11366: Pass around the flags which indicate if we should support plaintext
logins and NTLM machine account logins.

Andrew Bartlett
(This used to be commit 421e64c2b4)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
ea4ad9152a r11365: fixed a comment typo
(This used to be commit 3333d71ab6)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
804cf59a48 r11364: added a ldb_attr_dn() function for testing if an attribute name is
"dn" or "distinguishedName". This makes us a bit more consistent
(This used to be commit b41b374b55)
2007-10-10 13:45:26 -05:00
Andrew Tridgell
c5b99e3c69 r11363: fixed a problem with provisioning when hklm already exists (the
problem is really caused by hklm not having objectclass attributes on
its records, but this is a workaround)
(This used to be commit 62d5253a03)
2007-10-10 13:45:26 -05:00
Tim Potter
b0dd4140c5 r11362: Remove attempt to decode uint8 array as a security descriptor. Pidl thinks
that because it is an array, the import should also be an array, i.e of
security descriptors.
(This used to be commit fb313c19c6)
2007-10-10 13:45:25 -05:00
Andrew Bartlett
f2d1614906 r11361: Test user@DOMAIN userPrincipalNames
Andrew Bartlett
(This used to be commit 75b002746a)
2007-10-10 13:45:24 -05:00
Andrew Bartlett
18e9c49922 r11360: Pass down a flag indicating that this is an 'old password', and to
expect funny buisness.

Andrew Bartlett
(This used to be commit b2810bd702)
2007-10-10 13:45:24 -05:00
Andrew Bartlett
f003a02ef2 r11359: More lovely cracknames tests...
Andrew Bartlett
(This used to be commit 35cbdd5c9d)
2007-10-10 13:45:24 -05:00
Andrew Bartlett
2bb739396c r11358: Ensure domains are always upper-case as well. Helps NTLMv2.
Andrew Bartlett
(This used to be commit 82527491b2)
2007-10-10 13:45:24 -05:00
Andrew Bartlett
efa0106627 r11357: Add more standard 'servicePrincaipalName' entries to our host account
in provision.

Andrew Bartlett
(This used to be commit 8ed6156280)
2007-10-10 13:45:24 -05:00
Andrew Bartlett
256a872763 r11356: More cracknames work. This copes with a lookup for a
servicePrincipalName with a realm, which always returns 'domain only',
with the realm as the domain.

Andrew Bartlett
(This used to be commit 476cd0c649)
2007-10-10 13:45:23 -05:00
Andrew Bartlett
09bfb8ffb0 r11355: Test for error returns when we don't specify the newly discovered
'workstation for account on NTLM' flag.

Andrew Bartlett
(This used to be commit aa5b6cf7c4)
2007-10-10 13:45:23 -05:00
Andrew Tridgell
e0ab3485ee r11354: - generate a ejs error on bad ldif to add/modify
- fixed a double free error in ldb.close()
(This used to be commit 7f797e7097)
2007-10-10 13:45:23 -05:00
Andrew Tridgell
d812957a31 r11353: a bit of an improvement to the ldb_tdb error handling
(This used to be commit 896704f5c1)
2007-10-10 13:45:23 -05:00
Andrew Bartlett
56576de528 r11352: Add newly discovered (via the radiator lists) flags for controlling
plaintext and machine account logins.

Update tests to confirm this behaviour.

Andrew Bartlett
(This used to be commit a0ed41d379)
2007-10-10 13:45:22 -05:00
Andrew Bartlett
a0dcf1aa1c r11351: Another add-hoc test.
Andrew Bartlett
(This used to be commit 326ffb2cc0)
2007-10-10 13:45:22 -05:00
Andrew Bartlett
524eeac064 r11350: Add some debugs to assist tracking down kerberos issues in future.
(Make it easy to see what was put into the keytab, so we can tell when
gssapi screams that it can't pull it out).

Andrew Bartlett
(This used to be commit c56142c4ac)
2007-10-10 13:45:22 -05:00
Andrew Bartlett
900d6fab32 r11349: Actually add all the new spns...
Andrew Bartlett
(This used to be commit 63eede2ad3)
2007-10-10 13:45:22 -05:00
Andrew Bartlett
26fde8dee1 r11348: Fixes for 'net join':
- Add more servicePrincipalNames
 - Always add them, not just for BDC accounts, and not just the first
   time the account is created (it might be an upgrade from an NT4
   account).

This should fix us for being a domain member in ADS again.
(This used to be commit 3821821d4c)
2007-10-10 13:45:21 -05:00
Jelmer Vernooij
10ec7dd61f r11343: Remove dependency on DEBUG()
(This used to be commit 407b5e615f)
2007-10-10 13:45:21 -05:00
Andrew Bartlett
c0d1fb4914 r11342: Remove unused variables.
Andrew Bartlett
(This used to be commit eed8f4a031)
2007-10-10 13:45:21 -05:00
Andrew Bartlett
489ad64cad r11339: Fix the build by adding the serviceprincial name cracknames helper.
Andrew Bartlett
(This used to be commit 0a5bf9348a)
2007-10-10 13:45:21 -05:00
Andrew Bartlett
22d867fb1d r11334: Print error status in debug.
Andrew Bartlett
(This used to be commit 3b5ef4208d)
2007-10-10 13:45:21 -05:00
Andrew Bartlett
15b9e70ebc r11333: Push service principal lookups into the cracknames code, rather than
in the hdb-ldb code.

Andrew Bartlett
(This used to be commit f71149c88d)
2007-10-10 13:45:20 -05:00
Stefan Metzmacher
b323a81b7c r11331: add conflict cases owned,released vs. replica
metze
(This used to be commit d3049936a5)
2007-10-10 13:45:20 -05:00
Stefan Metzmacher
7ec41c9424 r11330: - split up owned,active vs replica and owned,released vs. replica
- complete owned,released tests

metze
(This used to be commit ba82ffb261)
2007-10-10 13:45:20 -05:00
Stefan Metzmacher
b0ea4f2386 r11329: the 0x1C must be registered as group name
metze
(This used to be commit 657d45d3e0)
2007-10-10 13:45:20 -05:00
Andrew Bartlett
13b0da09ee r11325: Fix up some kerberos notes.
Andrew Bartlett
(This used to be commit 89623af30f)
2007-10-10 13:45:20 -05:00
Andrew Bartlett
e408e14154 r11322: Start moving towards using the cracknames code in the KDC.
Andrew Bartlett
(This used to be commit cf67af4216)
2007-10-10 13:45:19 -05:00
Andrew Bartlett
6efaf588a9 r11321: Fix typos in warnings.
Andrew Bartlett
(This used to be commit 81f020d3a4)
2007-10-10 13:45:19 -05:00
Tim Potter
1fb7a5348b r11318: Tweak import statement for decoding KeySecurityData as a NT security
descriptor in ethereal.
(This used to be commit 5af1b6df0a)
2007-10-10 13:45:19 -05:00
Andrew Bartlett
1244a97dbe r11317: An ugly hack to setup the global gssapi_krb5_context early, when we
have easy access to the event context.

This stops Samba dead-locking against itself when the winbindd client
tries to contact the KDC.

Andrew Bartlett
(This used to be commit 57f811115e)
2007-10-10 13:45:19 -05:00