sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-29 21:47:30 +03:00
Code
62,984 Commits 60 Branches 1,146 Tags
Commit Graph

47 Commits

Author SHA1 Message Date
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Andrew Bartlett
454b0b3f20 s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA 
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.

This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-11 22:52:37 +02:00
Volker Lendecke
a7b06f4c0d s3: Fix a memleak in check_pac_checksum 2010-05-04 12:00:13 +02:00
Günther Deschner
ae20737066 s3-kerberos: do not include authdata headers before including krb5 headers. 
Guenther
 2009-11-27 18:31:13 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required. 
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
 2009-11-27 16:36:00 +01:00
Jeremy Allison
d2a9f4a272 Remove unused variable warning. 
Jeremy.
 2009-11-12 14:09:25 -08:00
Günther Deschner
61f0b24763 s3-kerberos: remove smb_krb5_get_tkt_from_creds(). 
Now that cli_krb5_get_ticket() already handles S4U2SELF impersonation, remove
smb_krb5_get_tkt_from_creds() which is not required anymore.

Guenther
 2009-11-12 15:50:38 +01:00
Günther Deschner
11687e84e3 s3-kerberos: let smb_krb5_get_tkt_from_creds() compile with older heimdal libs. 
Guenther
 2009-11-06 15:01:39 +01:00
Günther Deschner
9e48dc2b78 s3-kerberos: support S4U2SELF impersionation through cli_krb5_get_ticket(). 
Guenther
 2009-11-06 13:35:20 +01:00
Günther Deschner
5e26622510 s3-kerberos: add impersonate_principal for kerberos_return_pac_X calls. 
Guenther
 2009-11-06 12:44:15 +01:00
Günther Deschner
4ffbfc4475 s3-kerberos: add smb_krb5_get_tkt_from_creds(). 
Guenther
 2009-11-06 12:43:46 +01:00
Andrew Bartlett
574a6a8c35 s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-07 13:25:36 +02:00
Günther Deschner
4b59ecb903 s3-build: no need to duplicate generated ndr_ prototypes. 
Guenther
 2008-10-20 19:47:00 +02:00
Jelmer Vernooij
cb78d4593b Cope with changed signature of http_timestring(). 2008-10-11 23:57:44 +02:00
Günther Deschner
c48186f507 s3: use samba4 prototype for ndr_push/pull_struct_blob. 
Guenther
 2008-09-23 09:37:23 +02:00
Günther Deschner
7269a504fd Add my copyright. 
Guenther
(This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
 2008-02-27 19:38:48 +01:00
Günther Deschner
3ea40eda94 Some more cleanup in authdata.c. 
Guenther
(This used to be commit 5483f5fb44bb2138a1348c05845a2b8f3588697a)
 2008-02-17 02:11:59 +01:00
Günther Deschner
86843631a2 Align our krb5 PAC decoding routines to the samba4 ones. 
(while keeping all the trans krb5 lib support)

Guenther
(This used to be commit c06e507737bb07ff995876e49341de3f60b0da35)
 2008-02-17 02:11:59 +01:00
Günther Deschner
a92eb76688 Finally enable pidl generated SAMR & NETLOGON headers and clients. 
Guenther
(This used to be commit f7100156a7df7ac3ae84e45a47153b38d9375215)
 2008-01-17 16:54:46 +01:00
Jeremy Allison
866af9a800 Coverity 512, uninitialized var. 
Jeremy.
(This used to be commit 1b7cc80c61ccbf766801080f5a3f0260f40ccc17)
 2008-01-11 23:43:33 -08:00
Volker Lendecke
900288a2b8 Replace sid_string_static by sid_string_dbg in DEBUGs 
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
 2007-12-15 22:09:36 +01:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting 
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
 2007-10-18 17:40:25 -07:00
Günther Deschner
201f0e1ce4 r24432: Expand kerberos_return_pac() so that it can be used in winbindd. 
Guenther
(This used to be commit e70bf0ecc3ec6d3ba8ba384024bbdf9a783072ea)
 2007-10-10 12:29:46 -05:00
Günther Deschner
3e00e2e9ce r24424: Fix the build. 
Guenther
(This used to be commit 029bf26f8a571ae060f7be60fd3e8c61d86004f7)
 2007-10-10 12:29:45 -05:00
Gerald Carter
cdd140fe27 r24158: SE_GROUP_RESOURCE in the other_sids list apparently means a 
domain local group.

Fix a typo in the PAC debugging routine
(This used to be commit b0b66b2e7af133b199868b946fad70016e1cefbd)
 2007-10-10 12:29:15 -05:00
Günther Deschner
2349acdd43 r23973: For debugging, add (undocumented) net ads kerberos commands (kinit, renew, 
pac).

Guenther
(This used to be commit 4cada7c1485c9957e553d6e75cb6f30f4338489f)
 2007-10-10 12:28:51 -05:00
Günther Deschner
f659ffc0ee r23970: Allow to set the debuglevel at which to dump the PAC logon info. 
Guenther
(This used to be commit 7d321aad83cb7b9cc766bc89a886676337a2bad8)
 2007-10-10 12:28:50 -05:00
Günther Deschner
fce64f6833 r23969: Some helper routines to retrieve a PAC and PAC elements. 
Guenther
(This used to be commit d4c87c792a955be7d5ef59fc683fc48e3d8afe16)
 2007-10-10 12:28:50 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text 
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
 2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later. 
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
 2007-10-10 12:28:20 -05:00
Gerald Carter
3272b1dd60 r23251: whoops! Fix compile error 
(This used to be commit 22a3ea40ac69fa3722abf28db845ab284a65ad97)
 2007-10-10 12:22:59 -05:00
Jeremy Allison
71ee55f98d r23080: Fix bug #4637 - we hads missed some cases where 
we were calling PRS_ALLOC_MEM with zero count.
Jeremy.
(This used to be commit 9a10736e6fa276ca4b0726fbb7baf0daafbdc46d)
 2007-10-10 12:22:43 -05:00
Jelmer Vernooij
995205fc60 r18188: merge 3.0-libndr branch 
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
 2007-10-10 11:43:56 -05:00
Jeremy Allison
a57f37420b r13588: Second attempt to fix Bug #3330 - treat the string as a 
uint8 array and copy as such. Gunther please check (sorry
I reverted your earlier fix).
Jeremy.
(This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
 2007-10-10 11:10:16 -05:00
Jeremy Allison
115996503c r13585: Sorry Gunther, had to revert this. It's got a buffer 
overrun. Spoke to Jerry about the correct fix. Will add
this after.
Jeremy.
(This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
 2007-10-10 11:10:16 -05:00
Günther Deschner
4ea92f3098 r13581: Correctly parse a non-null terminated, little-endian UCS2 string in the 
PAC_LOGON_NAME structure. This was broken on big-endian machines
(Solaris SPARC and ppc). Fixes Bug #3330.

Jerry, this should be in 3.0.21c.

Guenther
(This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
 2007-10-10 11:10:16 -05:00
Günther Deschner
ad93243f23 r11183: add small helper function to return a PAC_LOGON_INFO. 
Guenther
(This used to be commit a8d5d6b845efb62e73e281549528376f3ee74211)
 2007-10-10 11:05:06 -05:00
Günther Deschner
ebf8a84375 r10710: Fix uninitialized variable. (Thanks to Chengjie Liu 
<chengjie.liu@datadomain.com>)

Guenther
(This used to be commit 241466ee650d1db1b89a4b5b640f27f6b83644c6)
 2007-10-10 11:04:50 -05:00
Volker Lendecke
aa0dff680d r10671: Attempt to fix the build on machines without kerberos headers. 
Volker
(This used to be commit cb816e65a95802d5172c410d1acda2da070b871d)
 2007-10-10 11:04:49 -05:00
Gerald Carter
54abd2aa66 r10656: BIG merge from trunk. Features not copied over 
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
 2007-10-10 11:04:48 -05:00
Günther Deschner
cc6843fcca r9163: Rename UNKNOWN_TYPE_10 to PAC_LOGON_NAME (merge from samba4) 
Guenther
(This used to be commit d14dcba9635d10d2d8bf9f60c601b8c9078ec340)
 2007-10-10 11:00:27 -05:00
Jeremy Allison
acf9d61421 r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation 
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
 2007-10-10 10:53:32 -05:00
Herb Lewis
aa39cc37da get rid of more compiler warnings 
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
 2003-08-15 04:42:05 +00:00
Volker Lendecke
c9aa836204 Fix memleaks. 
Currently I'm compiling against MIT Kerberos 1.2.8.

Anthony, you said you have a heimdal installation available. Could you
please compile this stuff with krb and check it with valgrind?

Thanks,

Volker
(This used to be commit d8ab44685994b302bb46eed9001c72c194d13dc8)
 2003-08-15 01:46:09 +00:00
Jim McDonough
9f2e6167d2 Update my copyrights according to my agreement with IBM 
(This used to be commit c9b209be2b17c2e4677cc30b46b1074f48878f43)
 2003-08-01 15:21:20 +00:00
Jim McDonough
1f04eb2e26 Complete what I've seen (and then some)t of the PAC. 
I haven't seen the rid+attr arrays for group membership, nor sids or the same
kind of arrays for resource domains, so I don't know how that will work.

Also, the PAC info type 10 is now decoded, but I don't know what it's for.
It has an NTTIME, a 16-bit name length, and a username.  According to M$,
it's not needed, because they didn't doc it...
(This used to be commit 28ab8504cf6c181866106e5cc626a5896283d0a9)
 2003-04-09 16:48:59 +00:00
Jim McDonough
31e21b67d9 Decode the PAC! This patch just decodes it and then frees it, so it's just 
for doc purposes right now (you can see it in the debug logs).
(This used to be commit 046c2087a11b9ce7a02aece34ffb129ce0d66b08)
 2003-04-07 18:01:40 +00:00