IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Now, each rpc interface (named pipe, tcp/ip, lrpc and unix
socket) works asynchronously.
Comments to follow.
rafal
(This used to be commit 789f9d43db7ea59e79d5aa498e2e9fd077448825)
same time.
This was causing the kdc to shut itself down if 'bind interfaces only = no'.
Andrew Bartlett
(This used to be commit 02ff22a25050687478cfcca4dce35c2346cc2241)
make it possible to code the difference between a zero length and a NULL DATA_BLOB...
metze
(This used to be commit 54f0b19c55df8ad3882f31a114e2ea0e4cf940ae)
specifically ask for iface_n_bcast() and have to check if it returns
NULL, in which case it is a non-broadcast interface
(This used to be commit d004e250b6710251ea089ac242775481f13b5c2b)
calculation code. This was originally done in 1997, and has been
morphed a lot since then, but fred should still get credit
(This used to be commit 172e41596fb3b4d2768d6885aea43295cc2f81c1)
We do need the gsskrb5_get_initiator_subkey() routine. But we should
ensure that we do always get a valid key, to prevent any segfaults.
Without this code, we get a different session key compared with
Win2k3, and so kerberised smb signing fails.
Andrew Bartlett
(This used to be commit cfd0df16b74b0432670b33c7bf26316b741b1bde)
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
(This used to be commit 990da31b5f63f1e707651af8bf1a3241a8309811)
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
(This used to be commit 3fd32a12094ff2b6df52f5ab2af7c0ffceb5a4a0)
The new RPC-SCHANNEL test shows that the full credentials state must
be kept in some shared memory, for some length of time. In
particular, clients will reconnect with SCHANNEL (after loosing all
connections) and expect that the credentials chain will remain in the
same place.
To achive this, we do the server-side crypto in a transaction,
including the fetch/store of the shared state.
Andrew Bartlett
(This used to be commit 982a6aa871c9fce17410a9712cd9fa726025ff90)
We should also test netlogon operations, but there are issues with
what state is expected to be stored (far more than we currently do).
Andrew Bartlett
(This used to be commit 39ddba0d0dc4475f9f7c5b7aa19ffff42c9fd1f5)
still missing a configure test to make us
substitute our snprintf to system one when
the system one does not have positional parameters support
(This used to be commit 398f989d6580587eb1fa4fec0b1ed858b5cbe8e1)
Fix asq module, add a second_stage_init to register with rootdse
Fix asq control ldap parsing routines (this was nasty to find out)
(This used to be commit 933a80397d137f7d5b79c82a068d62bb6928ef47)
a plain ldbsearch would just crash
Fix kludge_acl, not passing on the second stage registration
phase to other modules
Simo
(This used to be commit bec99c5cb65d8c32fd4f636ed2f5383fb1b39830)
Until we do not have an internal utf8 compliant
casefloding function we cannot pass this test
in the non-samba build
(This used to be commit 5d93c1eeba8f64784294f3aabcaefa4aaf798355)
safe function if the user provides an utf8
compliant casefold function to ldb.
- Fix toupper_m and tolower_m to not crash if
the case tables are not found
- Let load_case_table() search into the correct
directory in the search tree for the case
tables so that we can test utf8
Simo
(This used to be commit e12f070958eb3c144beb81c5cb878db122249021)
I don't yet know what the extra data in the start_association call mean...
This also let w2k use WREPL_REPL_INFORM messages to us, but w2k3 doesn't
it do it yet...
metze
(This used to be commit 02d6dfa1da754857c28125392a561cfde0087c48)
responses...
Also trust OpenLDAP to be pedantic about it, breaking connections to AD.
In any case, we now get this 'right' (by nasty overloading hacks, but
hey), and we can now use system-supplied OpenLDAP libs and SASL/GSSAPI
to talk to Samba4.
Andrew Bartlett
(This used to be commit 0cbe18211a95f811b51865bc0e8729e9a302ad25)
