sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-08 04:58:40 +03:00
Code
64,412 Commits 62 Branches 1,155 Tags
Commit Graph

369 Commits

Author SHA1 Message Date
Andrew Bartlett
d76e4852eb s4:kdc Rework the 'allowed enc types' calculation 
This changes the calculation to apply the allowed enc types to all
uses of the key (no point allowing a weak kinit to a key the server
wanted strongly protected).  It also ensures that all the non-DES keys
are available on the krbtgt in particular, even as it does not have a
msds-SupportedEncryptionTypes attributes.

Andrew Bartlett
 2010-06-29 16:59:30 +10:00
Matthias Dieter Wallnöfer
0c29224da3 s4:kdc/kdc.c - add cast to suppress warnings on Solaris 10 cc 2010-06-26 19:43:51 +02:00
Matthias Dieter Wallnöfer
c8a5ed8db9 s4:kdc/kpasswdd.c - remove unreachable code 2010-06-26 19:42:29 +02:00
Jelmer Vernooij
c5d07d2a1a Per Andrews request, revert 
"heimdal/waf: Initial work on making it possible to use the system"
as the hdb_check_s4u2self function handling is incorrect.

This reverts commit b099631f428d0ecc641d59bd3c94674e6348dde9.
 2010-06-23 14:49:02 +02:00
Andrew Bartlett
80701e5f29 s4:kdc Use msDS-SupportedEncTypes in our KDC 
We need to honour this, otherwise we will send AES-encrypted tickets
to unprepared Kerberos targets.

Andrew Bartlett
 2010-06-23 20:10:01 +10:00
Matthias Dieter Wallnöfer
ecbe9a74c6 s4:kdc/db-glue.c - remove unreachable code 
Would be nice if someone could check if this fits.
 2010-06-20 22:33:03 +02:00
Jelmer Vernooij
b099631f42 heimdal/waf: Initial work on making it possible to use the system 
heimdal again.

Still missing are the detection of the right Heimdal version and
linking (unresolved symbols at the moment).
 2010-06-19 15:32:27 +02:00
Andrew Bartlett
e5232bdc69 s4:kdc Remove special talloc_free of the ldb context 
I can see no reason not to just let this go with the talloc tree that
created it, and avoid a talloc_free with references.

Andrew Bartlett
 2010-05-28 21:59:04 +10:00
Jelmer Vernooij
390ada6ec7 Remove more usages of iconv_convenience in files which were apparently not recompiled by waf. 2010-05-18 11:45:31 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Matthias Dieter Wallnöfer
6e8098b261 s4:samdb_set_password/samdb_set_password_sid - Rework 
Adapt the two functions for the restructured "password_hash" module. This
means that basically all checks are now performed in the mentioned module.

An exception consists in the SAMR password change calls since they need very
precise NTSTATUS return codes on wrong constraints ("samr_password.c") file
 2010-05-10 19:07:46 +02:00
Marcel Ritter
6be72df736 Simple fix to prevent crash for non-pac principals 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-04-27 16:41:51 +10:00
Matthias Dieter Wallnöfer
c678563efe s4:kdc/db-glue.c - use "TALLOC_FREE" insteal of "talloc_free" for the "priv" context 
Also after a free "priv" could be != NULL and may be freed again.
This should fix bug #7365.
 2010-04-17 20:10:27 +02:00
Matthias Dieter Wallnöfer
827ccdf6b9 s4:kdc/wdc-samba4.c - fix integer counter types 2010-04-12 02:03:12 +02:00
Matthias Dieter Wallnöfer
ad898fd638 s4:kdc/db-glue.c - fix integer counter types 2010-04-12 02:03:11 +02:00
Andrew Bartlett
f2b63d58da s4:kdc Add functions to hdb-samba4 for the new s4u2self callback. 
For now, this shares the 'if it's the same host' system with the
constrained delegation code.

Andrew Bartlett
 2010-04-10 21:40:59 +10:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
844acb2260 build: waf quicktest nearly works 
Rewrote wafsamba using a new dependency handling system, and started
adding the waf test code
 2010-04-06 20:26:48 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Andrew Bartlett
5f6f7a2e51 s4:kdc Add support for changing password of a servicePrincipalName 
Apparently AD supports setting a password on a servicePrincipalName,
not just a user principal name.  This should fix (part of) the join of
OpenSolaris's internal CIFS server to Samba4 as reported by Bug #7273

Andrew Bartlett
 2010-03-25 16:32:04 +11:00
Andreas Schneider
c3b90f00d4 s4-kdc: Fixed the memory context of tstream_bsd_existing() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-02-26 12:08:53 +01:00
Simo Sorce
d8cbc6ccdb s4:kdc add mit plugin code 2010-02-25 13:01:14 -05:00
Simo Sorce
489f78d19e s4:kdc make function static 2010-02-25 13:01:14 -05:00
Brad Hards
1e986c1cb3 More spelling fixes across source4/ 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-22 21:45:38 +01:00
Brad Hards
7a23b9769b Various source4 spelling fixes. 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-22 21:45:37 +01:00
Andrew Tridgell
0bedb9cf5e s4-dsdb: removed gendb_search_single_extended_dn() 
Use dsdb_search_one() instead, which allows for arbitrary controls

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-02-16 21:10:51 +11:00
Andrew Tridgell
90203f87e7 s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags 
This allows for controls to be added easily where they are needed.
 2010-02-16 21:10:50 +11:00
Simo Sorce
30797cec7d s4:kdc Fill in created_by principal field 2010-02-12 16:39:33 -05:00
Simo Sorce
2e2b7e8259 s4:kdc Fix double free and uninitialized memory. 
In samba_kdc_trust_message2entry() on error, hdb_free_entry()
may end up trying to access uninitialized memory or double
free the hdb_entry.
 2010-02-12 16:39:26 -05:00
Simo Sorce
b116d4e5b9 s4:kdc Streamline client access verification call 
Move the core to pac-glue so that other plugins can use it.
 2010-01-31 13:25:17 -05:00
Simo Sorce
0520bd7782 s4:kdc Fix netbios name retrieval 
The code was looping but always checking only the first address.
 2010-01-31 13:25:17 -05:00
Simo Sorce
14e006747e s4:kdc remove dead code and comments 2010-01-28 19:33:34 -05:00
Simo Sorce
7b355d41b5 s4:kdc Fill in more data fields 2010-01-28 19:33:34 -05:00
Simo Sorce
3ce54a4a97 s4:kdc move db functions in their own file 
Keep all heimdal related plugin code within hdb_samba4.c
Move interfaces needed by multiple plugins in db-glue.c

Move sequence context in main db context so that we do
not depend on db->hdb_dbc in the common code.

Remove unnecessary paremeters from function prototypes
 2010-01-28 19:33:34 -05:00
Simo Sorce
a097527ab7 s4:kdc Use a clearer name for the samba kdc entry 
Renames hdb_samba4_private to samba_kdc_entry
Streamlines members of the entry and the kdc db contextto avoid
unnecessary duplication.
 2010-01-28 19:33:34 -05:00
Simo Sorce
c6865af445 s4:kdc Use better db context structure 
This allows to use a common structure not tied to hdb_samba4
Also allows to avoid many casts within hdb_samba4 functions

This is the first step to abstract samba kdc databse functions
so they can be used by the MIT forthcoming plugin.
 2010-01-28 19:33:34 -05:00
Simo Sorce
b63b9bcd42 s4:windc move windc plugin in its own file 
Keep all heimdal related plugin code within wdc-samba4.c
Leave only interfaces common to multiple plugins in pac-glue.c
 2010-01-27 14:03:06 -05:00
Simo Sorce
1f2e9e90bd s4:PAC make common functions public 2010-01-27 14:03:06 -05:00
Simo Sorce
82a80b7f71 s4:PAC Streamline pac-glue step 2 
Split functions so that no assumption is made about which plugin
is using them
 2010-01-27 14:03:06 -05:00
Simo Sorce
85e3561dc9 s4:PAC Streamline pac-glue 
First step, preparing to share the code between multiple plugins.
 2010-01-27 14:03:06 -05:00
Simo Sorce
4c548048c5 s4:kdc Simplify header files 2010-01-22 11:16:24 -05:00
Simo Sorce
e0e255fb24 Fix comment/debug messages 2010-01-11 11:55:28 -05:00
Simo Sorce
7eee8e053b Fix comment 2010-01-08 17:01:02 -05:00
Andreas Schneider
0588f34467 s4-kdc: Migrate tcp connections to tsocket. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-01-08 14:38:35 +01:00
Stefan Metzmacher
42c34cdafa s4:kdc: use LIBSAMBA_TSOCKET 
metze
 2010-01-08 14:36:49 +01:00
Stefan Metzmacher
d97562b382 s4:kdc: the ->process function returns "bool" 
metze
 2010-01-08 14:36:49 +01:00
Stefan Metzmacher
5126b52810 s4:kdc: use the remote and local address from the stream_connection struct 
metze
 2009-12-24 17:38:33 +01:00
Simo Sorce
67d1af4384 s4:cleanups More trailing spaces and tabs 2009-12-23 15:17:56 -05:00
Simo Sorce
da27d4e465 s4:cleanups remove trailing spaces and tabs 2009-12-23 15:09:49 -05:00