sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code
57,710 Commits 60 Branches 1,146 Tags
Commit Graph

231 Commits

Author SHA1 Message Date
Matthias Dieter Wallnöfer
e9686985cb s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed 
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
 2009-10-14 10:50:43 +02:00
Andrew Bartlett
29ef1b2325 s4:kerberos Use MIT compatible names for these enc types 
This is a small start on (ie, the only trivial part of) the work shown in:
http://k5wiki.kerberos.org/wiki/Projects/Samba4_Port#Samba.27s_use_of_Heimdal_symbols.2C_with_MIT_differences
(a table of all Kerberos symbols used in Samba4, and notes on where
they differ from those provided with MIT Kerberos)

Andrew Bartlett
 2009-08-21 17:50:49 +10:00
Andrew Bartlett
47a7a2e442 s4:kerberos Add 'net export keytab' command for wireshark decryption 
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
 2009-07-28 08:52:43 +10:00
Stefan Metzmacher
b7c003c09c Revert "s4:kerberos Add 'net export keytab' command for wireshark decryption" 
This reverts commit a40ce5d0d9d06f592a8885162bbaf644006b9f0f.

This breaks the build...

Andrew, please repush it, when it's fixed:-)

metze
 2009-07-27 17:41:11 +02:00
Andrew Bartlett
a40ce5d0d9 s4:kerberos Add 'net export keytab' command for wireshark decryption 
It is much easier to do decryption with wireshark when the keytab is
available for every host in the domain.  Running 'net export keytab
<keytab name>' will export the current (as pointed to by the supplied
smb.conf) local Samba4 doamin.

(This uses Heimdal's 'hdb' keytab and then the existing hdb-samba4,
and so has a good chance of keeping working in the long term).

Andrew Bartlett
 2009-07-27 22:41:42 +10:00
Don Davis
9aff7b0b59 Rework the kerberos-notes.txt in order and format 
This reworks the notes file to be less stream-of-consciousness and more
task for porting, with a very particular focus on a potential port of
Samba4 to use MIT Kerberos.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-06-30 18:12:02 +10:00
Matthias Dieter Wallnöfer
2627c6c0c2 Fixed some uninitialised variables 
I tried hard to not change the program logic. Should fix bug #6439.
 2009-06-19 11:32:01 +10:00
Andrew Bartlett
9b261c008a s4:heimdal: import lorikeet-heimdal-200906080040 (commit 904d0124b46eed7a8ad6e5b73e892ff34b6865ba) 
Also including the supporting changes required to pass make test

A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).

Andrew Bartlett
 2009-06-12 07:45:48 +10:00
Donald T. Davis
9e7501b2cb Clarify and expand the Kerberos notes made by Andrew Bartlett in 2005 
Compiled with Andrew over a series of phone calls and gobby sessions,
with the aim of documenting Kerberos requirements for Samba to us an
alternate (ie, MIT) Kerberos library.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2009-06-10 11:38:27 +10:00
Stefan Metzmacher
4d96417931 s4:auth/credentials: use krb5_data_free() 
metze
 2009-03-26 15:01:02 +01:00
Stefan Metzmacher
2e82a4ced2 s4:auth/kerberos: s/private/private_data 
metze
 2009-02-02 13:08:05 +01:00
Stefan Metzmacher
c72cbce6ee s4:auth/kerberos: convert to tevent_* api 
metze
 2009-01-03 19:58:56 +01:00
Stefan Metzmacher
5fa0d3d568 s4:socket: use a socket_wrapper aware function to auto close the fd event for sockets 
metze
 2009-01-03 19:58:53 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs 
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
 2008-12-29 20:46:40 +01:00
Jelmer Vernooij
1feab85be6 Rename samba-socket -> samba_socket to fix a couple more compiler 
warnings.
 2008-12-24 00:15:43 +01:00
Stefan Metzmacher
fc31f2c526 s4:lib/socket: socket_connect_send() and socket_connect_ev() should only wrok with addresses 
metze
 2008-12-18 13:32:51 +01:00
Jelmer Vernooij
a76adc5397 Remove two debug parameters, not used anywhere. 
Andrew, I was pretty sure these could be removed but if not, please let
me know.
 2008-11-02 01:03:46 +01:00
Jelmer Vernooij
23302413b3 Remove unused include param/param.h. 2008-10-24 16:37:56 +02:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and 
remove some unused functions.
 2008-10-20 18:59:51 +02:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Matthias Dieter Wallnöfer
b39b6099a4 Cosmetic corrections for the KERBEROS library 
This commit applies some cosmetic corrections for the KERBEROS library.
 2008-09-24 19:40:03 +02:00
Matthias Dieter Wallnöfer
79854dc48a Kerberos cosmetic changes: Revert a part of the patch 
Reverts a part of the patch because it changes the function of the code (suggested by Jelmer).
 2008-09-24 19:40:03 +02:00
Matthias Dieter Wallnöfer
57edd24ca0 Cosmetic corrections for the KERBEROS library 
This commit applies some cosmetic corrections for the KERBEROS library.
 2008-09-24 19:40:03 +02:00
Andrew Bartlett
a35263e1ab Implement NETLOGON PAC verfication on the server-side 
This is implemented by means of a message to the KDC, to avoid having
to link most of the KDC into netlogon.

Andrew Bartlett
(This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
 2008-09-03 15:30:17 +10:00
Andrew Bartlett
c79dff2e9b Heimdal provides Kerberos PAC parsing routines. Use them. 
This uses Heimdal's PAC parsing code in the:
 - LOCAL-PAC test
 - gensec_gssapi server
 - KDC (where is was already used, the support code refactored from here)

In addition, the service and KDC checksums are recorded in the struct
auth_serversupplied_info, allowing them to be extracted for validation
across NETLOGON.

Andrew Bartlett
(This used to be commit 418b440a7b8cdb53035045f3981d47b078be6c1e)
 2008-08-28 16:28:47 +10:00
Stefan Metzmacher
d0f0d5e691 auth/kerberos: remove dependencies to internal heimdal 
metze
(This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)
 2008-08-01 21:10:40 +02:00
Stefan Metzmacher
9cc663af6e auth/kerberos: we don't need to include heimdal private headers 
metze
(This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
 2008-08-01 17:52:37 +02:00
Stefan Metzmacher
35cd60b002 build with the new heimdal version 
(This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
 2008-08-01 16:11:00 +02:00
Andrew Bartlett
be14efbdf9 Revert Jelmer's CFLAGS commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c 
This commit broke the build, because not all files (libreplace, popt)
were updated.

Andrew Bartlett
(This used to be commit 3faacf4351d68a10aea78b53768571d2059772ae)
 2008-05-31 08:35:55 +10:00
Jelmer Vernooij
39f50afc57 Move CFLAGS handling out of smb_build. 
(This used to be commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c)
 2008-05-30 02:07:28 +02:00
Jelmer Vernooij
60ae8f0657 Fix a bunch of dependencies. 
(This used to be commit a63f458462d207d215a6e4ef8e480b0c8daedf6a)
 2008-05-18 23:40:23 +02:00
Jelmer Vernooij
4c70cda986 Fix a couple (well, little more than that..) of typos. 
(This used to be commit a6b52119940a900fb0de3864b8bca94e2965cc24)
 2008-05-18 23:02:47 +02:00
Jelmer Vernooij
4c8756f147 Create prototype headers from Makefile directory, without smb_build in the middle. 
(This used to be commit f4a77b96f9c17d853348b70794026e5b9e384942)
 2008-05-18 22:30:08 +02:00
Jelmer Vernooij
137ec6e340 Use variables for source directory in a couple more places. 
(This used to be commit 2860a7db5968c7007522cdb300eba390da929ab8)
 2008-05-18 19:46:09 +02:00
Jelmer Vernooij
b5d84a74d1 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3 
Conflicts:

	source/auth/credentials/config.mk
	source/auth/gensec/config.mk
	source/build/smb_build/makefile.pm
	source/heimdal_build/config.mk
	source/lib/events/config.mk
	source/lib/nss_wrapper/config.mk
	source/lib/policy/config.mk
	source/lib/registry/config.mk
	source/lib/socket_wrapper/config.mk
	source/lib/tdb/config.mk
	source/lib/tls/config.mk
	source/lib/util/config.mk
	source/libcli/config.mk
	source/libcli/ldap/config.mk
	source/libnet/config.mk
	source/librpc/config.mk
	source/param/config.mk
	source/rpc_server/config.mk
	source/scripting/ejs/config.mk
	source/smbd/process_model.mk
(This used to be commit 760378e0294dd0cd4523a83448328478632d7e3d)
 2008-04-08 03:45:06 +02:00
Jelmer Vernooij
afe3e8172d Install public header files again and include required prototypes. 
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
 2008-04-02 04:53:27 +02:00
Jelmer Vernooij
18d80bdf1f Merge v4.0-test 
(This used to be commit 977dbdeaf363c8905ed9fd0570eba4be80582833)
 2008-03-28 00:44:14 +01:00
Andrew Bartlett
87e6d7eab1 Don't require users of credentials.h to have krb5.h and gssapi.h 
Rather than require users of Samba4's headers to have krb5-devel
installed (presumably in their system paths), don't expose the minor
functions which require this by default.

Andrew Bartlett
(This used to be commit f14737e4d2040d2f401a3b20c5e78d0d793cfc3a)
 2008-03-17 15:22:52 +11:00
Jelmer Vernooij
b29d47edcf Move object file lists to the Makefile. 
(This used to be commit a7e6d2a1832db388fdafa1279f84c9a8bbfc87d6)
 2008-03-03 18:25:28 +01:00
Jelmer Vernooij
37deca2d41 Avoid use of global_loadparm. 
(This used to be commit c5a95bbe0ce55c29e135a9c6058bf192ec3bb546)
 2008-02-21 14:16:02 +01:00
Jelmer Vernooij
939edd0eb7 util: Move asn1 to lib/util to trim down the number of subsystems. 
(This used to be commit 44e1cfd2d0ef62e4ee541cec00581a7151d951b3)
 2008-01-15 01:04:38 +01:00
Jelmer Vernooij
9d136bc0a3 r26640: Janitorial: Remove some more uses of global_loadparm. 
(This used to be commit c863f4ebde8efa1a695b4469142d6719e30bc419)
 2008-01-01 19:57:01 -06:00
Jelmer Vernooij
7d5f0e0893 r26639: librpc: Pass iconv convenience on from RPC connection to NDR library, so it can be overridden by OpenChange. 
(This used to be commit 2f29f80e07adef1f020173f2cd6d947d0ef505ce)
 2008-01-01 16:12:15 -06:00
Jelmer Vernooij
86dc05e99f r26638: libndr: Require explicitly specifying iconv_convenience for ndr_struct_push_blob(). 
(This used to be commit 61ad78ac98937ef7a9aa32075a91a1c95b7606b3)
 2008-01-01 16:12:11 -06:00
Jelmer Vernooij
1afe054916 r26474: Move credentials-specific kerberos file to credentials subsystem. Fixes missing symbols in some of the python bindings. 
(This used to be commit e26d0fff6d40899113196ac35a86a9baa10cc9c2)
 2007-12-21 05:50:34 +01:00
Jelmer Vernooij
a21a484a01 r26460: Enable ldb python tests. 
(This used to be commit 25e982453142eb7d2f68c0751d641581b46fbb49)
 2007-12-21 05:50:27 +01:00
Jelmer Vernooij
bf6d40f271 r26449: Support configuration without a known configuration dir. 
(This used to be commit d3643c2152a490952e59ee15b7a62ad3ad465462)
 2007-12-21 05:50:14 +01:00
Jelmer Vernooij
1ea47faa97 r26397: Fix circular dependency in samba-socket. 
(This used to be commit 801c8c766cb6a104751be8829593e0e123508134)
 2007-12-21 05:49:26 +01:00
Jelmer Vernooij
5f4842cf65 r26376: Add context for libcli_resolve. 
(This used to be commit 459e1466a411d6f83b7372e248566e6e71c745fc)
 2007-12-21 05:49:12 +01:00
Jelmer Vernooij
038c75c0cb r26357: Add separate subsystem for auth_sam_reply parsing. 
(This used to be commit 2d61e7c96e249d7031b709e9f727626a78e435f1)
 2007-12-21 05:49:02 +01:00