Andrew Bartlett
2c2fde57fa
Update copyright
...
(This used to be commit edea162a0e
)
2008-09-05 16:45:58 +10:00
Andrew Bartlett
a35263e1ab
Implement NETLOGON PAC verfication on the server-side
...
This is implemented by means of a message to the KDC, to avoid having
to link most of the KDC into netlogon.
Andrew Bartlett
(This used to be commit 82fcd7941f
)
2008-09-03 15:30:17 +10:00
Andrew Bartlett
c79dff2e9b
Heimdal provides Kerberos PAC parsing routines. Use them.
...
This uses Heimdal's PAC parsing code in the:
- LOCAL-PAC test
- gensec_gssapi server
- KDC (where is was already used, the support code refactored from here)
In addition, the service and KDC checksums are recorded in the struct
auth_serversupplied_info, allowing them to be extracted for validation
across NETLOGON.
Andrew Bartlett
(This used to be commit 418b440a7b
)
2008-08-28 16:28:47 +10:00
Stefan Metzmacher
d3265b01e5
kdc: move references to heimdal internals into heimdal_build/kpasswd-glue.h
...
metze
(This used to be commit 65057f17b0
)
2008-08-26 12:30:03 +02:00
Andrew Bartlett
7f86b26a35
Only allow the trust in the correct direction (per the flags).
...
(This used to be commit 2c71954294
)
2008-08-26 10:27:00 +10:00
Andrew Bartlett
9eacc3a8f3
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
...
(This used to be commit a555334db6
)
2008-08-25 08:27:06 +10:00
Stefan Metzmacher
d0a8c05cb2
kdc/pac-glue: pull/push the logon_info via the PAC_INFO union
...
This prepares the next commit...
metze
(This used to be commit 7d297f7fb7
)
2008-08-20 15:23:02 +02:00
Andrew Bartlett
fe95409de7
Trusted domains implementation for the KDC.
...
At this stage, only arcfour-hmac-md5 trusts are used, and all trusts
are presumed bi-directional. Much more work still to be done.
Andrew Bartlett
(This used to be commit 3e9f5c2816
)
2008-08-15 21:16:20 +10:00
Andrew Bartlett
5f873a4d8f
More work towards trusted domain support in the KDC.
...
(This used to be commit c87d732b23
)
2008-08-08 10:35:57 +10:00
Andrew Bartlett
8930a2159d
Start implementind domain trusts in our KDC.
...
Andrew Bartlett
(This used to be commit 8aba7c3623
)
2008-08-05 12:46:57 +10:00
Stefan Metzmacher
5fd1c5445b
libreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers
...
metze
(This used to be commit cffed8e19e
)
2008-08-01 21:10:40 +02:00
Stefan Metzmacher
f2ac351d6e
kdc: use mostly only public kerberos headers
...
We shoule avoid using the private heimdal function
_krb5_principalname2krb5_principal()
metze
(This used to be commit 10db07c69a
)
2008-08-01 17:54:34 +02:00
Stefan Metzmacher
7b4081da8f
Revert "Start implementind domain trusts in our KDC."
...
This reverts commit 736ce50afd
.
This breaks the build...
metze
(This used to be commit afd07073b9
)
2008-08-01 15:22:25 +02:00
Andrew Bartlett
2a0677e514
Start implementind domain trusts in our KDC.
...
Andrew Bartlett
(This used to be commit 736ce50afd
)
2008-07-31 07:47:01 +10:00
Stefan Metzmacher
79657f78e8
hdb-ldb: fix the callers after drsblobs.idl changes
...
metze
(This used to be commit 1223cd17c7
)
2008-07-24 08:24:10 +02:00
Stefan Metzmacher
0842eb25a1
hdb-ldb: try to find Primary:Kerberos-Newer-Keys and fallback to Primary:Kerberos
...
Now provide AES tickets if we find the keys in the supplementalCredentials attribute
metze
(This used to be commit 8300259f10
)
2008-07-23 14:46:11 +02:00
Stefan Metzmacher
fa40b0709a
hdb-ldb: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE
...
metze
(This used to be commit 7219740ef4
)
2008-07-23 14:46:08 +02:00
Stefan Metzmacher
b4e9e8954a
hdb-ldb: fix comment about padding
...
metze
(This used to be commit ca28d05b11
)
2008-07-23 14:46:06 +02:00
Stefan Metzmacher
75cdaa4c84
hdb-ldb: fix crash bug in the error path
...
metze
(This used to be commit ac02d6a0f7
)
2008-07-23 14:46:06 +02:00
Stefan Metzmacher
71ce9975fa
kdc: we don't need any *_locl.h header from heimdal in the kdc
...
metze
(This used to be commit feca16dd6d
)
2008-06-04 15:39:17 +02:00
Andrew Bartlett
be14efbdf9
Revert Jelmer's CFLAGS commit e2b71a0ecb
...
This commit broke the build, because not all files (libreplace, popt)
were updated.
Andrew Bartlett
(This used to be commit 3faacf4351
)
2008-05-31 08:35:55 +10:00
Jelmer Vernooij
39f50afc57
Move CFLAGS handling out of smb_build.
...
(This used to be commit e2b71a0ecb
)
2008-05-30 02:07:28 +02:00
Jelmer Vernooij
4c70cda986
Fix a couple (well, little more than that..) of typos.
...
(This used to be commit a6b5211994
)
2008-05-18 23:02:47 +02:00
Jelmer Vernooij
4c8756f147
Create prototype headers from Makefile directory, without smb_build in the middle.
...
(This used to be commit f4a77b96f9
)
2008-05-18 22:30:08 +02:00
Jelmer Vernooij
4f0db42958
Use variables for source directory in a couple more places.
...
(This used to be commit 56bb2907c6
)
2008-05-18 19:41:33 +02:00
Jelmer Vernooij
cc9c4aaa8d
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3
...
Conflicts:
source/Makefile
source/auth/config.mk
source/auth/gensec/config.mk
source/build/m4/public.m4
source/build/make/python.mk
source/build/make/rules.mk
source/build/smb_build/header.pm
source/build/smb_build/main.pl
source/build/smb_build/makefile.pm
source/dsdb/config.mk
source/dsdb/samdb/ldb_modules/config.mk
source/kdc/config.mk
source/lib/events/config.mk
source/lib/events/events.c
source/lib/ldb/config.mk
source/lib/nss_wrapper/config.mk
source/lib/policy/config.mk
source/lib/util/config.mk
source/libcli/smb2/config.mk
source/libnet/config.mk
source/librpc/config.mk
source/nbt_server/config.mk
source/ntptr/ntptr_base.c
source/ntvfs/posix/config.mk
source/ntvfs/sysdep/config.mk
source/param/config.mk
source/rpc_server/config.mk
source/rpc_server/service_rpc.c
source/scripting/ejs/config.mk
source/scripting/python/config.mk
source/smb_server/config.mk
source/smbd/server.c
source/torture/config.mk
source/torture/smb2/config.mk
source/wrepl_server/config.mk
(This used to be commit 13bbd42068
)
2008-04-25 10:04:20 +01:00
Jelmer Vernooij
21fc767378
Specify event_context to ldb_wrap_connect explicitly.
...
(This used to be commit b4e1ae07a2
)
2008-04-17 12:23:44 +02:00
Jelmer Vernooij
1efbd5fbf6
Remove event context tracking from the credentials struct.
...
(This used to be commit 4d7fc946b2
)
2008-04-17 01:03:18 +02:00
Jelmer Vernooij
ffc5cbfe80
Move object files lists to makefile rather than smb_build.
...
(This used to be commit 5628d58990
)
2008-04-14 16:53:00 +02:00
Jelmer Vernooij
18d80bdf1f
Merge v4.0-test
...
(This used to be commit 977dbdeaf3
)
2008-03-28 00:44:14 +01:00
Andrew Bartlett
dc49ae599e
Remove useless extra argument to samdb_result_account_expires().
...
Andrew Bartlett
(This used to be commit bc607c334f
)
2008-03-25 15:25:13 +11:00
Andrew Bartlett
a08e951eb8
Remove unused variable.
...
(This used to be commit 1de21f5fdd
)
2008-03-19 11:15:04 +11:00
Andrew Bartlett
aaf62085dd
Merge branch 'v4-0-logon' of git://git.id10ts.net/samba into 4-0-local
...
(This used to be commit 8252b51850
)
2008-03-19 11:04:42 +11:00
Andrew Bartlett
9e6b0c2871
Merge lorikeet-heimdal -r 787 into Samba4 tree.
...
Andrew Bartlett
(This used to be commit d88b530522
)
2008-03-19 10:17:42 +11:00
Andrew Kroeger
131111f166
kdc: Provide extended error information in AS-REP error replies.
...
This change utilizes the addition of the e_data parameter to the windc_plugin in
the heimdal code to pass extended information back to the client. The extended
information is provided in an e-data block as part of the kerberos error
message, and allows the client to determine which specific error condition
occurred.
(This used to be commit 502466ba95
)
2008-03-13 01:17:48 -05:00
Jelmer Vernooij
fb6fdfce37
Fix the build.
...
(This used to be commit f2e4974471
)
2008-03-08 17:02:40 +01:00
Jelmer Vernooij
fc2cd5ed63
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3
...
(This used to be commit e4da851bd7
)
2008-03-07 18:03:54 +01:00
Andrew Kroeger
e9171397ec
Enhance mappings of NTSTATUS to KRB5KDC errors.
...
The enhanced mappings allow the Windows client to determine whether a user's
password needs to be changed (and allows them to change it), or if they cannot
logon at all.
Changes still need to be made to allow additional data to be returned. Windows
uses that additional data to display more detailed dialogs to the user. The
additional information is returned in an e-data struct of type PA-PW-SALT that
contains the more-detailed NTSTATUS error code.
(This used to be commit 6a98e5a7aa
)
2008-03-07 05:59:56 -06:00
Andrew Kroeger
20c7014009
Update account expiration to use new samdb_result_account_expires() function.
...
(This used to be commit 2b6b4e5a16
)
2008-03-07 05:59:56 -06:00
Jelmer Vernooij
6cf92e604d
Fix the build.
...
(This used to be commit 49ef8d0c19
)
2008-03-04 13:06:08 +01:00
Jelmer Vernooij
b29d47edcf
Move object file lists to the Makefile.
...
(This used to be commit a7e6d2a183
)
2008-03-03 18:25:28 +01:00
Jelmer Vernooij
c38c2765d1
Remove yet more uses of global_loadparm.
...
(This used to be commit e01c1e87c0
)
2008-02-21 17:17:37 +01:00
Jelmer Vernooij
263a77c561
Remove more uses of global_loadparm.
...
(This used to be commit a1715b1f48
)
2008-02-21 15:45:32 +01:00
Jelmer Vernooij
d9f8232c34
Remove more uses of global_loadparm.
...
(This used to be commit 230355d2e6
)
2008-02-21 15:21:45 +01:00
Jelmer Vernooij
921b176484
Remove more uses of global_loadparm.
...
(This used to be commit 47d05ecf6f
)
2008-02-21 14:50:57 +01:00
Jelmer Vernooij
37deca2d41
Avoid use of global_loadparm.
...
(This used to be commit c5a95bbe0c
)
2008-02-21 14:16:02 +01:00
Jelmer Vernooij
3f63d2fe4d
Fix unresolved symbols.
...
(This used to be commit dbcecb6d8f
)
2008-02-18 17:24:29 +01:00
Andrew Bartlett
0f8eeb81ec
Remove useless layer of indirection, where every service called
...
task_service_init() manually. Now this is called from service.c for
all services.
Andrew Bartlett
(This used to be commit 9c9a4731ca
)
2008-02-04 21:58:29 +11:00
Andrew Bartlett
23d681caf9
Rework service init functions to pass down service name. This is
...
needed to change prefork behaviour based on what service is being
started.
Andrew Bartlett and David Disseldorp
(This used to be commit 0d830580e3
)
2008-02-04 17:48:51 +11:00
Jelmer Vernooij
df408d056e
r26672: Janitorial: Remove uses of global_loadparm.
...
(This used to be commit 18cd08623e
)
2008-01-05 13:06:03 -06:00