IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When emulating Samba3 (which we do to ensure we don't break
compatability), don't do mutual authentication by default, as it
breaks the session key with AES and isn't what Samba3 does anyway.
Andrew Bartlett
This allows the older 'like Samba3' GENSEC krb5 implementation to work
against Windows 2008. I'm using this to track down interop issues in
this area.
Andrew Bartlett
Also including the supporting changes required to pass make test
A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).
Andrew Bartlett
This means it must be accessed via the supplied auth_context in the
GENSEC server, and should remove the hard depenceny of GENSEC on the
auth subsystem and ldb (allowing LDB not to rely on LDB is considered
a good thing, apparently)
Andrew Bartlett
When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.
This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.
Andrew Bartlett
4, even though the macros are still different.
This makes it possible to use object code compiled with one DEBUG()
macro from the other sourceX directory.
ldap server suddenly dies.
We were creating a wrong talloc hierarchy, so the event.fde was not
freed automatically as expected. This in turn made the event system call
the ldap io handlers with a null packet structure, causing a segfault.
Fix also the ordering in ldap_connection_dead()
Thanks to Metze for the huge help in tracking down this one.
This uses Heimdal's PAC parsing code in the:
- LOCAL-PAC test
- gensec_gssapi server
- KDC (where is was already used, the support code refactored from here)
In addition, the service and KDC checksums are recorded in the struct
auth_serversupplied_info, allowing them to be extracted for validation
across NETLOGON.
Andrew Bartlett
(This used to be commit 418b440a7b8cdb53035045f3981d47b078be6c1e)
This will allow a torture suite to inspect some otherwise internal
details.
Andrew Bartlett
(This used to be commit 9701149ef75f9771f42000e2b6f44963abfee938)
This only works for sign/verify_packet() yet,
seal/unseal_packet() doesn't work yet...
metze
(This used to be commit c62e5d23a69789d23516a6d150fd3b756e270998)
