sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-05 20:58:40 +03:00
Code
17,053 Commits 62 Branches 1,154 Tags
Commit Graph

17053 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Metzmacher
746d3c8ff9 rpc_server: add support for DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN 
you need "dcesrv:header signing=yes" to enable it.

metze
(This used to be commit bde2496e6b7034c99243b22434a97aebeb8f75b9)
 2008-08-07 15:40:20 +02:00
Stefan Metzmacher
50f82609b5 librpc/rpc: add support DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN 
You can trigger it like this:

ncacn_ip_tcp:172.31.9.234[sign,hdrsign]

or

ncacn_ip_tcp:172.31.9.234[seal,hdrsign]

metze
(This used to be commit 54f1fca582b1474693b5ee11b7b847086d27f75f)
 2008-08-07 15:40:20 +02:00
Stefan Metzmacher
b3573ce76e librpc/rpc: pass struct dcerpc_pipe to dcerpc_auth3() 
metze
(This used to be commit 60b3523da485d845b1d930d990688d8434d39ef3)
 2008-08-07 15:40:20 +02:00
Stefan Metzmacher
fd84beb194 gensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER 
This only works for sign/verify_packet() yet,
seal/unseal_packet() doesn't work yet...

metze
(This used to be commit c62e5d23a69789d23516a6d150fd3b756e270998)
 2008-08-07 15:40:00 +02:00
Stefan Metzmacher
fe7e90cca4 gensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag 
metze
(This used to be commit d7dfdbaf34843cb6783d8e686e659c53c5ac27ef)
 2008-08-07 15:06:59 +02:00
Jelmer Vernooij
b1f85bfb00 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage 
(This used to be commit 8e201ecf3e86c3c8865c7276fad8dad07106efaf)
 2008-08-01 21:36:49 +02:00
Jelmer Vernooij
47124efe42 Add helper object Hostconfig to make it easier to get to e.g. the 
SAM database.
(This used to be commit be75b2a36ee49f66ada3ec3ababa82d74085d559)
 2008-08-01 21:12:37 +02:00
Stefan Metzmacher
d9ad17f945 heimdal: add experimental --enable-external-heimdal 
This should only be used for testing and when you're
absolutly sure the installed heimdal libraries
support the features we need.

(E.g. heimdal-1.2 or lower should NOT work)

metze
(This used to be commit 66b76b018d6048cec63a75b24ec4c099f6a2eb8c)
 2008-08-01 21:10:40 +02:00
Stefan Metzmacher
5fd1c5445b libreplace: include <krb5.h> and <com_err.h> and no heimdal specific headers 
metze
(This used to be commit cffed8e19e22a1fa7b7a322b153df5d54e4c3be2)
 2008-08-01 21:10:40 +02:00
Stefan Metzmacher
d0f0d5e691 auth/kerberos: remove dependencies to internal heimdal 
metze
(This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)
 2008-08-01 21:10:40 +02:00
Stefan Metzmacher
d96c5758f6 heimdal_build/internal: add some useful defines 
metze
(This used to be commit b9727d612bd2e9cf67ca2d4a9c60dc13d4bed5be)
 2008-08-01 21:10:39 +02:00
Stefan Metzmacher
59737cddfb heimdal: fix dependency 
metze
(This used to be commit 9e8b95dc8d577ea33504f0fb463d4648393e045b)
 2008-08-01 21:10:39 +02:00
Stefan Metzmacher
112084929e lib/crypto: remove dependency to internal heimdal 
metze
(This used to be commit 9138fc6639fae7a5567c395254277199c89b0dcb)
 2008-08-01 21:10:39 +02:00
Stefan Metzmacher
b2023570c4 build: remove warning about missing generated include file 
metze
(This used to be commit 495d068df55a94d48f2a4d2e7f2060fb42f66dbd)
 2008-08-01 21:10:39 +02:00
Jelmer Vernooij
1c94f3e95d Use new style python classes. 
(This used to be commit 2a39aae0cef310a79427feb1b85f6794ea36849a)
 2008-08-01 21:00:09 +02:00
Jelmer Vernooij
fff006bd84 Move domain DN determination out of newuser function. 
(This used to be commit cbac27e6faa99ebaa3e6d653017c968db836560a)
 2008-08-01 20:47:22 +02:00
Jelmer Vernooij
3b4ff07ded Actually fix missing substitution variables. 
(This used to be commit 783412ecb27d646b171993da0ac2f11a821901d3)
 2008-08-01 20:47:03 +02:00
Jelmer Vernooij
2fbe25b39d Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage 
(This used to be commit c87a8ba1fef1ba508ad6527d0bae4bcdd5b3cb69)
 2008-08-01 20:17:56 +02:00
Jelmer Vernooij
3573420d7d Fix some forgotten substitute variables in provision, add check to prevent this sort of regression in the future. 
(This used to be commit a461118f3b668779f907c4d77cebe1e76fa4e39f)
 2008-08-01 20:17:29 +02:00
Stefan Metzmacher
f2ac351d6e kdc: use mostly only public kerberos headers 
We shoule avoid using the private heimdal function
_krb5_principalname2krb5_principal()

metze
(This used to be commit 10db07c69addce6e90851fb55738d5f9e142946b)
 2008-08-01 17:54:34 +02:00
Stefan Metzmacher
9cc663af6e auth/kerberos: we don't need to include heimdal private headers 
metze
(This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)
 2008-08-01 17:52:37 +02:00
Stefan Metzmacher
c251443e73 gensec_gssapi: include <gssapi/gssapi.h> 
metze
(This used to be commit 49e01d00bded74190c8e3049ac5883fe211e86fd)
 2008-08-01 17:52:37 +02:00
Stefan Metzmacher
fed1cc2c6d heimdal_build: we should only use PRIVATE_DEPENDENCIES 
metze
(This used to be commit 694f5124a523538117bf5d35be1a2d4f275ad0c2)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
f4140cfdb0 build: autogenerate heimdal basics 
metze
(This used to be commit f19d2182b802a49449cbb9e4e6334f223ceb284d)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
8dede49961 build: autogenarate VPATH by configure 
metze
(This used to be commit 16147753adcdbdc0ee9faa16fafb1c74240a6858)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
86c9db8d4a heimdal: add missing files 
metze
(This used to be commit b395cd7acdb3ca5b25368fbbad0606efe4699d04)
 2008-08-01 17:49:45 +02:00
Stefan Metzmacher
ca086c9e2c auth_server: set the workstation name 
metze
(This used to be commit 6d640ee4b84c72f6c2da0ee047c9bac916bf3e57)
 2008-08-01 17:27:18 +02:00
Stefan Metzmacher
9f5325ce39 heimdal: add missing file heimdal/lib/gssapi/mech/gss_pseudo_random.c 
metze
(This used to be commit 3bd7e68a5cfe80733782367e327b570d04b21586)
 2008-08-01 17:27:18 +02:00
Stefan Metzmacher
35cd60b002 build with the new heimdal version 
(This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)
 2008-08-01 16:11:00 +02:00
Stefan Metzmacher
a925f039ee heimdal: update to lorikeet-heimdal rev 801 
metze
(This used to be commit d6c54a66fb23c784ef221a3c1cf766b72bdb5a0b)
 2008-08-01 16:11:00 +02:00
Stefan Metzmacher
cf875a5621 build: allow flex-2.34 together with bison-2.3 
metze
(This used to be commit 8bd30a7b4392642ef5184f959d801716d2db20b2)
 2008-08-01 16:10:59 +02:00
Stefan Metzmacher
d087545deb auth/ntlmssp: don't crash when the backend give no challenge 
metze
(This used to be commit c01fee80a79cd9e0f7bb295333bb03bd37328d05)
 2008-08-01 16:10:59 +02:00
Stefan Metzmacher
f1cdce5963 auth_server: fix the logic of server_get_challenge() 
metze
(This used to be commit 699e3cdb52acdf2524347d8c053730306c579dd9)
 2008-08-01 15:54:57 +02:00
Stefan Metzmacher
5d68244a27 auth_server: fix segfault reported by Julien Kerihuel <j.kerihuel@openchange.org> 
metze
(This used to be commit c2cc8ef943e8c2e02edb1eb20214de245cc6914c)
 2008-08-01 15:22:25 +02:00
Stefan Metzmacher
7b4081da8f Revert "Start implementind domain trusts in our KDC." 
This reverts commit 736ce50afd9da9b5fbc3db777fd5341dfa4b721a.

This breaks the build...

metze
(This used to be commit afd07073b9caa4b5f7d2ad747e79afaec4203506)
 2008-08-01 15:22:25 +02:00
Andrew Bartlett
43d2329da6 Update to a working trustAuthIncoming and trustAuthOutgoing parser. 
This is based on the docs, as well as testing against a domain trust
in windows.

Clearly it needs to be more general - perhaps a non IDL parser?

Andrew Bartlett
(This used to be commit 816bb64a56a75d1eb5e879b4abf211af27243686)
 2008-07-31 23:17:20 +10:00
Andrew Bartlett
358a11c6f3 Print trustAuthOutgoing and trustAuthIncoming in RPC-DSSYNC 
(This used to be commit 6673a6e62399c4956a44a06685aa91ce8145b92a)
 2008-07-31 21:23:48 +10:00
Andrew Bartlett
2cc32c4988 Use the cldap reply to avoid segfaulting in RPC-DSSYNC 
Also don't fail the test if the server does not implement the NT4
changelog.

Andrew Bartlett
(This used to be commit 514d88580bee3bb17f1032262f5518e3ab2a349a)
 2008-07-31 10:51:59 +10:00
Andrew Bartlett
2afd7d6d66 Don't fail if the domain has a trust already. 
Andrew Bartlett
(This used to be commit c2df7ffa6d67dd9381d10397c679746547cd5e17)
 2008-07-31 09:07:57 +10:00
Andrew Bartlett
337752cfd8 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local 
(This used to be commit 15d0951b74b46763024560f9cd012338473c5bc3)
 2008-07-31 07:48:16 +10:00
Andrew Bartlett
2a0677e514 Start implementind domain trusts in our KDC. 
Andrew Bartlett
(This used to be commit 736ce50afd9da9b5fbc3db777fd5341dfa4b721a)
 2008-07-31 07:47:01 +10:00
Andrew Bartlett
2b0ed1832a Update trustAuthInOutBlob in line with MS-ADTS 7.1.6.8.1 
(This used to be commit 26c2a34dec26890230dfa86827804d8160061ce5)
 2008-07-31 07:45:30 +10:00
Jelmer Vernooij
ee505f36dd Be more pythonic. 
(This used to be commit 20d40e31942f96ca9d077e57c6dd4c1d38f79b4b)
 2008-07-30 13:29:29 +02:00
Stefan Metzmacher
e45c3e127d Revert "gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work" 
This reverts commit 73964f069056f46f2f27fc690e42e5c91ae1fe19.

This breaks more than it gains:-( It seems to break the ncacn_np session key

metze
(This used to be commit 9678085f75b6cb0ed068e22f3d9f94247b200ce2)
 2008-07-28 17:59:17 +02:00
Stefan Metzmacher
14900695da rpc_server: remove unused variable 
metze
(This used to be commit c2186d5d60aa2b57ecafaa57f9fd41f2a6717046)
 2008-07-28 16:40:21 +02:00
Stefan Metzmacher
c4c79aa1b6 gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work 
SMB signing with aes doesn't work, but still works with
arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc.

metze
(This used to be commit 73964f069056f46f2f27fc690e42e5c91ae1fe19)
 2008-07-28 16:15:23 +02:00
Stefan Metzmacher
2d2911c788 libcli/smb2: the session key for SMB2 signing is truncated to 16 bytes 
To make that work (as a client) with aes128 and aes256 krb5 keys
we need to use gsskrb5_get_subkey().

metze
(This used to be commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906)
 2008-07-28 16:15:23 +02:00
Stefan Metzmacher
0251096a89 smb2srv: sign SMB2 Logoff replies 
metze
(This used to be commit 2844e361730a6bc640ea89d0e10059deca1ca867)
 2008-07-28 14:09:46 +02:00
Stefan Metzmacher
8623e2cc4c smb2srv: correctly hold the signing state per session 
metze
(This used to be commit 5b3ba3f3556e8031133128853cd2324ee3852aa1)
 2008-07-28 14:09:45 +02:00
Stefan Metzmacher
35bd7a6378 libcli/smb2: fix per session signing state 
metze
(This used to be commit 8bc12dc77a59e792830d96e84a4e8d1b2c651505)
 2008-07-28 14:09:45 +02:00