IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
something that Andrew Bartlett has been asking for for a while, and
when I started having to re-invent this packet parsing code yet again
for SMB2 I decided it was time to do it generically
you use it by providing a "is this a full packet yet?" helper function
to the packet_*() functions, which then handle all the logic of
partial packet buffering.
This also goes to great lengths to operate efficiently, minimising the
number of recv system calls.
(This used to be commit e6c47b954a6f09c53ea419800ce873295fcd0be9)
functionalities into groups of subcontexts of net subcontext just the
way it's done in net tool. This way we can pass common arguments when
creating subcontext. Also, this may allow easier writing net tool
completely as a script.
At the moment there's a name resolve code segfault to be fixed.
rafal
(This used to be commit 25310d05927dab69d37248977f974bcaedbd081b)
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
- SOCKET_WRAPPER_DEFAULT_IFACE=X specifies the default interface
for 127.0.0.X
- we now use multiple interfaces for smbtorture in make test
127.0.0.26-127.0.0.31
- and 127.0.0.1 only for smbd
the are more work needed for better support for broacast messages...
but this is enough for the winsrepl tests
metze
(This used to be commit dbd01110d1a3e0f5914ae8d156723d6d6edf160c)
We now put the PAC in the AS-REP, so that the client has it in the
TGT. We then validate it (and re-sign it) on a TGS-REQ, ie when the
client wants a ticket.
This should also allow us to interop with windows KDCs.
If we get an invalid PAC at the TGS stage, we just drop it.
I'm slowly trying to move the application logic out of hdb-ldb.c, and
back in with the rest of Samba's auth system, for consistancy. This
continues that trend.
Andrew Bartlett
(This used to be commit 36973b1eef7db5983cce76ba241e54d5f925c69c)
the code in auth/auth_sam.c for consistancy. This will also allow us
to have one place for a backend directory hook.
I will use a very similar hook to add the PAC.
Andrew Bartlett
(This used to be commit 4315836cd8c94eb8340c4050804face4d0066810)
wanted. There is nothing that suggests that the host we forward
credentials to will not have other interfaces, unassoicated with their
service name. Likewise, the name may be a netbios, not DNS name.
This should avoid some nasty DNS lookups.
Andrew Bartlett
(This used to be commit da0ff19856a8f41eb64787990d47d2961824711d)
support cldap and other stuff in the future.
This temporarily disables wbinfo -t, but that will come back soon.
Try an ldap bind using gss-spnego. This got me krb5 binds against "our" w2k3
and a trusted w2k, although with some memleaks from krb5 and a BAD_OPTION
tgs-rep error.
Volker
(This used to be commit d14948fdf687c8f70ef9ec35445b7eb04da84253)
kdc/hdb-ldb.c to share the routines used for auth/
This will require keeping the attribute list in sync, but I think it
is worth it for the next steps (sharing the server_info generation).
Andrew Bartlett
(This used to be commit da38bcefa752a508abd28e8ff6277b493d24c2dd)
The aim here is to restructure the queries to match the queries we do
in auth, then to share the code that does the actual query (at least
for user logins).
Then we can generate the PAC from that shared query, rather than a
seperate query.
Andrew Bartlett
(This used to be commit 4395d087e19286536dbb41fa5758491b302fa437)
credentials to be NULL, where the client is requesting a CIFS style
server-first negTokenInit.
Andrew Bartlett
(This used to be commit eba652ecc89766304fdad14463072dc311693701)
determining a mechanism to use.
Currently it doesn't to fallbacks like SPNEGO does, but this could be
added (to GENSEC, not to here).
This also adds a new function to GENSEC, which returns a list of SASL
names in our preference order (currently determined by the build
system of all things...).
Also make the similar function used for OIDs in SPNEGO do the same.
This is all a very long-winded way of moving from a hard-coded NTLM to
GSS-SPNEGO in our SASL client...
Andrew Bartlett
(This used to be commit 130eb9bb9a37957614c87e0e6846a812abb51e00)
