sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code
6,947 Commits 60 Branches 1,146 Tags
Commit Graph

6947 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tim Potter
9759d435ca r11261: Rename access_required field in winreg idl to access_mask so it matches 
the other interfaces.
(This used to be commit 8eb582b5780188b6304c560b3e84fd7d75c483f8)
 2007-10-10 13:45:09 -05:00
Tim Potter
a1444159a9 r11260: Delete a leftover scons file. 
(This used to be commit 7b750a785bd2c77f4a299a5cb77a2c456b9c6610)
 2007-10-10 13:45:09 -05:00
Tim Potter
f501b04a6c r11259: Map system_name and handle fields to new hf fields. 
(This used to be commit 9be707bc4d07ef47f332ef5019549044bc239e03)
 2007-10-10 13:45:09 -05:00
Tim Potter
da55f56b8c r11258: Dissect all access_required fields as hex using the same hf. 
(This used to be commit 4365462dc62d78eb433748262c5ca7feb16be785)
 2007-10-10 13:45:09 -05:00
Jelmer Vernooij
d316c68cf3 r11257: Add and use output function 
(This used to be commit 734da63a4e7ff44d9417066300383bbf7cd08d8f)
 2007-10-10 13:45:09 -05:00
Jelmer Vernooij
da63ed0015 r11254: Remove support for [TARGET:foo]-like .mk-file entries 
(it is already possible to include verbatim make data)
(This used to be commit 21e355d031c6233ed0f40207d716987931927c6c)
 2007-10-10 13:45:08 -05:00
Jelmer Vernooij
c396fec407 r11252: Make makefile.pm OO and descend from env 
(This used to be commit c53b32e0932ef6c048f8aec23ec6df2fe66a7887)
 2007-10-10 13:45:08 -05:00
Jelmer Vernooij
e0370ff3bc r11250: Fix a couple of issues in the heimdal/ dirs. 
(This used to be commit f76374eba7d45b8ff2625914344e4b31ecdeca1d)
 2007-10-10 13:45:08 -05:00
Jelmer Vernooij
fff24f9ebd r11249: More OpenBSD make fixes... 
(This used to be commit 118e3bc507b2694f7e5ea191950626931d8ebf29)
 2007-10-10 13:45:08 -05:00
Volker Lendecke
df30ef140d r11248: Fix anon fallback with spnego 
(This used to be commit 13ebdea11532f4810d01095a54d430c36c91d826)
 2007-10-10 13:45:07 -05:00
Jelmer Vernooij
645c2fcae9 r11247: Add environment class 
(This used to be commit 90c3f8b3beda525b700688fc4d6ed0584ff2e27c)
 2007-10-10 13:45:07 -05:00
Jelmer Vernooij
e19a291e21 r11246: Another fix for OpenBSD's make 
(This used to be commit f04072f7a9fe341efced4aff57cc061cf789d5bd)
 2007-10-10 13:45:07 -05:00
Jelmer Vernooij
8955516c10 r11245: Hopefully fix heimdal build on some hosts 
Fix manpage locations
(This used to be commit 33c71c0fb13b55741f1b1fffc8945ccda6f3bf51)
 2007-10-10 13:45:06 -05:00
Jelmer Vernooij
4c5a4a7e02 r11244: Relative path names in .mk files 
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
 2007-10-10 13:45:06 -05:00
Jelmer Vernooij
568dd26ac7 r11243: length and size can now be filled in automatically. 
(This used to be commit 99444c129d08fe3e3e381b04c2da5ea5c9c10270)
 2007-10-10 13:45:06 -05:00
Stefan Metzmacher
29a3b138a2 r11241: - fix compiler warning 
- fix comment

metze
(This used to be commit 4f999625a164e58b87d915bbb2914038ea96162a)
 2007-10-10 13:45:06 -05:00
Andrew Bartlett
16bbafb7e8 r11239: Use ${REALM} for the realm in rootdse.ldif 
Add the kpasswd server to our KDC, implementing the 'original' and
Microsoft versions of the protocol.

This works with the Heimdal kpasswd client, but not with MIT, I think
due to ordering issues.  It may not be worth the pain to have this
code go via GENSEC, as it is very, very tied to krb5.

This gets us one step closer to joins from Apple, Samba3 and other
similar implementations.

Andrew Bartlett
(This used to be commit ab5dbbe10a162286aa6694c7e08de43b48e34cdb)
 2007-10-10 13:45:06 -05:00
Andrew Bartlett
f203903f1c r11226: Cope with Samba3's behaviour on LDAP with GSS-SPNEGO. 
Andrew Bartlett
(This used to be commit 4d9667f5a037eb15f6f0e4329314a37f148e9db7)
 2007-10-10 13:45:05 -05:00
Andrew Bartlett
90550077b9 r11225: Remove pointless goto. 
Andrew Bartlett
(This used to be commit 30f4ece4d2e55d2d50061f74a491d3f77551a6ae)
 2007-10-10 13:45:05 -05:00
Andrew Bartlett
b4b75ddb5a r11223: Only pass around the ldb handle (make this code easier to seperate 
into a general lib).

Andrew Bartlett
(This used to be commit e3abbfca4ae3c06f34774edab5ed38ebd5ebc097)
 2007-10-10 13:45:05 -05:00
Andrew Bartlett
17be61b7b9 r11222: Small provision fixes: canonicalName is now generated, and the DC= 
list should be from the dnsdomain (ie lowercae).

Andrew Bartlett
(This used to be commit 10d692a1c216134b301b5851ce1e71ed93cc6164)
 2007-10-10 13:45:05 -05:00
Andrew Bartlett
9f67256383 r11221: I don't quite know how I tested this before, but clearly I didn't. 
The samdb_set_password_sid helper function now works.

Andrew Bartlett
(This used to be commit 629595f27c3f721c4b317df871814ac5ba06be9c)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
b0c7c175b1 r11220: Add the ability to handle the salt prinicpal as part of the 
credentials.  This works with the setup/secrets.ldif change from the
previous patch, and pretty much just re-invents the keytab.

Needed for kpasswdd work.

Andrew Bartlett
(This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
2817ef9f53 r11219: Now that we have the credentials hooked in here, we have a much more 
reasonable value to fill in for the mechListMIC.

Andrew Bartlett
(This used to be commit 51d78de2b79f4ab75c86c3255c23a478c6822a0e)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
d820c353dc r11218: Always return the mutual authentication reply (needed for kpasswd), 
and remove now duplicated unwrap_pac().

Andrew Bartlett
(This used to be commit 90642d54e02e09edc96b9498e66befda20dbb68d)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
8103ef3974 r11217: Ensure the realm is substituted in UPPER case. 
Andrew Bartlett
(This used to be commit 0c29f0e30d64be09baad792eb2850aa0b8fa9981)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
532b16f3d5 r11216: Upgrade to gd's PAC extraction code from Samba3. While I still want 
to make some this the kerberos library's problem, we may as well use
the best code that is around.

Andrew Bartlett
(This used to be commit a7fe3078a65f958499779f381731b408f3e6fb1f)
 2007-10-10 13:45:04 -05:00
Andrew Bartlett
10989431e5 r11215: Remove no-op prompter intended to work around bugs in old kerberos libs. 
I'm also worried this might cause loops, if we get a 'force password
change', and the prompter tries to 'deal with it'.

Andrew Bartlett
(This used to be commit 5bc10c4e472b45c5b5b0ea0c3dd100be6f4dabca)
 2007-10-10 13:45:03 -05:00
Jelmer Vernooij
f4d590662e r11214: Remove scons files (see http://lists.samba.org/archive/samba-technical/2005-October/043443.html) 
(This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
 2007-10-10 13:45:03 -05:00
Andrew Bartlett
a9f15bb83e r11212: Enable sealing of data with raw krb5, consolidate some code into the 
main gensec_krb5_start and always ask for sequence numbers.

Andrew Bartlett
(This used to be commit 801cd6c6ffa96ac79eb425adf7c97eb2cfcbed4a)
 2007-10-10 13:45:03 -05:00
Tim Potter
7514f906c2 r11211: Append an error message to COL_INFO if the RPC call returned an error. 
(This used to be commit b70dd7a757e7341d90c89dffa7e1c4eab790020a)
 2007-10-10 13:45:03 -05:00
Tim Potter
20685ca815 r11210: Log registry open function name when starting hive tests. 
(This used to be commit 3416a6d78f205f9d3fd73161cbed6dcd9c2bfdf8)
 2007-10-10 13:45:02 -05:00
Andrew Bartlett
b5e734b4ca r11209: We can't read the priorSecret unless we ask for it. 
Andrew Bartlett
(This used to be commit ee9a93688d31d8da91b81e9b0f6fac3fa4894c13)
 2007-10-10 13:45:02 -05:00
Andrew Bartlett
4c4fbda7da r11208: Add DNS entries for finding the kpasswd server to the default zone. 
Andrew Bartlett
(This used to be commit 7e01ff11fdcd70b54e30b438076bf1293638c61e)
 2007-10-10 13:45:02 -05:00
Andrew Bartlett
ba02c449e4 r11207: Correct principal search define 
(This used to be commit 90cf4f8e1a1051a58635e126d56118701875bc5d)
 2007-10-10 13:45:02 -05:00
Andrew Bartlett
c86852aef8 r11206: It appears to me that any account may operate as a server. 
Andrew Bartlett
(This used to be commit 3b6c9c7cbc1d5c4dd32d3c1db18ddbccbb8cf17a)
 2007-10-10 13:45:02 -05:00
Andrew Bartlett
dfbdd10c38 r11205: Another test for cracknames. 
Andrew Bartlett
(This used to be commit 3810282a24b8aea36627f43321e76f34057e3135)
 2007-10-10 13:45:01 -05:00
Andrew Bartlett
11b16c2580 r11204: Allow us to read credentials from secrets.ldb without a 
secureChannelType (non machine join records).

Andrew Bartlett
(This used to be commit 3dddf497ccf246af435e6e2802d8f3745f2e4fd3)
 2007-10-10 13:45:01 -05:00
Andrew Bartlett
642b42424a r11203: Use different variable names to make it easier to tell which assert fired. 
Andrew Bartlett
(This used to be commit df6a40c2d261804f1cd4feb24572135a4c62a802)
 2007-10-10 13:45:01 -05:00
Andrew Bartlett
0efa46e652 r11202: Add more structs to structs.h 
(This used to be commit b0f11d85214fe83a8ce738cfa597f5cf9f5d3897)
 2007-10-10 13:45:01 -05:00
Andrew Bartlett
24993869f0 r11201: New filters for searching in secrets.ldb 
Andrew Bartlett
(This used to be commit b48c6df60c15ee6134a49d163bed90ea8b85550b)
 2007-10-10 13:45:01 -05:00
Andrew Bartlett
372ca26b20 r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5 
authentication.  This pulls the creating of the keytab back to the
credentials code, and removes the special case of 'use keberos keytab
= yes' for now.

This allows (and requires) the callers to specify the credentials for
the server credentails to GENSEC.  This allows kpasswdd (soon to be
added) to use a different set of kerberos credentials.

The 'use kerberos keytab' code will be moved into the credentials
layer, as the layers below now expect a keytab.

We also now allow for the old secret to be stored into the
credentials, allowing service password changes.

Andrew Bartlett
(This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
 2007-10-10 13:45:00 -05:00
Andrew Bartlett
9e25f33a1a r11199: Push an objectSid into the schannel state database, to match the new header. 
Andrew Bartlett
(This used to be commit a665b56085cbf89c6deaeef0deaed31fcbc07458)
 2007-10-10 13:45:00 -05:00
Andrew Bartlett
bf38a5e7c5 r11198: The recent changes to netlogon changed this from a RID to a SID. 
Andrew Bartlett
(This used to be commit 24dbf3435277a51dd49c5e2189fc6655260eddf4)
 2007-10-10 13:45:00 -05:00
Andrew Bartlett
22a9779328 r11197: indent 
(This used to be commit a432ba105cbf2ea7b9010365c0a7d1dcc9ff5f7f)
 2007-10-10 13:45:00 -05:00
Andrew Bartlett
b0fe5e6ade r11196: Clean up memory leaks (pointed out by vl), and handle the case where 
the client doesn't guess correctly on the mech to use.  It must back
off and try the mech the server selected from the list.

I'm not particularly attached to our SPNEGO parser, so while I can't
easily use the SPNEGO application logic in Heimdal, I'm going to look
closely at using the asn1 routines to avoid some pain here.

Andrew Bartlett
(This used to be commit 929217387449270b60c3f825dca3b3cae5a4f9d1)
 2007-10-10 13:44:59 -05:00
Andrew Bartlett
02c32587a8 r11195: Add a new helper function (needed by my kpasswdd work, but hooked in 
for netlogon as well) to change/set a user's password, given only
their SID.

This avoids the callers doing the lookups, and also performs the
actual 'set', as these callers do not wish any further buisness with
the entry.

Andrew Bartlett
(This used to be commit 060a2a7bcca6b58d50bc4e0930c13616742a55d3)
 2007-10-10 13:44:59 -05:00
Andrew Bartlett
ddb1c4aa13 r11194: Use the special ldb attribute "canonicalName" (therefore testing that 
codepath) in DRSUAPI CrackNames.

Fix the NT4 account return value.

Andrew Bartlett
(This used to be commit 2513c02c64b489ebf167e33fdb4ac51ce8783c04)
 2007-10-10 13:44:59 -05:00
Volker Lendecke
1e60499880 r11193: Implement wbinfo -m 
(This used to be commit 12a800bc8541c4160a534d1edcaeb6774776e18d)
 2007-10-10 13:44:59 -05:00
Volker Lendecke
0e6fefac49 r11192: Too many contexts around... :-) 
(This used to be commit 134e104c3ff39e5f3ebdaf9168df78a156490ed7)
 2007-10-10 13:44:59 -05:00