sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-06-28 00:49:42 +03:00
Code
63,421 Commits 62 Branches 1,161 Tags
Commit Graph

162 Commits

Author SHA1 Message Date
Björn Jacke
a973eb1968 s3: fix build on Heimdal based systems like NetBSD5 2010-06-05 02:15:29 +02:00
Günther Deschner
614e010daa s3: remove authdata.h 
Guenther
 2010-06-03 11:00:27 +02:00
Günther Deschner
da79cbb080 s3-kerberos: add a missing reference to authdata headers. 
Guenther
 2009-11-27 18:52:32 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required. 
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
 2009-11-27 16:36:00 +01:00
Günther Deschner
1a8f838274 s3-kerberos: Fix Bug #6929: build with recent heimdal. 
Heimdal changed the KRB5_DEPRECATED define (which now may not take an identifier
for activation) in new releases (like 1.3.1).

Guenther
 2009-11-27 01:40:35 +01:00
Günther Deschner
0f8bf47d94 s3-kerberos: avoid using ERROR_TABLE_BASE_krb5 without checking. 
Guenther
 2009-11-12 15:50:37 +01:00
Günther Deschner
b4e40958b7 s3-kerberos: add smb_krb5_principal_get_realm(). 
Guenther
 2009-11-12 10:22:39 +01:00
Günther Deschner
440db5a94e Revert "s3-kerberos: add smb_krb5_parse_name_flags()." 
This reverts commit 17ef153b68795fec681f9ce17c198236aba2b1c2.
 2009-11-06 13:48:23 +01:00
Günther Deschner
9e48dc2b78 s3-kerberos: support S4U2SELF impersionation through cli_krb5_get_ticket(). 
Guenther
 2009-11-06 13:35:20 +01:00
Günther Deschner
bb01aae1b9 s3-kerberos: use smb_krb5_get_credentials in ads_krb5_mk_req. 
Guenther
 2009-11-06 13:34:04 +01:00
Günther Deschner
60bf0eb607 s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg. 
Guenther
 2009-11-06 13:31:17 +01:00
Günther Deschner
35dcc133c9 s3-kerberos: add smb_krb5_get_{creds,credentials} incl. support for S4U2SELF impersonation. 
Guenther
 2009-11-06 12:43:03 +01:00
Günther Deschner
17ef153b68 s3-kerberos: add smb_krb5_parse_name_flags(). 
Guenther
 2009-11-06 12:43:03 +01:00
Andrew Tridgell
a6e4cb500b s3: fixed krb5 build problem on ubuntu karmic 
Karmic has MIT krb5 1.7-beta3, which has the symbol
krb5_auth_con_set_req_cksumtype but no prototype for it.

See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531635
 2009-10-16 10:40:50 +11:00
Jeremy Allison
5f295eb6f5 More conversions of NULL -> talloc_autofree_context() 
so we at least know when we're using a long-lived context.
Jeremy.
 2009-07-16 18:28:58 -07:00
Jelmer Vernooij
b65ba0e26c clikrb5: Prefer krb5_free_keytab_entry_contents to krb5_kt_free_entry. 
Both functions exist in MIT Kerberos >= 1.7, but only
krb5_free_keytab_entry_contents has a prototype.
 2009-06-04 23:43:31 +02:00
Andrew Bartlett
574a6a8c35 s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context 
Signed-off-by: Günther Deschner <gd@samba.org>
 2009-04-07 13:25:36 +02:00
Günther Deschner
1524abd8bf s3-krb5: Fix Coverity #722 (RESOURCE_LEAK). 
Guenther
 2009-03-20 10:41:44 +01:00
Jeremy Allison
0281166bb9 Don't miss an absolute pathname as a kerberos keytab path. From Glenn Machin <gmachin@sandia.gov>. 
Jeremy.
 2009-02-17 15:54:33 -08:00
todd stecher
989ad44d32 Memory leaks and other fixes found by Coverity 2009-01-21 17:13:03 -08:00
Günther Deschner
c0cf457c85 s3-asn1: make all of s3 asn1 code do a proper asn1_init() first. 
Guenther
 2008-10-22 21:37:36 +02:00
Günther Deschner
d9f1fff5b3 s3: use shared asn1 code. 
Guenther
 2008-10-22 21:37:36 +02:00
Jelmer Vernooij
cb78d4593b Cope with changed signature of http_timestring(). 2008-10-11 23:57:44 +02:00
Jeremy Allison
3978317af0 Fix blocker bug 5745 kerberos authentication with (lib)smbclient is broken. 
Jeremy.
(This used to be commit a59bd0e4854117a8646f4d388a0f7285362d5ba2)
 2008-09-10 10:18:02 -07:00
Volker Lendecke
06dd647fe0 Remove a duplicate retval check 
Jeremy, please check!
(This used to be commit 6579005e6490f1a99b3860627ba51decaeb864bd)
 2008-08-31 11:45:12 +02:00
Günther Deschner
bff20e14c3 kerberos: use KRB5_KT_KEY macro where appropriate. 
Guenther
(This used to be commit a042dffd7121bda3dbc9509f69fcfae06ed4cc22)
 2008-08-29 11:01:34 +02:00
Günther Deschner
0380fe9d82 kerberos: move the KRB5_KEY* macros to header file. 
Guenther
(This used to be commit c28fa17ffffee3e6fd4897c9c6b4937388a19600)
 2008-08-29 10:59:28 +02:00
Igor Mammedov
2597c97d3a Fix length error in wrapping spnego blob 
(This used to be commit 16ee95494ba495c5f5ff8779206f380db1067b2d)
 2008-08-18 09:55:11 -07:00
Günther Deschner
c7257754cd fix build warning. 
Guenther
(This used to be commit 85021d6a459c957cc276a93c3515029244f52677)
 2008-08-11 15:43:52 +02:00
Jeremy Allison
3acde0d747 One more build fix. Ensure we have KRB5_AUTH_CONTEXT_USE_SUBKEY defined before we compile the new code. 
Jeremy.
(This used to be commit 7686752c5b015b15a6729631ba4aeedd25ebc659)
 2008-08-08 16:08:11 -07:00
Jeremy Allison
6d99eedafc Try and fix the build for systems that don't have krb5_auth_con_set_req_cksumtype(). 
Jeremy.
(This used to be commit 8598e7b06ec57ca6fcde863270e6bb0e2de9993e)
 2008-08-08 15:15:36 -07:00
Jeremy Allison
e8c7ff3e88 Add Derrick Schommer's <dschommer@F5.com> kerberos delegation patch. Some 
work by me and advice by Love.
Jeremy.
(This used to be commit ecc3838e4cb5d0c0769ec6d9a34a877ca584ffcc)
 2008-08-08 14:32:15 -07:00
Stefan Metzmacher
70c2a5b02e clikrb5: don't use krb5_keyblock_init() when no salt is specified 
If the caller wants to create a key with no salt we should
not use krb5_keyblock_init() (only used when using heimdal)
because it does sanity checks on the key length.

metze
(This used to be commit c83de77b750837a110611d7023c4cf71d2d0bab1)
 2008-08-04 13:52:18 +02:00
Jeremy Allison
23cafd02d3 Fix return of uninitialized variable. 
Jeremy.
(This used to be commit 384052f546af8c1c6848c03cad4f2ba618ba7209)
 2008-06-26 13:19:40 -07:00
Günther Deschner
640a2972c5 kerberos: add smb_krb5_keytab_name(). 
Guenther
(This used to be commit c273ce8798062d1b55100411f3e92a01bdbf611c)
 2008-06-24 23:34:17 +02:00
Günther Deschner
0ac8c5d49a kerberos: make smb_krb5_kt_add_entry public, allow to pass keys without salting them. 
Guenther
(This used to be commit 7c4da23be1105dc224033b21eb486e7fcdc7d9c5)
 2008-06-24 23:34:05 +02:00
Günther Deschner
fd288b4110 clikrb5: remove unrequired create_kerberos_key_from_string_direct() prototype. 
Guenther
(This used to be commit ec86852fc6ce2d88ad5835c8fcb337c68fd6f6bc)
 2008-06-17 19:51:52 +02:00
Tim Prouty
fb37f15600 Cleanup size_t return values in callers of convert_string_allocate 
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
 2008-05-20 22:40:13 +02:00
Günther Deschner
c1793b2b31 Use new IDL based PAC structures in clikrb5.c 
Guenther
(This used to be commit 3b0135d57e1e70175a5eec49b603a2e5f700c770)
 2008-02-17 02:11:59 +01:00
Günther Deschner
022014dba2 Make heimdal and MIT happy when iterating through auth data. 
Guenther
(This used to be commit 507247dcbf0ef02825a6c5c5f313813714df2d99)
 2007-12-12 18:58:26 +01:00
Guenther Deschner
1acd160800 Vista SP1-rc1 appears to break against Samba-3.0.27a 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Jason,

Jason Haar wrote:
> Patched 3.0.28, compiled, installed and here's the log file.
>
> Hope it helps. BTW I don't think it matters, but this is on 32bit
> CentOS4.5 systems.

yes, it helps. Thanks for that.

Very interesting, there are two auth data structures where the first one
is a PAC and the second something unknown (yet).

Can you please try the attached fix ? It should make it work again.

Guenther
- --
Günther Deschner                    GPG-ID: 8EE11688
Red Hat                         gdeschner@redhat.com
Samba Team                              gd@samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHX9ZESOk3aI7hFogRAivSAJ9bMcD+PcsIzjYYLtAUoLNfVVEl1QCfV/Qd
MPsZW4G31VOVu64SPjgnJiI=
=Co+H
-----END PGP SIGNATURE-----
(This used to be commit c9adc07ca2a3bb1e0ea98e3b4f68e1a87e5c0196)
 2007-12-12 09:52:51 -08:00
Jeremy Allison
42cfffae80 Remove next_token - all uses must now be next_token_talloc. 
No more temptations to use static length strings.
Jeremy.
(This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
 2007-12-07 17:32:32 -08:00
Jeremy Allison
32dd016353 Fix the setup_kaddr() call to cope with IPv6. 
This is the last obvious change I can see. At
this point we can start claiming IPv6 support
(Hurrah !:-).
Jeremy.
(This used to be commit bda8c0bf571c994b524a9d67eebc422033d17094)
 2007-10-29 15:03:36 -07:00
Jeremy Allison
f88b7a076b This is a large patch (sorry). Migrate from struct in_addr 
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
 2007-10-24 14:16:54 -07:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting 
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
 2007-10-18 17:40:25 -07:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text 
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
 2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later. 
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
 2007-10-10 12:28:20 -05:00
Günther Deschner
110e420196 r23651: Always, always, always compile before commit... 
Guenther
(This used to be commit accb40446ad3f872c5167fc2306d892553293b7b)
 2007-10-10 12:23:41 -05:00
Günther Deschner
3b1956f9d2 r23650: Fix remaining callers of krb5_kt_default(). 
Guenther
(This used to be commit b9d7a2962a472afb0c6b8e3ac5c2c819d4af2b39)
 2007-10-10 12:23:41 -05:00
Günther Deschner
a248672932 r23649: Fix the build (by moving smb_krb5_open_keytab() to clikrb5.c). 
Guenther
(This used to be commit 19020d19dca7f34be92c8c2ec49ae7dbde60f8c1)
 2007-10-10 12:23:41 -05:00