IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
maybe there's some broken code in windows which relies
on this...
love: can you merge this to heimdal?
metze
(This used to be commit b64abf9113a939308dc9e92ff7ddaad7be6ab551)
the krbtgt hdb entry provides.
We need to make sure other KDC's with the same hdb backend data
can accept the TGT. (w2k and w2k3 don't support aes256-cts-hmac-sha1-96 (18)
session keys.)
Love: I'm not sure if this is the correct way of doing it...
metze
(This used to be commit 5840f50d8954e95a7071a90a1c4dcce9ae05d77c)
- use "sambaPassword" only as virtual attribute for passing
the cleartext password (in unix charset) into the ldb layer
- store des-cbc-crc, des-cbc-md5 keys in the Primary:Kerberos
blob to match w2k and w2k3
- aes key support is disabled by default, as we don't know
exacly how longhorn stores them. use password_hash:create_aes_key=yes
to force creation of them.
- store the cleartext password in the Primary:CLEARTEXT blob
if configured
TODO:
- find out how longhorn stores aes keys
- find out how the Primary:WDigest blob needs to be constructed
(not supported by w2k)
metze
(This used to be commit e20b53f6feaaca2cc81ee7d296ca3ff757ee3953)
always bring it back if we need to. This code was getting in the way while
refactoring.
Add some tests for TDR.
Get rid of typedef in lib/registry/tdr_regf.idl and fix the
TDR code to be able to deal with it.
(This used to be commit 1ad0f99a439f0d52a735b391bf9900d50171aca5)
struct foo {
...
};
in IDL will now work. This is the first step towards nested types and
using typedefs for partial types (such as "typedef int *bar;"), a requirement
for complex uses of represent_as().
(This used to be commit a716aa70f0c90898e6fcf57d63a2cf4c40e7d4df)
as not doing it at all, but needs fixing. Also simplify the logic, I had
missed the "goto out" at the end of the function.
Volker
(This used to be commit ed30a0ff602d0a1d4409bee4faf12b6979b5f4b8)
this is handles the content of the 'Packages' element in the supplementalCredetials
metze
(This used to be commit 07fe22f82ebe66464ef73274a109d1e21a0d7f0f)
uint16 size;
[relative,subcontext(0),subcontext_size(size),flag(STR_NOTERM|NDR_REMAINING)] string *string;
as
uint16 size;
[relative,charset(UTF16)] uint8 *string[size];
isn't supported by pidl yet...
metze
(This used to be commit 9fcfa658430f04658c692eb26db9280fda6e4e25)
which contrusts the keys...
later we need to get the key version number from the
"replPropertyMetaData" attribute entry to the (I assume)
the "unicodePwd" attribute.
msDs-KeyVersionNumber is a constructed attribute,
and is "1" when no "supplementalCredentials" is present.
we need to make some tests with a password change function
which don't give a cleartext to the server...
metze
(This used to be commit 9e4324221764c1413be34d5b14915a86740acc04)
inside the supplementalCredentials attribute
w2k uses keys1 and keys2 where both seem identical
w2k3 only uses keys1 and num_keys2 = 0
the Salt is only stored once for all keys
the following keys are stored:
ENTYPE_DES_CBC_MD5 = 3
ENTYPE_DES_CBC_CRC = 1
metze
(This used to be commit 03d7d05e4fa607271f84878bc238e7cf0560bc67)
