sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
17,033 Commits 60 Branches 1,144 Tags 452 MiB
f2ac351d6e
Commit Graph

17033 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Metzmacher
f2ac351d6e kdc: use mostly only public kerberos headers 
We shoule avoid using the private heimdal function
_krb5_principalname2krb5_principal()

metze
(This used to be commit 10db07c69a)
 2008-08-01 17:54:34 +02:00
Stefan Metzmacher
9cc663af6e auth/kerberos: we don't need to include heimdal private headers 
metze
(This used to be commit 6ec3887aee)
 2008-08-01 17:52:37 +02:00
Stefan Metzmacher
c251443e73 gensec_gssapi: include <gssapi/gssapi.h> 
metze
(This used to be commit 49e01d00bd)
 2008-08-01 17:52:37 +02:00
Stefan Metzmacher
fed1cc2c6d heimdal_build: we should only use PRIVATE_DEPENDENCIES 
metze
(This used to be commit 694f5124a5)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
f4140cfdb0 build: autogenerate heimdal basics 
metze
(This used to be commit f19d2182b8)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
8dede49961 build: autogenarate VPATH by configure 
metze
(This used to be commit 16147753ad)
 2008-08-01 17:52:36 +02:00
Stefan Metzmacher
86c9db8d4a heimdal: add missing files 
metze
(This used to be commit b395cd7acd)
 2008-08-01 17:49:45 +02:00
Stefan Metzmacher
ca086c9e2c auth_server: set the workstation name 
metze
(This used to be commit 6d640ee4b8)
 2008-08-01 17:27:18 +02:00
Stefan Metzmacher
9f5325ce39 heimdal: add missing file heimdal/lib/gssapi/mech/gss_pseudo_random.c 
metze
(This used to be commit 3bd7e68a5c)
 2008-08-01 17:27:18 +02:00
Stefan Metzmacher
35cd60b002 build with the new heimdal version 
(This used to be commit 3817d653fa)
 2008-08-01 16:11:00 +02:00
Stefan Metzmacher
a925f039ee heimdal: update to lorikeet-heimdal rev 801 
metze
(This used to be commit d6c54a66fb)
 2008-08-01 16:11:00 +02:00
Stefan Metzmacher
cf875a5621 build: allow flex-2.34 together with bison-2.3 
metze
(This used to be commit 8bd30a7b43)
 2008-08-01 16:10:59 +02:00
Stefan Metzmacher
d087545deb auth/ntlmssp: don't crash when the backend give no challenge 
metze
(This used to be commit c01fee80a7)
 2008-08-01 16:10:59 +02:00
Stefan Metzmacher
f1cdce5963 auth_server: fix the logic of server_get_challenge() 
metze
(This used to be commit 699e3cdb52)
 2008-08-01 15:54:57 +02:00
Stefan Metzmacher
5d68244a27 auth_server: fix segfault reported by Julien Kerihuel <j.kerihuel@openchange.org> 
metze
(This used to be commit c2cc8ef943)
 2008-08-01 15:22:25 +02:00
Stefan Metzmacher
7b4081da8f Revert "Start implementind domain trusts in our KDC." 
This reverts commit 736ce50afd.

This breaks the build...

metze
(This used to be commit afd07073b9)
 2008-08-01 15:22:25 +02:00
Andrew Bartlett
43d2329da6 Update to a working trustAuthIncoming and trustAuthOutgoing parser. 
This is based on the docs, as well as testing against a domain trust
in windows.

Clearly it needs to be more general - perhaps a non IDL parser?

Andrew Bartlett
(This used to be commit 816bb64a56)
 2008-07-31 23:17:20 +10:00
Andrew Bartlett
358a11c6f3 Print trustAuthOutgoing and trustAuthIncoming in RPC-DSSYNC 
(This used to be commit 6673a6e623)
 2008-07-31 21:23:48 +10:00
Andrew Bartlett
2cc32c4988 Use the cldap reply to avoid segfaulting in RPC-DSSYNC 
Also don't fail the test if the server does not implement the NT4
changelog.

Andrew Bartlett
(This used to be commit 514d88580b)
 2008-07-31 10:51:59 +10:00
Andrew Bartlett
2afd7d6d66 Don't fail if the domain has a trust already. 
Andrew Bartlett
(This used to be commit c2df7ffa6d)
 2008-07-31 09:07:57 +10:00
Andrew Bartlett
337752cfd8 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local 
(This used to be commit 15d0951b74)
 2008-07-31 07:48:16 +10:00
Andrew Bartlett
2a0677e514 Start implementind domain trusts in our KDC. 
Andrew Bartlett
(This used to be commit 736ce50afd)
 2008-07-31 07:47:01 +10:00
Andrew Bartlett
2b0ed1832a Update trustAuthInOutBlob in line with MS-ADTS 7.1.6.8.1 
(This used to be commit 26c2a34dec)
 2008-07-31 07:45:30 +10:00
Stefan Metzmacher
e45c3e127d Revert "gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work" 
This reverts commit 73964f0690.

This breaks more than it gains:-( It seems to break the ncacn_np session key

metze
(This used to be commit 9678085f75)
 2008-07-28 17:59:17 +02:00
Stefan Metzmacher
14900695da rpc_server: remove unused variable 
metze
(This used to be commit c2186d5d60)
 2008-07-28 16:40:21 +02:00
Stefan Metzmacher
c4c79aa1b6 gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work 
SMB signing with aes doesn't work, but still works with
arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc.

metze
(This used to be commit 73964f0690)
 2008-07-28 16:15:23 +02:00
Stefan Metzmacher
2d2911c788 libcli/smb2: the session key for SMB2 signing is truncated to 16 bytes 
To make that work (as a client) with aes128 and aes256 krb5 keys
we need to use gsskrb5_get_subkey().

metze
(This used to be commit 0c6d988f20)
 2008-07-28 16:15:23 +02:00
Stefan Metzmacher
0251096a89 smb2srv: sign SMB2 Logoff replies 
metze
(This used to be commit 2844e36173)
 2008-07-28 14:09:46 +02:00
Stefan Metzmacher
8623e2cc4c smb2srv: correctly hold the signing state per session 
metze
(This used to be commit 5b3ba3f355)
 2008-07-28 14:09:45 +02:00
Stefan Metzmacher
35bd7a6378 libcli/smb2: fix per session signing state 
metze
(This used to be commit 8bc12dc77a)
 2008-07-28 14:09:45 +02:00
Stefan Metzmacher
1a4f4d2cf0 SMB2-CONNECT: remove reference to req->session before calling smb2_logoff_recv() on the invalid session 
metze
(This used to be commit 93203e8e31)
 2008-07-28 14:09:45 +02:00
Stefan Metzmacher
4355b31730 libcli/smb2: sign SMB2 Logoff requests 
metze
(This used to be commit 35ee165b14)
 2008-07-28 14:09:45 +02:00
Andrew Bartlett
e80115deb9 We don't use EXTENSIBLEOBJECT any more. 
(This used to be commit 4b137085c8)
 2008-07-28 20:51:02 +10:00
Andrew Bartlett
08795db6d6 Make it even clearer what to do next in the LDAP backend setup 
(This used to be commit bace931ad6)
 2008-07-28 20:26:14 +10:00
Andrew Bartlett
45d60f5bd9 Always print the slapd startup command 
(This used to be commit b1d05e7d14)
 2008-07-28 20:18:17 +10:00
Andrew Bartlett
ade9b6c455 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet 
(This used to be commit 486891bb51)
 2008-07-28 18:39:37 +10:00
Stefan Metzmacher
0299edbc02 auth/credentials: explain why we need to the enctypes for the gssapi layer 
metze
(This used to be commit 88970c4d41)
 2008-07-28 09:29:42 +02:00
Andrew Bartlett
da9ab5756e Remove unused variable 
(This used to be commit 31a303c099)
 2008-07-28 08:04:43 +10:00
Andrew Bartlett
cff30c6da6 Remove unused function and make sensitive directories private. 
(This used to be commit e23333d163)
 2008-07-28 08:04:15 +10:00
Andrew Bartlett
5971fd6b9c Fix warnings in new prefixMap code 
(This used to be commit b8770a4fd8)
 2008-07-28 08:02:18 +10:00
Jelmer Vernooij
72d2bea916 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage 
(This used to be commit 7e90cc197c)
 2008-07-27 19:57:27 +02:00
Jelmer Vernooij
8d8ccc57e9 Fix location of manpages. 
(This used to be commit 6f5b4ef1d0)
 2008-07-27 19:56:20 +02:00
Stefan Metzmacher
55ea54ec64 gensec_gssapi: add support for signing RPC messages 
metze
(This used to be commit dc2847c0ac)
 2008-07-26 21:48:32 +02:00
Stefan Metzmacher
9437adf68b lib/ldb/tools: allow -W and --realm when build from samba4 
metze
(This used to be commit 0aa6d63ec5)
 2008-07-26 21:46:53 +02:00
Stefan Metzmacher
21592142c3 auth/credentials: use the same enctypes when getting a TGT and a TGS 
metze
(This used to be commit 9fc5750156)
 2008-07-26 21:46:43 +02:00
Stefan Metzmacher
c0ad44f354 dsdb: add a comment about the parameter to DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID 
metze
(This used to be commit 2f06fbe06b)
 2008-07-26 21:45:29 +02:00
Stefan Metzmacher
2385e33095 dsdb/schema: make more clear where we create the value for the new prefix mapping 
metze
(This used to be commit c92eb8b776)
 2008-07-26 21:45:22 +02:00
Stefan Metzmacher
118ecc54ba dsdb/schema: dsdb_write_prefixes_to_ldb() should do the reverse of dsdb_read_prefixes_to_ldb() 
metze
(This used to be commit 34ea9d4a0b)
 2008-07-26 21:45:15 +02:00
Stefan Metzmacher
7a633ed96b dcerpc.idl: add DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN flag 
metze
(This used to be commit 131a1cfdc9)
 2008-07-26 21:44:30 +02:00
Stefan Metzmacher
934cfb9880 mamachinepw: add better error handling 
metze
(This used to be commit 7ac424137f)
 2008-07-26 20:45:47 +02:00