git.samba.org - samba.git/commit - source4/rpc_server/netlogon/dcerpc

author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Thu, 1 Dec 2022 21:49:20 +0000 (10:49 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 8 Feb 2023 00:03:39 +0000 (00:03 +0000)
commit	e3fdb2d00152d86558a2ba29b92fd36440055461
tree	185f5cf6fa8b9c065116c9a18a71b5b118aff7a8	tree
parent	14d94460ca1ef22269373f36ec50df248aca9465	commit \| diff

s4:kdc: Add resource SID compression

The domain-local groups that are added to the PAC of a service ticket
are now, if the service doesn't disclaim support for SID compression,
placed into the resource groups structure in PAC_LOGON_INFO.

In a TGS exchange directed to a KDC, rather than to a service, the
resource groups structure is simply copied into the updated PAC without
any processing being done.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

auth/auth_sam_reply.c		diff \| blob \| history
auth/auth_sam_reply.h		diff \| blob \| history
librpc/idl/auth.idl		diff \| blob \| history
librpc/idl/netlogon.idl		diff \| blob \| history
selftest/knownfail_heimdal_kdc		diff \| blob \| history
source3/auth/auth_samba4.c		diff \| blob \| history
source4/auth/kerberos/kerberos.h		diff \| blob \| history
source4/auth/kerberos/kerberos_pac.c		diff \| blob \| history
source4/kdc/db-glue.c		diff \| blob \| history
source4/kdc/mit_samba.c		diff \| blob \| history
source4/kdc/pac-glue.c		diff \| blob \| history
source4/kdc/wdc-samba4.c		diff \| blob \| history
source4/rpc_server/netlogon/dcerpc_netlogon.c		diff \| blob \| history
source4/torture/winbind/winbind.c		diff \| blob \| history