Andrew Bartlett [Wed, 26 Oct 2005 23:41:01 +0000 (23:41 +0000)]
r11314: Use a patch from lha to have the kerberos libs extract the PAC, rather
than doing ASN.1 parsing in Samba.
Also use the API function for getting a client from a ticket, rather
than just digging in the structure.
Andrew Bartlett
(This used to be commit
25d5ea6d724bd2b64a6086ae6e2e1c5148b8ca4a)
Andrew Bartlett [Wed, 26 Oct 2005 23:39:04 +0000 (23:39 +0000)]
Andrew Bartlett [Wed, 26 Oct 2005 23:38:37 +0000 (23:38 +0000)]
r11312: Make it clear we are looking at the 'domain ref', not the domain
itself in the auth_sam module.
Andrew Bartlett
(This used to be commit
0800942dbb1511586a896c6376c436a4552c54be)
Jelmer Vernooij [Wed, 26 Oct 2005 23:36:04 +0000 (23:36 +0000)]
r11311: Move some more logic to env
(This used to be commit
990419bac7ce335ffcec84017614eb9642a6ece6)
Andrew Bartlett [Wed, 26 Oct 2005 23:34:15 +0000 (23:34 +0000)]
r11310: Free the 'if_relevent' portion of the PAC when we build it.
Andrew Bartlett
(This used to be commit
ede638c00b574bf4149d11844c0adf8e0f5c4efb)
Rafal Szczesniak [Wed, 26 Oct 2005 21:05:27 +0000 (21:05 +0000)]
r11309: A trivial test script for ejs libnet interface.
rafal
(This used to be commit
deb561ea4a00730787d129ae5eda38ceefe129f6)
Rafal Szczesniak [Wed, 26 Oct 2005 21:04:53 +0000 (21:04 +0000)]
r11308: Correctly return status code in case of js error or libnet
function execution error.
rafal
(This used to be commit
a50a5bef6e4c0051d13ed59fe5ddade709a98ba7)
Jelmer Vernooij [Wed, 26 Oct 2005 20:06:26 +0000 (20:06 +0000)]
r11307: Add support for generating pkg-config files
(This used to be commit
9c211507c15092ce09fd519cd0ffadf4b9f69492)
Jelmer Vernooij [Wed, 26 Oct 2005 19:07:01 +0000 (19:07 +0000)]
r11306: Move more static Makefile data to main.mk
Clean up smb_build::makefile a bit
(This used to be commit
28931219a19317f6c7208086416bc675bb259179)
Jelmer Vernooij [Wed, 26 Oct 2005 18:12:47 +0000 (18:12 +0000)]
r11305: Use more recent guess and sub files
(This used to be commit
20870508dd3e3a41b8a531b0830003735803fddf)
Jelmer Vernooij [Wed, 26 Oct 2005 15:07:13 +0000 (15:07 +0000)]
r11304: Add support back in for loading shared modules (not used yet)
(This used to be commit
90f49b6f70c4aaf0e4ab4fad2e6f9caeb0f6f3a6)
Jelmer Vernooij [Wed, 26 Oct 2005 14:18:27 +0000 (14:18 +0000)]
r11303: Support defining and installing public headers for libraries.
Support installing libraries.
Get rid of pkg-config file (will be autogenerated later on).
(This used to be commit
b4745032a2c55752c527026feb221ccc3dce10c8)
Jelmer Vernooij [Wed, 26 Oct 2005 13:19:15 +0000 (13:19 +0000)]
r11300: Treat libraries as a special kind of subsystem
(one that can also be built as a library and installed).
(This used to be commit
98d1f9b1dc523ed88c5aa8d066030b33d74f62bf)
Jelmer Vernooij [Wed, 26 Oct 2005 13:05:29 +0000 (13:05 +0000)]
r11299: Try to fix build on Stratos VOS (doesn't support ld -r)
(This used to be commit
65c71bf354612a589049753d854e154482957573)
Andrew Bartlett [Wed, 26 Oct 2005 05:56:44 +0000 (05:56 +0000)]
r11298: Consolidate the 'short' samlogon tests, and move to using the
credentials system for password -> NTLM translation.
Andrew Bartlett
(This used to be commit
d22cbf1b0cae9ca211c916320754d5edfe360c30)
Andrew Bartlett [Wed, 26 Oct 2005 05:37:35 +0000 (05:37 +0000)]
r11297: Move the RPC-SCHANNEL test to using the credentials system for
converting username/pass into the NTLM responses.
Andrew Bartlett
(This used to be commit
272861b8ede591073cc3a26635fefbc784976764)
Andrew Bartlett [Tue, 25 Oct 2005 13:43:37 +0000 (13:43 +0000)]
r11294: Update Heimdal in Samba4 to lorikeet-heimdal (which is in turn updated
to CVS of 2005-10-24).
Andrew Bartlett
(This used to be commit
939d4f340feaad15d0a6a5da79feba2b2558f174)
Andrew Bartlett [Tue, 25 Oct 2005 13:38:00 +0000 (13:38 +0000)]
r11293: Use the right search when forming the data for the PAC.
Andrew Bartlett
(This used to be commit
ecacef213b28adb84d3ffb5b76bf1b079e25426c)
Andrew Bartlett [Tue, 25 Oct 2005 12:39:14 +0000 (12:39 +0000)]
r11291: Fix implementation of LookupNames4.
Andrew Bartlett
(This used to be commit
aef6800548e320c2ebb20ae345566a774d6acf8b)
Andrew Bartlett [Tue, 25 Oct 2005 12:38:35 +0000 (12:38 +0000)]
r11290: Make it clear that Heimdal is always included, no need for the test
any more.
Andrew Bartlett
(This used to be commit
ec56590b063caa99f29be2b18409a69c3f22cf29)
Andrew Bartlett [Tue, 25 Oct 2005 12:37:20 +0000 (12:37 +0000)]
r11289: Fix comment.
Andrew Bartlett
(This used to be commit
fc18276389d17684bd14a2012d18fb7a9695f69e)
Andrew Bartlett [Tue, 25 Oct 2005 12:15:29 +0000 (12:15 +0000)]
r11288: Fill out LSA LookupNames4 and LookupSids3, including a server-side
implementation.
Andrew Bartlett
(This used to be commit
a6a615cc997cd3a71ea0d63994f6cd97096afc30)
Andrew Bartlett [Tue, 25 Oct 2005 12:14:08 +0000 (12:14 +0000)]
r11287: Understand the new behaviour of the LSA pipe on ncacn_ip_tcp in Win2k3 SP1.
Only a few operations are supported (LookupSids3 and LookupNames4),
and these are only supported under schannel. This appears to be the
operations Win2k3 SP1 uses to verify part of the PAC back to the
server.
The test is setup to pass, but not enforce (so far) this new
behaviour.
Andrew Bartlett
(This used to be commit
e15e39866e9775ba662f669a19836d33f7633f6f)
Andrew Tridgell [Tue, 25 Oct 2005 09:30:48 +0000 (09:30 +0000)]
r11285: fixed winreg.js for the recent change to winreg.idl
(This used to be commit
27f46b4f18346ea03d8626a380e417b00f7a88d1)
Andrew Bartlett [Tue, 25 Oct 2005 02:26:10 +0000 (02:26 +0000)]
r11282: Fix memory leak in LOCAL-PAC test.
Andrew Bartlett
(This used to be commit
c8bf7d32ebdc9bc795ce45a6d250a2378ac803aa)
Rafal Szczesniak [Mon, 24 Oct 2005 21:10:53 +0000 (21:10 +0000)]
r11281: Initial ejs interface for libnet functions.
rafal
(This used to be commit
f9c436bbdf0f071247da025f6984f9ee1c48dca8)
Stefan Metzmacher [Mon, 24 Oct 2005 15:56:04 +0000 (15:56 +0000)]
r11279: it should be only possible to register a 0x1C name, when the NBT_NM_GROUP flag is set
metze
(This used to be commit
81447f440cb339bf8c72706a752b853d3acb0e2d)
Stefan Metzmacher [Mon, 24 Oct 2005 15:38:07 +0000 (15:38 +0000)]
r11278: fix compiler warnings
metze
(This used to be commit
716e6b0c883836e50400413cccbeb6fab5cb5744)
Stefan Metzmacher [Mon, 24 Oct 2005 15:27:59 +0000 (15:27 +0000)]
r11277: fix compiler warning
metze
(This used to be commit
4d956b17c1f9e0d7a3c275b621380f1bc821b56e)
Stefan Metzmacher [Mon, 24 Oct 2005 15:16:47 +0000 (15:16 +0000)]
r11276: fix compiler warnings
metze
(This used to be commit
2f1930fb62011303abf930da6b57e73b1b9601de)
Volker Lendecke [Mon, 24 Oct 2005 09:34:12 +0000 (09:34 +0000)]
r11274: Start a connection attempt to the DC's port 389. To do this properly, make
socket_connect and ldap_connect properly async.
Volker
(This used to be commit
bcc71fc1deeed443d7cf00220ce264011ddf588d)
Andrew Bartlett [Mon, 24 Oct 2005 07:59:19 +0000 (07:59 +0000)]
r11273: Initialise the new server_info->logon_server element.
Andrew Bartlett
(This used to be commit
bc6f6f9381b1038273f87feb35484dc61dd8bd8e)
Andrew Bartlett [Mon, 24 Oct 2005 07:11:40 +0000 (07:11 +0000)]
r11272: In trying to track down why Win2k3 is again rejecting our PAC, ensure
we can round-trip all the way back to a server_info structure, not
just a filled in PAC_DATA. (I was worried about generated fields being
incorrect, or some other logical flaw).
Andrew Bartlett
(This used to be commit
11b1d78cc550c60201d12f8778ca8533712a5b1e)
Volker Lendecke [Mon, 24 Oct 2005 04:19:27 +0000 (04:19 +0000)]
r11271: Fix a warning and an infinite recursion
(This used to be commit
7bc855359a82010fefa9fd1d4c719292bfc83528)
Andrew Bartlett [Sun, 23 Oct 2005 22:20:42 +0000 (22:20 +0000)]
r11270: Move the core CrackNames code from rpc_server/drsuapi to dsdb/samdb.
I'm sure this will not be the final resting place, but it will do for
now.
Use the cracknames code in auth/ for creating a server_info given a
principal name only (should avoid assumtions about spliting a
user@realm principal).
Andrew Bartlett
(This used to be commit
c9d5d8e45dd7b7c99b6cf35b087bc18012f31222)
Volker Lendecke [Sun, 23 Oct 2005 17:22:00 +0000 (17:22 +0000)]
r11267: Fix a memleak and an uninitialized variable. Andrew Bartlett, this was the one
I sent to you. Sorry for bothering you.
Volker
(This used to be commit
3a9f2291ae6e96a715f463899957c6c598fc7627)
Stefan Metzmacher [Sun, 23 Oct 2005 14:18:03 +0000 (14:18 +0000)]
r11265: add a bunch of owned vs. replica conflict tests
metze
(This used to be commit
c8d3c2f1a1231de49bca1a72e696a833366a0493)
Volker Lendecke [Sun, 23 Oct 2005 11:23:55 +0000 (11:23 +0000)]
r11264: Winbind does not rely on the hostname resolution mechanisms of
composite_connect, so in io.in.dest_host I'm setting the IP address. Gensec
does not like that as a target hostname, so if a called name is present, use
that. So we can session setup using kerberos now.
Volker
(This used to be commit
c26b432c27954c8dc6ac8e702bd5e34a351d15bd)
Volker Lendecke [Sun, 23 Oct 2005 11:21:15 +0000 (11:21 +0000)]
r11263: Some cleanup
(This used to be commit
4fe3c9871bff512a464c688a5f6fdb37387833ed)
Tim Potter [Sun, 23 Oct 2005 01:19:38 +0000 (01:19 +0000)]
r11262: Try to get the equivalent of a subcontext in pidl ethereal conformance
files working. It doesn't quite work though. (-:
This patch also allows a struct.field format to be used in an IMPORT
statement instead of a type name.
Jelmer, what do you think?
(This used to be commit
d770f853475d12a33d23fc86ab30223dfde22dd7)
Tim Potter [Sat, 22 Oct 2005 08:00:09 +0000 (08:00 +0000)]
r11261: Rename access_required field in winreg idl to access_mask so it matches
the other interfaces.
(This used to be commit
8eb582b5780188b6304c560b3e84fd7d75c483f8)
Tim Potter [Sat, 22 Oct 2005 07:10:13 +0000 (07:10 +0000)]
r11260: Delete a leftover scons file.
(This used to be commit
7b750a785bd2c77f4a299a5cb77a2c456b9c6610)
Tim Potter [Sat, 22 Oct 2005 07:03:33 +0000 (07:03 +0000)]
r11259: Map system_name and handle fields to new hf fields.
(This used to be commit
9be707bc4d07ef47f332ef5019549044bc239e03)
Tim Potter [Sat, 22 Oct 2005 01:12:46 +0000 (01:12 +0000)]
r11258: Dissect all access_required fields as hex using the same hf.
(This used to be commit
4365462dc62d78eb433748262c5ca7feb16be785)
Jelmer Vernooij [Fri, 21 Oct 2005 22:49:23 +0000 (22:49 +0000)]
r11257: Add and use output function
(This used to be commit
734da63a4e7ff44d9417066300383bbf7cd08d8f)
Jelmer Vernooij [Fri, 21 Oct 2005 21:53:49 +0000 (21:53 +0000)]
r11254: Remove support for [TARGET:foo]-like .mk-file entries
(it is already possible to include verbatim make data)
(This used to be commit
21e355d031c6233ed0f40207d716987931927c6c)
Jelmer Vernooij [Fri, 21 Oct 2005 21:43:39 +0000 (21:43 +0000)]
r11252: Make makefile.pm OO and descend from env
(This used to be commit
c53b32e0932ef6c048f8aec23ec6df2fe66a7887)
Jelmer Vernooij [Fri, 21 Oct 2005 21:00:02 +0000 (21:00 +0000)]
r11250: Fix a couple of issues in the heimdal/ dirs.
(This used to be commit
f76374eba7d45b8ff2625914344e4b31ecdeca1d)
Jelmer Vernooij [Fri, 21 Oct 2005 20:40:58 +0000 (20:40 +0000)]
r11249: More OpenBSD make fixes...
(This used to be commit
118e3bc507b2694f7e5ea191950626931d8ebf29)
Volker Lendecke [Fri, 21 Oct 2005 19:31:36 +0000 (19:31 +0000)]
r11248: Fix anon fallback with spnego
(This used to be commit
13ebdea11532f4810d01095a54d430c36c91d826)
Jelmer Vernooij [Fri, 21 Oct 2005 19:24:13 +0000 (19:24 +0000)]
r11247: Add environment class
(This used to be commit
90c3f8b3beda525b700688fc4d6ed0584ff2e27c)
Jelmer Vernooij [Fri, 21 Oct 2005 19:14:43 +0000 (19:14 +0000)]
r11246: Another fix for OpenBSD's make
(This used to be commit
f04072f7a9fe341efced4aff57cc061cf789d5bd)
Jelmer Vernooij [Fri, 21 Oct 2005 18:10:45 +0000 (18:10 +0000)]
r11245: Hopefully fix heimdal build on some hosts
Fix manpage locations
(This used to be commit
33c71c0fb13b55741f1b1fffc8945ccda6f3bf51)
Jelmer Vernooij [Fri, 21 Oct 2005 16:29:54 +0000 (16:29 +0000)]
r11244: Relative path names in .mk files
(This used to be commit
24e10300906c380919d2d631bfb3b8fd6b3f54ba)
Jelmer Vernooij [Fri, 21 Oct 2005 13:06:21 +0000 (13:06 +0000)]
r11243: length and size can now be filled in automatically.
(This used to be commit
99444c129d08fe3e3e381b04c2da5ea5c9c10270)
Stefan Metzmacher [Fri, 21 Oct 2005 10:08:40 +0000 (10:08 +0000)]
r11241: - fix compiler warning
- fix comment
metze
(This used to be commit
4f999625a164e58b87d915bbb2914038ea96162a)
Andrew Bartlett [Fri, 21 Oct 2005 01:25:55 +0000 (01:25 +0000)]
r11239: Use ${REALM} for the realm in rootdse.ldif
Add the kpasswd server to our KDC, implementing the 'original' and
Microsoft versions of the protocol.
This works with the Heimdal kpasswd client, but not with MIT, I think
due to ordering issues. It may not be worth the pain to have this
code go via GENSEC, as it is very, very tied to krb5.
This gets us one step closer to joins from Apple, Samba3 and other
similar implementations.
Andrew Bartlett
(This used to be commit
ab5dbbe10a162286aa6694c7e08de43b48e34cdb)
Andrew Bartlett [Thu, 20 Oct 2005 13:11:06 +0000 (13:11 +0000)]
r11226: Cope with Samba3's behaviour on LDAP with GSS-SPNEGO.
Andrew Bartlett
(This used to be commit
4d9667f5a037eb15f6f0e4329314a37f148e9db7)
Andrew Bartlett [Thu, 20 Oct 2005 13:10:20 +0000 (13:10 +0000)]
r11225: Remove pointless goto.
Andrew Bartlett
(This used to be commit
30f4ece4d2e55d2d50061f74a491d3f77551a6ae)
Andrew Bartlett [Thu, 20 Oct 2005 11:19:52 +0000 (11:19 +0000)]
r11223: Only pass around the ldb handle (make this code easier to seperate
into a general lib).
Andrew Bartlett
(This used to be commit
e3abbfca4ae3c06f34774edab5ed38ebd5ebc097)
Andrew Bartlett [Thu, 20 Oct 2005 11:19:03 +0000 (11:19 +0000)]
r11222: Small provision fixes: canonicalName is now generated, and the DC=
list should be from the dnsdomain (ie lowercae).
Andrew Bartlett
(This used to be commit
10d692a1c216134b301b5851ce1e71ed93cc6164)
Andrew Bartlett [Thu, 20 Oct 2005 10:29:41 +0000 (10:29 +0000)]
r11221: I don't quite know how I tested this before, but clearly I didn't.
The samdb_set_password_sid helper function now works.
Andrew Bartlett
(This used to be commit
629595f27c3f721c4b317df871814ac5ba06be9c)
Andrew Bartlett [Thu, 20 Oct 2005 10:28:16 +0000 (10:28 +0000)]
r11220: Add the ability to handle the salt prinicpal as part of the
credentials. This works with the setup/secrets.ldif change from the
previous patch, and pretty much just re-invents the keytab.
Needed for kpasswdd work.
Andrew Bartlett
(This used to be commit
cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
Andrew Bartlett [Thu, 20 Oct 2005 10:25:51 +0000 (10:25 +0000)]
r11219: Now that we have the credentials hooked in here, we have a much more
reasonable value to fill in for the mechListMIC.
Andrew Bartlett
(This used to be commit
51d78de2b79f4ab75c86c3255c23a478c6822a0e)
Andrew Bartlett [Thu, 20 Oct 2005 10:21:04 +0000 (10:21 +0000)]
r11218: Always return the mutual authentication reply (needed for kpasswd),
and remove now duplicated unwrap_pac().
Andrew Bartlett
(This used to be commit
90642d54e02e09edc96b9498e66befda20dbb68d)
Andrew Bartlett [Thu, 20 Oct 2005 10:18:45 +0000 (10:18 +0000)]
r11217: Ensure the realm is substituted in UPPER case.
Andrew Bartlett
(This used to be commit
0c29f0e30d64be09baad792eb2850aa0b8fa9981)
Andrew Bartlett [Thu, 20 Oct 2005 10:15:31 +0000 (10:15 +0000)]
r11216: Upgrade to gd's PAC extraction code from Samba3. While I still want
to make some this the kerberos library's problem, we may as well use
the best code that is around.
Andrew Bartlett
(This used to be commit
a7fe3078a65f958499779f381731b408f3e6fb1f)
Andrew Bartlett [Thu, 20 Oct 2005 10:10:40 +0000 (10:10 +0000)]
r11215: Remove no-op prompter intended to work around bugs in old kerberos libs.
I'm also worried this might cause loops, if we get a 'force password
change', and the prompter tries to 'deal with it'.
Andrew Bartlett
(This used to be commit
5bc10c4e472b45c5b5b0ea0c3dd100be6f4dabca)
Jelmer Vernooij [Thu, 20 Oct 2005 10:04:57 +0000 (10:04 +0000)]
r11214: Remove scons files (see lists.samba.org/archive/samba-technical/2005-October/043443.html)
(This used to be commit
7fffc5c9178158249be632ac0ca179c13bd1f98f)
Andrew Bartlett [Thu, 20 Oct 2005 07:36:08 +0000 (07:36 +0000)]
r11212: Enable sealing of data with raw krb5, consolidate some code into the
main gensec_krb5_start and always ask for sequence numbers.
Andrew Bartlett
(This used to be commit
801cd6c6ffa96ac79eb425adf7c97eb2cfcbed4a)
Tim Potter [Thu, 20 Oct 2005 07:06:49 +0000 (07:06 +0000)]
r11211: Append an error message to COL_INFO if the RPC call returned an error.
(This used to be commit
b70dd7a757e7341d90c89dffa7e1c4eab790020a)
Tim Potter [Thu, 20 Oct 2005 06:31:51 +0000 (06:31 +0000)]
r11210: Log registry open function name when starting hive tests.
(This used to be commit
3416a6d78f205f9d3fd73161cbed6dcd9c2bfdf8)
Andrew Bartlett [Thu, 20 Oct 2005 05:09:58 +0000 (05:09 +0000)]
r11209: We can't read the priorSecret unless we ask for it.
Andrew Bartlett
(This used to be commit
ee9a93688d31d8da91b81e9b0f6fac3fa4894c13)
Andrew Bartlett [Thu, 20 Oct 2005 05:09:14 +0000 (05:09 +0000)]
r11208: Add DNS entries for finding the kpasswd server to the default zone.
Andrew Bartlett
(This used to be commit
7e01ff11fdcd70b54e30b438076bf1293638c61e)
Andrew Bartlett [Thu, 20 Oct 2005 05:08:24 +0000 (05:08 +0000)]
r11207: Correct principal search define
(This used to be commit
90cf4f8e1a1051a58635e126d56118701875bc5d)
Andrew Bartlett [Thu, 20 Oct 2005 04:56:47 +0000 (04:56 +0000)]
r11206: It appears to me that any account may operate as a server.
Andrew Bartlett
(This used to be commit
3b6c9c7cbc1d5c4dd32d3c1db18ddbccbb8cf17a)
Andrew Bartlett [Thu, 20 Oct 2005 04:55:56 +0000 (04:55 +0000)]
r11205: Another test for cracknames.
Andrew Bartlett
(This used to be commit
3810282a24b8aea36627f43321e76f34057e3135)
Andrew Bartlett [Thu, 20 Oct 2005 04:53:42 +0000 (04:53 +0000)]
r11204: Allow us to read credentials from secrets.ldb without a
secureChannelType (non machine join records).
Andrew Bartlett
(This used to be commit
3dddf497ccf246af435e6e2802d8f3745f2e4fd3)
Andrew Bartlett [Thu, 20 Oct 2005 04:35:30 +0000 (04:35 +0000)]
r11203: Use different variable names to make it easier to tell which assert fired.
Andrew Bartlett
(This used to be commit
df6a40c2d261804f1cd4feb24572135a4c62a802)
Andrew Bartlett [Thu, 20 Oct 2005 04:34:26 +0000 (04:34 +0000)]
r11202: Add more structs to structs.h
(This used to be commit
b0f11d85214fe83a8ce738cfa597f5cf9f5d3897)
Andrew Bartlett [Thu, 20 Oct 2005 03:55:35 +0000 (03:55 +0000)]
r11201: New filters for searching in secrets.ldb
Andrew Bartlett
(This used to be commit
b48c6df60c15ee6134a49d163bed90ea8b85550b)
Andrew Bartlett [Thu, 20 Oct 2005 03:47:55 +0000 (03:47 +0000)]
r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5
authentication. This pulls the creating of the keytab back to the
credentials code, and removes the special case of 'use keberos keytab
= yes' for now.
This allows (and requires) the callers to specify the credentials for
the server credentails to GENSEC. This allows kpasswdd (soon to be
added) to use a different set of kerberos credentials.
The 'use kerberos keytab' code will be moved into the credentials
layer, as the layers below now expect a keytab.
We also now allow for the old secret to be stored into the
credentials, allowing service password changes.
Andrew Bartlett
(This used to be commit
205f77c579ac8680c85f713a76de5767189c627b)
Andrew Bartlett [Thu, 20 Oct 2005 03:38:01 +0000 (03:38 +0000)]
r11199: Push an objectSid into the schannel state database, to match the new header.
Andrew Bartlett
(This used to be commit
a665b56085cbf89c6deaeef0deaed31fcbc07458)
Andrew Bartlett [Thu, 20 Oct 2005 03:34:49 +0000 (03:34 +0000)]
r11198: The recent changes to netlogon changed this from a RID to a SID.
Andrew Bartlett
(This used to be commit
24dbf3435277a51dd49c5e2189fc6655260eddf4)
Andrew Bartlett [Thu, 20 Oct 2005 03:21:34 +0000 (03:21 +0000)]
r11197: indent
(This used to be commit
a432ba105cbf2ea7b9010365c0a7d1dcc9ff5f7f)
Andrew Bartlett [Thu, 20 Oct 2005 03:20:43 +0000 (03:20 +0000)]
r11196: Clean up memory leaks (pointed out by vl), and handle the case where
the client doesn't guess correctly on the mech to use. It must back
off and try the mech the server selected from the list.
I'm not particularly attached to our SPNEGO parser, so while I can't
easily use the SPNEGO application logic in Heimdal, I'm going to look
closely at using the asn1 routines to avoid some pain here.
Andrew Bartlett
(This used to be commit
929217387449270b60c3f825dca3b3cae5a4f9d1)
Andrew Bartlett [Thu, 20 Oct 2005 03:17:42 +0000 (03:17 +0000)]
r11195: Add a new helper function (needed by my kpasswdd work, but hooked in
for netlogon as well) to change/set a user's password, given only
their SID.
This avoids the callers doing the lookups, and also performs the
actual 'set', as these callers do not wish any further buisness with
the entry.
Andrew Bartlett
(This used to be commit
060a2a7bcca6b58d50bc4e0930c13616742a55d3)
Andrew Bartlett [Thu, 20 Oct 2005 01:48:11 +0000 (01:48 +0000)]
r11194: Use the special ldb attribute "canonicalName" (therefore testing that
codepath) in DRSUAPI CrackNames.
Fix the NT4 account return value.
Andrew Bartlett
(This used to be commit
2513c02c64b489ebf167e33fdb4ac51ce8783c04)
Volker Lendecke [Wed, 19 Oct 2005 21:53:03 +0000 (21:53 +0000)]
r11193: Implement wbinfo -m
(This used to be commit
12a800bc8541c4160a534d1edcaeb6774776e18d)
Volker Lendecke [Wed, 19 Oct 2005 21:19:49 +0000 (21:19 +0000)]
r11192: Too many contexts around... :-)
(This used to be commit
134e104c3ff39e5f3ebdaf9168df78a156490ed7)
Stefan Metzmacher [Wed, 19 Oct 2005 17:48:55 +0000 (17:48 +0000)]
r11189: add some more special group vs. special group tests,
to make sure that replicas from the same owner are blinding overwritten
in all cases
metze
(This used to be commit
466baf737aedf240ff372ab8e8c708299102d1fa)
Stefan Metzmacher [Wed, 19 Oct 2005 16:52:50 +0000 (16:52 +0000)]
r11188: - add multi homed vs. multi homed section
metze
(This used to be commit
838323e58fe4e748a17100c4cd13788059dd12c6)
Stefan Metzmacher [Wed, 19 Oct 2005 16:30:02 +0000 (16:30 +0000)]
r11187: in case the msDS-KeyVersionNumber is replicated (I didn't assume this...)
show the string in the debug output, and show it with
--option="dssync:print_pwd_blobs=yes"
metze
(This used to be commit
98c1e8e3df90c05691a12bb25357fd75da419c5c)
Stefan Metzmacher [Wed, 19 Oct 2005 16:25:58 +0000 (16:25 +0000)]
r11186: - get rid of some .extra = True cases
- add multihomed vs unique section
- update conflict handling for the above case
metze
(This used to be commit
c043e56efd3d72cdd5b17c78512e12285c87f221)
Stefan Metzmacher [Wed, 19 Oct 2005 15:34:39 +0000 (15:34 +0000)]
r11185: - resolve attid for "supplementalCredentials" into a name
- print "supplementalCredentials" also when --option="dssync:print_pwd_blobs=yes"
is used
abartlet: this field may contain the krb5 keys...
metze
(This used to be commit
26c69348ca3ae10128df9832f8b4d9c1024631e2)
Jelmer Vernooij [Wed, 19 Oct 2005 14:35:25 +0000 (14:35 +0000)]
r11184: Remove test that checks whether ftruncate() needs root, because I can't
find the file it tries to use (build/tests/ftruncroot.c) and the value
it defines is not used anywhere.
(This used to be commit
97bbf4a46035becaee50d242364146e3529cf631)
Jelmer Vernooij [Wed, 19 Oct 2005 14:08:39 +0000 (14:08 +0000)]
r11182: Explicitly add "." to perl include path so that perl doesn't use the
Config module instead of the configure-generated config.pm on case-insensitive
filesystems (MacOSX, OpenVMS)
(This used to be commit
47b8095a0a0e7f352860999df3b131cab3e8a2b9)
Volker Lendecke [Wed, 19 Oct 2005 13:45:44 +0000 (13:45 +0000)]
r11181: Implement wbinfo -s and wbinfo --user-sids. The patch is so large because
--user-sids required the extension to trusted domains.
Implement "winbind sealed pipes" parameter for debugging purposes.
Volker
(This used to be commit
3821a17bdb68b2f1389b5a150502c057d28569d2)
Stefan Metzmacher [Wed, 19 Oct 2005 09:43:48 +0000 (09:43 +0000)]
r11179: revert to the old code, till jelmer find a solution how to
handle a UTF16 string in a uint8 array
metze
(This used to be commit
d13315f3b135228febcbe9b99d3550363c21da81)
Stefan Metzmacher [Wed, 19 Oct 2005 09:41:54 +0000 (09:41 +0000)]
r11178: add some logic functions for the replica_vs_replica conflict handling
to our winsrepl server, but it handles only the simple cases (without merging)
and we still didn't apply records to our wins.ldb, we just print out what we would do
metze
(This used to be commit
e4edeeaa0a808c6bcdf022eec1257e796c1c0700)