Stefan Metzmacher [Mon, 13 Nov 2006 19:12:47 +0000 (19:12 +0000)]
r19699: - use better names for the site strings
- use the client_site when creating the server object
metze
Stefan Metzmacher [Mon, 13 Nov 2006 19:08:11 +0000 (19:08 +0000)]
r19698: fix whitespaces...
metze
Stefan Metzmacher [Mon, 13 Nov 2006 19:04:32 +0000 (19:04 +0000)]
r19697: use the same mailslot name as windows does,
this also let wireshark match the responses
metze
Volker Lendecke [Mon, 13 Nov 2006 09:18:36 +0000 (09:18 +0000)]
r19684: Talloc_guide text on multithreading by Remi Turboult
Andrew Bartlett [Mon, 13 Nov 2006 03:21:13 +0000 (03:21 +0000)]
r19683: Guard GUID_from_string from walking off the end.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Nov 2006 03:20:24 +0000 (03:20 +0000)]
r19682: Fix comments.
Andrew Bartlett
Andrew Bartlett [Mon, 13 Nov 2006 03:19:59 +0000 (03:19 +0000)]
r19681: Update to current lorikeet-heimdal. I'm looking at using the realm
lookup plugin, the new PAC validation code as well as Heimdal's SPNEGO
implementation.
Andrew Bartlett
Jelmer Vernooij [Sun, 12 Nov 2006 03:40:38 +0000 (03:40 +0000)]
r19680: Allow specifying basedir for test data.
Create temporary directories in base directory.
Jelmer Vernooij [Sun, 12 Nov 2006 03:36:47 +0000 (03:36 +0000)]
r19679: Fix shared library build as well.
Jelmer Vernooij [Sun, 12 Nov 2006 03:26:11 +0000 (03:26 +0000)]
r19678: Fix the build for now (ugly hack because of circular dependencies)
Jelmer Vernooij [Sun, 12 Nov 2006 02:55:34 +0000 (02:55 +0000)]
r19677: Fix more dependencies.
Jelmer Vernooij [Sun, 12 Nov 2006 02:49:05 +0000 (02:49 +0000)]
r19676: Fix some more dependencies.
Stefan Metzmacher [Sun, 12 Nov 2006 02:17:23 +0000 (02:17 +0000)]
r19675: the process model don't depend on heimdal anymore
and only have private depdendencies
metze
Stefan Metzmacher [Sun, 12 Nov 2006 02:15:56 +0000 (02:15 +0000)]
r19674: auth didn't depdend on process_model!
metze
Jelmer Vernooij [Sun, 12 Nov 2006 01:30:45 +0000 (01:30 +0000)]
r19673: Build shared libs against shared libs.
Jelmer Vernooij [Sun, 12 Nov 2006 00:54:43 +0000 (00:54 +0000)]
r19672: Make LIBSAMBA-UTIL a subsystem again for now because it has interdependencies
with LIBSAMBA-CONFIG.
Jelmer Vernooij [Sat, 11 Nov 2006 23:14:58 +0000 (23:14 +0000)]
r19671: Fix remaining unresolved symbols in shared library build.
Fix starting tests in shared library build.
Jelmer Vernooij [Sat, 11 Nov 2006 22:44:28 +0000 (22:44 +0000)]
r19670: Reduce the number of unresolved symbols when building with shared libraries.
Stefan Metzmacher [Sat, 11 Nov 2006 15:11:21 +0000 (15:11 +0000)]
r19664: fix compiler warnings...
should _krb5_find_type_in_ad() also take a const?
metze
Stefan Metzmacher [Sat, 11 Nov 2006 14:00:24 +0000 (14:00 +0000)]
r19663: merge changes from lorikeet heimdal:
support for netbios domain based realms
metze
Stefan Metzmacher [Sat, 11 Nov 2006 12:52:04 +0000 (12:52 +0000)]
r19662: windows 2003 kdc's only rewrite the realm to the full form,
when the client is using the netbios domain name as realm.
we should match this and not rewrite the principal.
This matches what windows give:
metze@SERNOX:~/prefix/lorikeet-heimdal/bin> ./kinit administrator@SERNOXDOM4
administrator@SERNOXDOM4's Password:
metze@SERNOX:~/prefix/lorikeet-heimdal/bin> ./klist
Credentials cache: FILE:/tmp/krb5cc_10000
Principal: administrator@SERNOXDOM4.MX.BASE
Issued Expires Principal
Nov 11 13:37:52 Nov 11 23:37:52 krbtgt/SERNOXDOM4@SERNOXDOM4.MX.BASE
Note:
I need to disable the principal checks in heimdal's
_krb5_extract_ticket() for the kinit to work.
Any ideas how to change heimdal to support this.
For the service principal we should use
the realm and principal in req->kdc_rep.enc_part
instead of the unencrypted req->kdc.ticket.sname
and req->kdc.ticket.realm to have a trusted value.
I'm not sure what we can do with the client realm...
metze
Stefan Metzmacher [Sat, 11 Nov 2006 11:00:19 +0000 (11:00 +0000)]
r19661: - add resolve stage to dcerpc connects over tcp
- remove ipv6 support untill the resolve layer can give ipv6 addresses
metze
Andrew Bartlett [Sat, 11 Nov 2006 03:41:50 +0000 (03:41 +0000)]
r19660: Forgot to tell gsskrb5 not to canonicalize hostnames. Shoudl fix
valrind issues on fort, because we won't hit NSS any more.
Andrew Bartlett
Andrew Bartlett [Fri, 10 Nov 2006 02:44:38 +0000 (02:44 +0000)]
r19650: Allow Samba to use Heimdal's SPNEGO code. Currently this can only
negotiate krb5, but if this works, I'll add NTLM as a GSSAPI backend
by some means or other.
Andrew Bartlett
Andrew Bartlett [Fri, 10 Nov 2006 02:41:00 +0000 (02:41 +0000)]
r19649: Fix indentation.
Andrew Bartlett
Stefan Metzmacher [Thu, 9 Nov 2006 01:11:45 +0000 (01:11 +0000)]
r19645: don't pass NULL as mem_ctx...
metze
Andrew Bartlett [Thu, 9 Nov 2006 00:33:43 +0000 (00:33 +0000)]
r19644: Merge up to current lorikeet-heimdal, incling adding
gsskrb5_set_default_realm(), which should fix mimir's issues.
Andrew Bartlett
Stefan Metzmacher [Thu, 9 Nov 2006 00:29:32 +0000 (00:29 +0000)]
r19643: make process_model thread compile again
metze
Stefan Metzmacher [Wed, 8 Nov 2006 22:33:22 +0000 (22:33 +0000)]
r19642: convert host.c to new composite api
metze
Stefan Metzmacher [Wed, 8 Nov 2006 22:28:28 +0000 (22:28 +0000)]
r19641: ldap_delete() is only allowed as user, we need to give credentials to the ildap backend
metze
Rafal Szczesniak [Wed, 8 Nov 2006 21:40:11 +0000 (21:40 +0000)]
r19640: add some comments
rafal
Stefan Metzmacher [Wed, 8 Nov 2006 21:20:45 +0000 (21:20 +0000)]
r19639: convert nbtlist.c to new composite api
metze
Stefan Metzmacher [Wed, 8 Nov 2006 21:18:24 +0000 (21:18 +0000)]
r19638: convert resolve.c to the new composite api
metze
Rafal Szczesniak [Wed, 8 Nov 2006 21:11:25 +0000 (21:11 +0000)]
r19637: Leave --realm option only, as abartlet suggested.
rafal
Jelmer Vernooij [Wed, 8 Nov 2006 14:36:30 +0000 (14:36 +0000)]
r19636: Add URLs to ldb and talloc pkg-config files.
Always build and install .pc files as they make sense for static libs
as well.
Andrew Bartlett [Wed, 8 Nov 2006 04:54:56 +0000 (04:54 +0000)]
r19635: It appears that under CFX, different keys are used in each direction
(or something like that).
In any case, we need to stick with the initiator subkey for now, until
we figure out what Vista uses for the CIFS session key.
Andrew Bartlett
Jelmer Vernooij [Wed, 8 Nov 2006 02:01:31 +0000 (02:01 +0000)]
r19634: Only use --allow-undef-shlib for modules.
Andrew Bartlett [Wed, 8 Nov 2006 01:48:35 +0000 (01:48 +0000)]
r19633: Merge to lorikeet-heimdal, removing krb5_rd_req_return_keyblock in favour of a more tasteful replacement.
Remove kerberos_verify.c, as we don't need that code any more.
Replace with code for using the new krb5_rd_req_ctx() borrowed from
Heimdal's accecpt_sec_context.c
Andrew Bartlett
Andrew Bartlett [Wed, 8 Nov 2006 01:43:23 +0000 (01:43 +0000)]
r19632: This got missed in the heimdal merge. Without this, we don't keep the
full database name. The existing code (needed for when we use the HDB
as a keytab, such as for the kpasswd service) only works for HDB
keytabs not prefixed with a type.
Andrew Bartlett
Jelmer Vernooij [Wed, 8 Nov 2006 01:37:28 +0000 (01:37 +0000)]
r19631: Re-enable shared libraries, but don't use -rpath-link unless
shared libraries are actually used.
Rafal Szczesniak [Tue, 7 Nov 2006 23:48:02 +0000 (23:48 +0000)]
r19630: Support specifying the realm name from command line.
Useful when testing calls against windows servers with krb auth.
rafal
Andrew Bartlett [Tue, 7 Nov 2006 21:08:33 +0000 (21:08 +0000)]
r19629: No need to special case use of DCE_STYLE sign and seal away any more...
Andrew Bartlett
Andrew Bartlett [Tue, 7 Nov 2006 21:05:45 +0000 (21:05 +0000)]
r19628: This hint via Love at the IETF meeting:
Larry told me that most context flags needed to be set to, otherwise
it wouldn't work.
This fixes DCE_STYLE against Win2k3 SP1. It seems they just tightened
up their end of the GSSAPI code, as DCE_STYLE is explicity rejected in
the session setup too (being the wrong layer).
Andrew Bartlett
Stefan Metzmacher [Tue, 7 Nov 2006 16:14:14 +0000 (16:14 +0000)]
r19625: not all linkers like -Wl,rpath-link, so don't use it till we have configure checks
and working shared libraries
metze
Stefan Metzmacher [Tue, 7 Nov 2006 16:03:00 +0000 (16:03 +0000)]
r19624: we have timegm in libreplace so heimdal should not replace it
metze
Stefan Metzmacher [Tue, 7 Nov 2006 15:59:39 +0000 (15:59 +0000)]
r19623: disable building of shared libs until we have fixed them,
they all have unresolved symbols and are useless
and produce noise in the build-farm
metze
Stefan Metzmacher [Tue, 7 Nov 2006 15:21:18 +0000 (15:21 +0000)]
r19622: - remove unused var
- fix default for enable-dso to no
metze
Stefan Metzmacher [Tue, 7 Nov 2006 14:13:59 +0000 (14:13 +0000)]
r19621: move enable-dso to check_ld.m4 again and add some checks and generate more output
metze
Jelmer Vernooij [Tue, 7 Nov 2006 14:06:58 +0000 (14:06 +0000)]
r19620: Remove old (outdated) files.
Jelmer Vernooij [Tue, 7 Nov 2006 14:06:40 +0000 (14:06 +0000)]
r19619: Add pointer to (up-to-date) packaging from the Debian Samba packaging repository.
Stefan Metzmacher [Tue, 7 Nov 2006 12:54:43 +0000 (12:54 +0000)]
r19618: pass -D_SAMBA_HOSTCC_ when using the hostcompiler
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:50:24 +0000 (12:50 +0000)]
r19616: the heimdal spnego mech doesn't seem to use roken.h and isn't portable
(it doesn't compile on suse 10.1 because gethostname() isn't found,
unistd.h isn't included...)
as we don't need the spnego mech, disable it till it gets fixed in heimdal
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:47:46 +0000 (12:47 +0000)]
r19615: include roken.h.in as this still includes the ifdef's we need in samba4
this should fix the portability of samba4
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:42:51 +0000 (12:42 +0000)]
r19614: fix compiler warnings
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:10:46 +0000 (12:10 +0000)]
r19613: remove diff between samba4 and lorikeet
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:08:30 +0000 (12:08 +0000)]
r19612: fix the build with auto dependencies
the samba4 heimdal copy should do not need to use socket_wrapper
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:04:11 +0000 (12:04 +0000)]
r19611: we have heimdal 0.8pre currently
metze
Stefan Metzmacher [Tue, 7 Nov 2006 12:03:01 +0000 (12:03 +0000)]
r19610: fix the build
metze
Stefan Metzmacher [Tue, 7 Nov 2006 10:44:17 +0000 (10:44 +0000)]
r19609: fix uninitialized perl variabel, we need AC_SUBST() for all configure vars
we want to use in perl...
metze
Stefan Metzmacher [Tue, 7 Nov 2006 10:42:26 +0000 (10:42 +0000)]
r19608: - basics comes in with $(ALL_PREDEP)
(this fixes the auto dependency build)
metze
Stefan Metzmacher [Tue, 7 Nov 2006 10:41:11 +0000 (10:41 +0000)]
r19607: - remove mech_switch.h from objectfile list
(fix the build the auto dependencies)
- add tabs
metze
Andrew Bartlett [Tue, 7 Nov 2006 10:40:50 +0000 (10:40 +0000)]
r19606: Remove generated files
Andrew Bartlett
Andrew Bartlett [Tue, 7 Nov 2006 06:59:56 +0000 (06:59 +0000)]
r19604: This is a massive commit, and I appologise in advance for it's size.
This merges Samba4 with lorikeet-heimdal, which itself has been
tracking Heimdal CVS for the past couple of weeks.
This is such a big change because Heimdal reorganised it's internal
structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases.
In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO
PAC. This matches windows behavour. We also have an option to
require the PAC to be present (which allows us to automate the testing
of this code).
This also includes a restructure of how the kerberos dependencies are
handled, due to the fallout of the merge.
Andrew Bartlett
Andrew Bartlett [Tue, 7 Nov 2006 04:26:45 +0000 (04:26 +0000)]
r19603: Make it easier to control the debug level of smbd.
Ensure that we don't accept kerberos logins without a PAC (to ensure
we actually produce a PAC in the KDC)
Andrew Bartlett
Jelmer Vernooij [Tue, 7 Nov 2006 01:25:17 +0000 (01:25 +0000)]
r19600: Add two more headers (fixes installation)
Jelmer Vernooij [Tue, 7 Nov 2006 01:00:27 +0000 (01:00 +0000)]
r19599: Fix --includedir.
Andrew Bartlett [Tue, 7 Nov 2006 00:48:36 +0000 (00:48 +0000)]
r19598: Ahead of a merge to current lorikeet-heimdal:
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
Andrew Bartlett [Tue, 7 Nov 2006 00:47:36 +0000 (00:47 +0000)]
r19597: Ahead of the merge to current lorikeet-heimdal:
Supply the correct OID to the error display functions.
Rework the session key functions.
Andrew Bartlett
Jelmer Vernooij [Tue, 7 Nov 2006 00:46:04 +0000 (00:46 +0000)]
r19596: add basics to 'all' - hopefully fixes the build on some hosts
Andrew Bartlett [Tue, 7 Nov 2006 00:19:16 +0000 (00:19 +0000)]
r19595: Seperate debug messages between database failure and simple lack of
records.
Andrew Bartlett
Jelmer Vernooij [Mon, 6 Nov 2006 23:25:30 +0000 (23:25 +0000)]
r19594: the behaviour of `include' is slightly different from helper(). Fix the build
for now.
Rafal Szczesniak [Mon, 6 Nov 2006 23:23:47 +0000 (23:23 +0000)]
r19593: add NET-API-USERLIST test
rafal
Rafal Szczesniak [Mon, 6 Nov 2006 23:22:57 +0000 (23:22 +0000)]
r19592: a simple test for libnet_UserList
rafal
Andrew Bartlett [Mon, 6 Nov 2006 23:19:00 +0000 (23:19 +0000)]
r19590: Make it less noisy to run the session_key test outside 'make test',
for example against a remote host.
Andrew Bartlett
Andrew Bartlett [Mon, 6 Nov 2006 23:17:48 +0000 (23:17 +0000)]
r19589: Because we what we really wanted was coverage of seal and non-seal,
rather than validate or not, change $VALIDATE to bigendian in the
session_key test.
Andrew Bartlett
Jelmer Vernooij [Mon, 6 Nov 2006 22:54:49 +0000 (22:54 +0000)]
r19588: Use include and import statements rather than depends() and helper().
Rafal Szczesniak [Mon, 6 Nov 2006 22:06:12 +0000 (22:06 +0000)]
r19587: Fix indentation and correctly set error string when completing
a composite call - don't leave it unset.
rafal
Rafal Szczesniak [Mon, 6 Nov 2006 22:03:22 +0000 (22:03 +0000)]
r19586: draft version of libnet_UserList function. still a bit of work
to do left.
rafal
Jelmer Vernooij [Mon, 6 Nov 2006 21:54:19 +0000 (21:54 +0000)]
r19585: Add support for some more standard IDL instructions:
- `include' (replaces helper())
- `import' (replaces depends())
Add support for parsing importlib() - importlib() is now ignored (with a
warning), but no longer causes syntax errors.
helper() and depends() are now marked deprecated and will cause warnings.
Rafal Szczesniak [Mon, 6 Nov 2006 21:16:50 +0000 (21:16 +0000)]
r19584: add the new file to the build.
rafal
Rafal Szczesniak [Mon, 6 Nov 2006 21:16:27 +0000 (21:16 +0000)]
r19583: a few prerequisite functions called from within libnet functions
(in this case domain related) to ensure certain conditions before
doing what libnet function is expected to do.
rafal
Jelmer Vernooij [Mon, 6 Nov 2006 20:17:25 +0000 (20:17 +0000)]
r19582: Support building both shared and static versions of libraries at the same
time.
The --enable-dso flag now specifies whether or not the Samba binaries
themselves should be linked against the shared libraries.
By default, all libraries will be built staticly. If supported, the
shared variant of each library will also be built.
If people think building both shared and static library versions in
'make all' is too time-inefficient, please let me know and I'll move the
shared library bits to 'make everything'.
Jelmer Vernooij [Mon, 6 Nov 2006 20:01:22 +0000 (20:01 +0000)]
r19580: Add --includedir option.
James Peach [Mon, 6 Nov 2006 19:38:27 +0000 (19:38 +0000)]
r19578: Fix trivial typ0.
Jelmer Vernooij [Mon, 6 Nov 2006 17:28:27 +0000 (17:28 +0000)]
r19575: Build static libs in bin/static rather than bin/
Jelmer Vernooij [Mon, 6 Nov 2006 16:57:00 +0000 (16:57 +0000)]
r19574: Initial work towards supporting build of both shared and static libraries.
Jelmer Vernooij [Mon, 6 Nov 2006 16:11:52 +0000 (16:11 +0000)]
r19573: Move secrets.o into param/ (subsystems haven't been integrated yet).
Jelmer Vernooij [Mon, 6 Nov 2006 14:07:20 +0000 (14:07 +0000)]
r19572: Fix typo.
Jelmer Vernooij [Mon, 6 Nov 2006 14:03:51 +0000 (14:03 +0000)]
r19571: Add a USESHARED parameter (different from BLDSHARED) + two small
shared-library related fixes.
Jelmer Vernooij [Mon, 6 Nov 2006 13:14:21 +0000 (13:14 +0000)]
r19570: Fix dependencies in pkg-config files.
Jelmer Vernooij [Mon, 6 Nov 2006 12:05:09 +0000 (12:05 +0000)]
r19569: Require that all public header files have a destination path. Fix
places where this was currently not the case.
Andrew Bartlett [Mon, 6 Nov 2006 11:18:32 +0000 (11:18 +0000)]
r19568: When we get back a skew error, try with no skew. This allows us to
recover from inheriting an invalid skew from a ccache.
Andrew Bartlett
Andrew Bartlett [Mon, 6 Nov 2006 10:38:13 +0000 (10:38 +0000)]
r19567: Make it easier to control the debug level in the test scripts, by not
specifying it on the smbd command line.
Andrew Bartlett
Andrew Bartlett [Mon, 6 Nov 2006 10:36:31 +0000 (10:36 +0000)]
r19566: Predeclare some useful structures.
Andrew Tridgell [Sun, 5 Nov 2006 05:42:07 +0000 (05:42 +0000)]
r19565: the scripts do work :)
Andrew Tridgell [Sun, 5 Nov 2006 05:26:34 +0000 (05:26 +0000)]
r19564: testing build farm scripts, apologies for the noise
(jelmer didn't see some breakage emails lately, I want to ensure its
working)
Andrew Tridgell [Sun, 5 Nov 2006 04:28:45 +0000 (04:28 +0000)]
r19563: - make --num-progs a valid smbtorture option again. It's commonly
used.
- mark -t as an integer option
Jelmer Vernooij [Sun, 5 Nov 2006 00:26:44 +0000 (00:26 +0000)]
r19562: Support returning simple scalars.
Jelmer Vernooij [Sun, 5 Nov 2006 00:08:39 +0000 (00:08 +0000)]
r19561: Remove debug statement.
Jelmer Vernooij [Sun, 5 Nov 2006 00:03:44 +0000 (00:03 +0000)]
r19560: Fix handling of PARAM_VALUE.