svn commit: samba r10861 - in branches/SOC/SAMBA_4_0: .
source/include source/lib/ldb source/lib/ldb/tests
source/libcli/auth source/libcli/composite source/libcli/nbt
source/librpc/idl source/nsswitch
source/pidl/lib/Parse/Pidl/Samba/NDR
source/pidl/lib/Parse/Pidl/Samba3 source/rpc_server/spoolss
source/setup source/torture/rpc source/winbind
metze at samba.org
metze at samba.org
Mon Oct 10 07:46:00 GMT 2005
Author: metze
Date: 2005-10-10 07:45:58 +0000 (Mon, 10 Oct 2005)
New Revision: 10861
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10861
Log:
r13509 at SERNOX (orig r10838): vlendec | 2005-10-08 19:45:27 +0200
Get us an schannel'ed netlogon pipe.
Abartlet, now I think I need some assistance to implement the pam auth & crap
auth calls.
Volker
r13510 at SERNOX (orig r10839): jelmer | 2005-10-08 19:55:28 +0200
Add some [ref] (required for ethereal and Samba3 parser generators)
r13511 at SERNOX (orig r10840): jelmer | 2005-10-08 19:55:56 +0200
Fix indentation
r13513 at SERNOX (orig r10842): jelmer | 2005-10-08 22:19:35 +0200
Fix some issues with [out] unions that have a discriminator that is only
[in]
r13514 at SERNOX (orig r10843): vlendec | 2005-10-09 10:32:06 +0200
Reformatting
r13515 at SERNOX (orig r10844): abartlet | 2005-10-09 14:13:05 +0200
Add challenge-response authentication to Samba4's winbindd for VL.
Plaintext should be simple, but I'm going to do some infrustructure
work first.
Andrew Bartlett
r13516 at SERNOX (orig r10845): abartlet | 2005-10-09 14:38:23 +0200
Add new function to decrypt the session keys in samlogon responses.
Andrew Bartlett
r13517 at SERNOX (orig r10846): vlendec | 2005-10-09 14:50:35 +0200
Create a "wbsrv_domain", change wb_finddcs to the style of the rest of the
async helpers.
Volker
r13518 at SERNOX (orig r10847): abartlet | 2005-10-09 15:03:52 +0200
Fix up new 'decrypt samlogon reply' routine to be more robust, and use
it in the RPC-SAMLOGON test.
Andrew Bartlett
r13519 at SERNOX (orig r10848): jelmer | 2005-10-09 15:40:55 +0200
Fix warning
r13520 at SERNOX (orig r10849): jelmer | 2005-10-09 15:53:48 +0200
Fix handling of [charset] for strings with fixed or "inline" size
r13523 at SERNOX (orig r10852): vlendec | 2005-10-09 22:32:24 +0200
Continuation-based programming can become a bit spaghetti...
Initialize a domain structure properly. Excerpt from wb_init_domain.c:
/*
* Initialize a domain:
*
* - With schannel credentials, try to open the SMB connection with the machine
* creds. Fall back to anonymous.
*
* - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
* pipe.
*
* - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
* to schannel and then to anon bind.
*
* - With queryinfopolicy, verify that we're talking to the right domain
*
* A bit complex, but with all the combinations I think it's the best we can
* get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
* have a signed&sealed lsa connection on all of them.
*
* Is this overkill? In particular the authenticated SMB connection seems a
* bit overkill, given that we do schannel for netlogon and ntlmssp for
* lsa later on w2k3, the others don't do this anyway.
*/
Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.
Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.
Volker
r13524 at SERNOX (orig r10853): vlendec | 2005-10-09 22:57:49 +0200
Convert wbinfo -n to properly init the domain.
Volker
r13525 at SERNOX (orig r10854): jelmer | 2005-10-09 23:30:41 +0200
talloc_get_type() can return NULL..
r13526 at SERNOX (orig r10855): abartlet | 2005-10-10 00:19:20 +0200
Put the domain SID in secrets.ldb by default, and add http as a
default SPN alias.
Andrew Bartlett
r13527 at SERNOX (orig r10856): tridge | 2005-10-10 01:29:26 +0200
we need aclocal.m4 in ldb for standalone configure
r13530 at SERNOX (orig r10859): vlendec | 2005-10-10 08:18:17 +0200
Make the flow a bit clearer
Added:
branches/SOC/SAMBA_4_0/source/lib/ldb/aclocal.m4
branches/SOC/SAMBA_4_0/source/winbind/wb_init_domain.c
Modified:
branches/SOC/SAMBA_4_0/
branches/SOC/SAMBA_4_0/source/include/structs.h
branches/SOC/SAMBA_4_0/source/lib/ldb/tests/slapd.conf
branches/SOC/SAMBA_4_0/source/libcli/auth/credentials.c
branches/SOC/SAMBA_4_0/source/libcli/composite/composite.c
branches/SOC/SAMBA_4_0/source/libcli/nbt/nbtname.c
branches/SOC/SAMBA_4_0/source/librpc/idl/dfs.idl
branches/SOC/SAMBA_4_0/source/nsswitch/winbindd_nss.h
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Client.pm
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba/NDR/Parser.pm
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Client.pm
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Header.pm
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Parser.pm
branches/SOC/SAMBA_4_0/source/pidl/lib/Parse/Pidl/Samba3/Types.pm
branches/SOC/SAMBA_4_0/source/rpc_server/spoolss/dcesrv_spoolss.c
branches/SOC/SAMBA_4_0/source/setup/provision.ldif
branches/SOC/SAMBA_4_0/source/setup/secrets.ldif
branches/SOC/SAMBA_4_0/source/torture/rpc/samlogon.c
branches/SOC/SAMBA_4_0/source/winbind/config.mk
branches/SOC/SAMBA_4_0/source/winbind/wb_async_helpers.c
branches/SOC/SAMBA_4_0/source/winbind/wb_async_helpers.h
branches/SOC/SAMBA_4_0/source/winbind/wb_samba3_cmd.c
branches/SOC/SAMBA_4_0/source/winbind/wb_samba3_protocol.c
branches/SOC/SAMBA_4_0/source/winbind/wb_server.c
branches/SOC/SAMBA_4_0/source/winbind/wb_server.h
Changeset:
Sorry, the patch is too large (2758 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10861
More information about the samba-cvs
mailing list