summaryrefslogtreecommitdiffstats
path: root/source3/auth
Commit message (Collapse)AuthorAgeFilesLines
* s3: Apply some constVolker Lendecke2010-04-121-3/+5
|
* s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵Matthias Dieter Wallnöfer2010-04-121-3/+3
| | | | | | | attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one.
* s3: Move serverinfo_to_SamInfoX to auth/server_info.cVolker Lendecke2010-04-111-0/+287
|
* s3: Move [make|free]_user_info to auth/user_info.cVolker Lendecke2010-04-112-108/+131
|
* s3: Move make_server_info_sam to auth/server_info_sam.cVolker Lendecke2010-04-112-121/+151
|
* s3: Move sanitize_username to lib/util_str.cVolker Lendecke2010-04-111-8/+0
|
* s3: Move make_server_info to auth/server_info.cVolker Lendecke2010-04-112-32/+55
|
* s3: Move check_sam_security to auth/check_sam.cVolker Lendecke2010-04-112-485/+512
|
* s3: Make check_sam_security publicVolker Lendecke2010-04-111-20/+28
|
* s3: Replace "auth_context" by "challenge" in need_to_increment_bad_pw_count argsVolker Lendecke2010-04-111-5/+5
|
* s3: Replace "auth_context" by "challenge" in sam_password_ok argsVolker Lendecke2010-04-111-7/+10
|
* s3: Move user_in_group() and create_token_from_username() to token_utils.cVolker Lendecke2010-04-112-315/+315
| | | | Goal is to be able to call check_sam_security from winbind
* s3: Use talloc_stackframe() in user_in_groupVolker Lendecke2010-04-111-7/+1
|
* s3: Use talloc_stackframe() in user_in_group_sidVolker Lendecke2010-04-111-8/+1
|
* s3: Use talloc_stackframe() in create_token_from_usernameVolker Lendecke2010-04-111-7/+1
|
* s3: Fix a memleak in user_in_group_sidVolker Lendecke2010-04-111-0/+1
|
* s3: Remove the make_auth_methods routineVolker Lendecke2010-04-1110-72/+101
| | | | This was just TALLOC_ZERO_P
* s3: Fix a typoVolker Lendecke2010-04-111-1/+1
|
* s3: Make "auth_context" its own talloc parentVolker Lendecke2010-04-114-15/+9
| | | | Remove "mem_ctx" from "struct auth_context"
* s3: Fix some nonempty linesVolker Lendecke2010-04-116-36/+35
|
* s3: Fix a typoVolker Lendecke2010-04-091-1/+1
|
* s3:ntlmssp: use client.netbios_name instead of workstationStefan Metzmacher2010-03-241-2/+2
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: rename void *auth_context; into void *callback_private;Stefan Metzmacher2010-03-241-5/+5
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_stateStefan Metzmacher2010-03-241-6/+28
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: replace server_role by a server.is_standalone in ntlmssp_stateStefan Metzmacher2010-03-241-1/+5
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* Fix valgrind error when running under share level security. plaintext_passwordJeremy Allison2010-03-221-2/+2
| | | | | | is a data blob with a data pointer pointing to an allocation of length zero. Jeremy.
* s3: Fix some nonempty blank linesVolker Lendecke2010-02-201-59/+57
|
* s3: Remove some calls to memset -- reduces text size by some bytes for meVolker Lendecke2010-01-241-8/+3
|
* s3:auth: fix account unlock regression introduced with fix for bug #4347Michael Adam2010-01-141-7/+5
| | | | | | | | By an oversight, the patchset for #4347 made the unlocking of a locked account after the lockout duration ineffective. Thanks to Björn for finding this! Michael
* s3:auth: add comment to nulling out stolen sampassMichael Adam2010-01-121-0/+4
| | | | | | | | | | Adding this comment makes me think, I could also have changed make_server_info_sam() talloc_move instead of talloc_steal, but that would have changed the signature... Well the comment is a first step. :-) Michael
* s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke2010-01-101-6/+4
|
* s3: Remove the typedef for "auth_serversupplied_info"Volker Lendecke2010-01-1011-34/+36
|
* s3: Remove the typedef for "auth_usersupplied_info"Volker Lendecke2010-01-1012-30/+30
|
* s3:auth: don't update the bad pw count if pw is among last 2 history entriesMichael Adam2010-01-071-1/+73
| | | | | | | | | This conforms to the behaviour of Windows 2003: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx This is supposed to fixes Bug #4347 . Michael
* s3:auth:check_sam_security: introduce a bool var to control pad_pw_count ↵Michael Adam2010-01-071-1/+7
| | | | | | | | incrementation This is a preparatory patch for the last part in fixing bug #4347 . Michael
* s3:auth:check_sam_security: improve calling and logging of ↵Michael Adam2010-01-071-4/+16
| | | | | | | | | pdb_update_sam_account Log what went wrongl, and also call pdb_update_sam_account inside become_root/unbecome_root: do the logging outside. Michael
* s3:auth:check_sam_security: fix a leading tab/ws mixupMichael Adam2010-01-071-1/+1
| | | | Michael
* s3:auth:check_sam_security: create (and use) a common exit pointMichael Adam2010-01-071-11/+7
| | | | | | for use after sam_password_ok() has been called. Michael
* s3:auth:check_sam_security: null out sampass after it has been stolen.Michael Adam2010-01-071-0/+1
| | | | | | | | So that a later talloc_free would not harm. I could have used talloc_move instead of talloc steal in make_server_info_sam(), but this would have required a change of the signature. Michael
* s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampassMichael Adam2010-01-071-14/+20
| | | | | | | | This is in preparation to extending check_sam_security to also check against the password history before updating the bad password count. This way, sam_password_ok can more easily be reused for that purpose. Michael
* s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()Michael Adam2010-01-071-2/+2
| | | | | | | This way it is more explicit that there is no allocated data here that may leak. Michael
* s3:auth:sam_password_ok: fix allocation of a data blob.Michael Adam2010-01-071-1/+1
| | | | | | | | | | | | data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but copies 16 bytes from mem_ctx into the newly allocated data blob. This can not have been intentional. A blank uint8_t array of length 16 is allocated by passing NULL instead of mem_ctx. And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated blank 16 byte array to mem_ctx - so this is what must have been intended. Michael
* s3:auth:sam_password_ok: enhance readability (imho) by adding some pointersMichael Adam2010-01-071-17/+24
| | | | | | and removing bool variables and several checks. Michael
* s3:check_sam_security: untangle assignment from statementMichael Adam2010-01-071-1/+2
| | | | Michael
* s3:ntlmssp: change get_challange() to return NTSTATUSStefan Metzmacher2009-12-291-2/+3
| | | | metze
* s3:ntlmssp: only include ntlmssp.h where actually neededAndrew Bartlett2009-12-221-0/+1
| | | | Andrew Bartlett
* s3:auth: Fix typo in debug message.Karolin Seeger2009-12-071-2/+2
| | | | Karolin
* s3:fix a comment typoMichael Adam2009-11-141-1/+1
| | | | Michael
* s3:is_trusted_domain: shortcut if domain name == global_sam_nameMichael Adam2009-11-141-0/+4
| | | | | | | A domain can't have a trust with itself. This saves some roundtrips to the ldap server for ldapsam. Michael
* s3:is_trusted_domain: shortcut if domain name is NULL or emptyMichael Adam2009-11-141-0/+4
| | | | | | This saves some roundtrips to LDAP in an ldapsm setup. Michael
generated by cgit (git 2.34.1) at 2025-09-03 20:27:40 +0000