summaryrefslogtreecommitdiffstats
path: root/source3/auth
Commit message (Collapse)AuthorAgeFilesLines
* s3-util: use shared dom_sid_dup.Günther Deschner2010-09-202-6/+7
| | | | Guenther
* s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner2010-09-202-4/+5
| | | | Guenther
* libcli/auth/ntlmssp Be clear about talloc parents for session keysAndrew Bartlett2010-09-161-9/+16
| | | | | | | | | | The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Call security_token_set_privilege() rather than manual assignmentAndrew Bartlett2010-09-111-1/+1
| | | | | | | | This avoids as much direct modifiction of the bitmask as possible. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett2010-09-111-1/+1
| | | | | | | | The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:auth Remove NT_USER_TOKENAndrew Bartlett2010-09-112-8/+8
| | | | | | | | | The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Change struct nt_user_token -> struct security_tokenAndrew Bartlett2010-09-111-14/+14
| | | | | | | | This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Change type of num_sids to uint32_tAndrew Bartlett2010-09-111-5/+7
| | | | | | | | | | | | | | size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth: Added get_server_info_system function.Andreas Schneider2010-09-091-0/+5
|
* s3-auth: fix uninitialized error code in get_guest_info3().Günther Deschner2010-09-011-2/+1
| | | | Guenther
* s3-auth: remove global include of krb5pac.h.Günther Deschner2010-08-312-0/+2
| | | | Guenther
* s3-auth: remove unused variable in check_sam_security().Günther Deschner2010-08-311-1/+1
| | | | Guenther
* s3-auth Rename NT_USER_TOKEN privileges -> privilege_maskAndrew Bartlett2010-08-311-3/+3
| | | | | | This is closer to the struct security_token from security.idl Andrew Bartlett
* s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett2010-08-312-29/+29
| | | | This is closer to the struct security_token from security.idl
* s3-auth: The unlock of the account is now done by the get_sampwnam call.Andreas Schneider2010-08-301-5/+2
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-auth: Use SamInfo3_for_guest to create guest server_info.Andreas Schneider2010-08-301-19/+70
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-auth: add helper to get server_info out of kerberos infoSimo Sorce2010-08-301-0/+100
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-auth: Add helper function to retrieve the unix user from a kerberos ticketSimo Sorce2010-08-301-0/+172
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3: Remove a use of smbd_server_fdVolker Lendecke2010-08-291-1/+1
| | | | | This disables different socket options per user for ntlmssp authentiation, a change in behaviour which is exotic enough I believe.
* s3: Remove smbd_server_conn() from check_unix_securityVolker Lendecke2010-08-281-7/+2
|
* s3: Lift smbd_server_fd() from pass_check()Volker Lendecke2010-08-282-7/+8
|
* s3: Lift smbd_server_fd() from password_check()Volker Lendecke2010-08-281-11/+13
|
* s3: Fix some nonempty blank linesVolker Lendecke2010-08-281-15/+15
|
* s3: Fix smb_pam_passcheckVolker Lendecke2010-08-281-2/+2
|
* s3: Those functions are no macros anymore :-)Volker Lendecke2010-08-281-4/+0
|
* s3: Lift smbd_server_fd() from smb_pam_passcheckVolker Lendecke2010-08-272-8/+10
|
* s3: Lift smbd_server_fd() from smb_pam_startVolker Lendecke2010-08-271-16/+9
| | | | | smb_pam_passcheck() is the only caller that fills in NULL, all other callers now properly fill rhost
* s3: Pass "private_data" through string_combinations()Volker Lendecke2010-08-271-12/+24
|
* s3: Pass rhost through to smb_pam_passchangeVolker Lendecke2010-08-271-2/+3
|
* s3: Fix typosVolker Lendecke2010-08-261-2/+2
|
* s3-build: only include nsswitch header where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3-build: only include memcache.h where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* pam: fix unused variable warningBjörn Jacke2010-08-241-1/+1
|
* s3: PAM_RHOST and PAM_TTY are enums on FreeBSDVolker Lendecke2010-08-231-3/+3
|
* s3: Turn two macros into functionsVolker Lendecke2010-08-221-6/+24
|
* s3: Pass the rhost through smb_pam_accountcheckVolker Lendecke2010-08-222-4/+7
|
* s3: Rename auth.c:backends to auth_backendsVolker Lendecke2010-08-221-4/+4
|
* s3: Fix some nonemtpy blank linesVolker Lendecke2010-08-221-10/+9
|
* Fix const warning.Jeremy Allison2010-08-201-1/+1
|
* s3: Remove smb_pam_accountcheck from the auth modulesVolker Lendecke2010-08-193-32/+4
| | | | | We go through the same check in auth/auth.c line 287 after the module has done its job. So we don't have to do that check twice.
* s3: Lift smbd_server_fd from reload_services()Volker Lendecke2010-08-181-1/+1
|
* s3: Remove get_client_fd()Volker Lendecke2010-08-161-2/+3
|
* s3-auth: Remove obsolete 'update encrypted' option.Andreas Schneider2010-08-162-66/+5
|
* s3:auth Add error paths for invalid password_state valuesAndrew Bartlett2010-08-143-2/+10
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:auth Change winbindd -> auth interface to more standard structuresAndrew Bartlett2010-08-141-0/+37
| | | | | | | | | | This removes conversions to and from the source3 varient of the server_info structure when replaced in s3compat, and presents a tidier interface to winbindd in any case. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:auth Change 'make_user_info' to be talloc basedAndrew Bartlett2010-08-141-72/+58
| | | | | | | | | This is an ideal candidate, as it already uses a free function. It now uses talloc destructors to clear the passwords if required. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:auth Whitespace fixes after auth mergeAndrew Bartlett2010-08-143-20/+20
|
* s3:auth Make Samba3 use the new common struct auth_usersupplied_infoAndrew Bartlett2010-08-1414-152/+191
| | | | | | | | | | | | | This common structure will make it much easier to produce an auth module for s3compat that calls Samba4's auth subsystem. In order the make the link work properly (and not map twice), we mark both that we did try and map the user, as well as if we changed the user during the mapping. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3: Lift the smbd_messaging_context from reload_servicesVolker Lendecke2010-08-081-1/+1
|
* s3-netlogon: remove global include of netlogon.h.Günther Deschner2010-08-063-0/+4
| | | | | | | This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther
generated by cgit (git 2.34.1) at 2025-04-20 22:39:04 +0000