summaryrefslogtreecommitdiffstats
path: root/source4/auth/credentials
Commit message (Collapse)AuthorAgeFilesLines
* s4:auth/credentials: with the build after heimdal importStefan Metzmacher2011-07-151-0/+1
| | | | metze
* s4/auth: Trivial spelling fixes.Brad Hards2011-06-211-3/+3
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-auth: quiet down the krb5 warnings when kerberos is not set to 'MUST'Andrew Tridgell2011-06-171-1/+5
| | | | | | | this prevents spurious error messages on client commands when when we will fallback to NTLM authentication Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-credentials Don't use expired Kerberos or GSSAPI credentialsAndrew Bartlett2011-06-081-4/+57
| | | | | | | | | In a long-lived credentials cache situation, we may need to refetch the ticket after (say) 10 hours. This code should help that happen, by checking the lifetime before returning any credentials cache or GSSAPI credentials. Andrew Bartlett
* s4-credentials Allow use of file-based credentials caches for debugging.Andrew Bartlett2011-06-081-3/+9
| | | | | | | | This means that we will leave a slew of file based credentials caches in /tmp, which should give some clues to the administrator or developer via klist as to what has gone wrong. Andrew Bartlett
* s4:auth/credentials: S4U2Self should force CRED_MUST_USE_KERBEROSStefan Metzmacher2011-05-181-0/+1
| | | | | | | | Otherwise we would not impersonate the desired principal. This still doesn't work for plaintext auth, but should avoid ntlmssp. metze
* s4:auth/credentials: pass 'self_service' to ↵Stefan Metzmacher2011-05-183-5/+26
| | | | | | | | | | | | cli_credentials_set_impersonate_principal() This also adds a cli_credentials_get_self_service() helper function. In order to support S4U2Proxy we need to be able to set the service principal for the S4U2Self step independent of the target principal. metze
* s3-auth Rename smb_krb5_open_keytab to avoid a conflict with s3Andrew Bartlett2011-04-141-2/+2
| | | | | | The s3 function doesn't use the keytab_container concept. Andrew Bartlett
* source4/auth: Fix prototypes for all functions.Jelmer Vernooij2011-03-193-1/+5
|
* Fix some typesJelmer Vernooij2011-02-281-1/+1
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
* tdb: Use <tdb.h> to include tdb so system headers are found when building ↵Jelmer Vernooij2011-02-281-1/+1
| | | | against system tdb.
* ldb: use #include <ldb.h> for ldbAndrew Tridgell2011-02-101-1/+1
| | | | | | | | thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-python Ensure we add the Samba python path first.Andrew Bartlett2011-02-021-1/+1
| | | | | | | This exact form of the construction is important, and we match on it in the installation scripts. Andrew Bartlett
* s4-smbtorture: Make test names lowercase and dot-separated.Jelmer Vernooij2010-12-111-2/+1
| | | | | | | | This is consistent with the test names used by selftest, should make the names less confusing and easier to integrate with other tools. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
* pycredentials: Use talloc.Object.Jelmer Vernooij2010-12-011-2/+5
|
* s4-tests/bind.py: Use samba.tests.connect_samdb() instead of directly using ↵Kamen Mazdrashki2010-11-281-7/+10
| | | | | | | | | | | | | SamDB class connect_samdb() functino will correctly handle things like: - session_info param - it will create system_session() using supplied LoadParm parameter and thus avoiding creation of multiple LoadParm instances (LoadParm() will mask certain command line supplied options) - host url will be prefixed with ldap:// automatically Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Sun Nov 28 03:00:41 CET 2010 on sn-devel-104
* s4-tests: Modified bind.py to use samba.tests.delete_forceNadezhda Ivanova2010-11-251-7/+2
|
* Avoid the use of PyAPI_DATA, which is for internal Python API's.Arnaud Faucher2010-11-221-2/+2
| | | | | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Nov 22 00:52:56 CET 2010 on sn-devel-104
* s4-test: we need to import testtools before subunit/pythonAndrew Tridgell2010-11-131-1/+1
| | | | | | | subunit/python depends on testtools Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sat Nov 13 02:02:45 UTC 2010 on sn-devel-104
* s4/test: Expand BindTestAnatoliy Atanasov2010-11-111-20/+60
| | | | | | | The test now binds with user@realm, domain\user, user dn, computer dn Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> Autobuild-Date: Thu Nov 11 16:15:30 UTC 2010 on sn-devel-104
* credentials: Lowercase library name,Jelmer Vernooij2010-11-071-10/+10
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
* s4/test: Added test for simple bind with machine accountAnatoliy Atanasov2010-11-051-0/+116
| | | | | Samba4 returns error on simple bind, when we do it using openldap simple_bind_s api.
* s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2010-10-311-20/+0
| | | | | | | | The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
* s4-cmdline: make cmdline-credentials a private libraryAndrew Tridgell2010-10-301-1/+1
|
* s4-credentials: make a private library from CREDENTIALS subsystemAndrew Tridgell2010-10-301-8/+9
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* auth/credentials Give a sensible behaviour for resetting the krb5 contextAndrew Bartlett2010-10-271-3/+8
| | | | | | | | | | | This extra code isn't used at the moment, but I noticed the old API was rather supprising in it's behaviour, and might catch someone out at some later time. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Oct 27 05:24:22 UTC 2010 on sn-devel-104
* talloc: change pytalloc-util to be a public library.Jelmer Vernooij2010-10-261-1/+1
|
* s4: Drop duplicate 'lib' prefix for private libraries.Jelmer Vernooij2010-10-261-1/+1
|
* s4: Rename LIBSAMBA-* to libsamba-*Jelmer Vernooij2010-10-241-1/+1
|
* s4: Rename LIBSECURITY{_SESSION,} to libsecurity{_session,}Jelmer Vernooij2010-10-241-1/+1
|
* s4: Rename LIBEVENTS to libevents.Jelmer Vernooij2010-10-231-1/+1
|
* s4:"util_ldb" - remove some really unused dependanciesMatthias Dieter Wallnöfer2010-10-182-2/+1
|
* Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer2010-10-172-1/+2
| | | | | | | | | | | | in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
* s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer2010-10-172-2/+1
| | | | | | | | | "dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
* s4-credentials Allocate ldb result on correct memory contextAndrew Bartlett2010-10-121-1/+1
|
* s4-credentials Add explicit event context handling to Kerberos calls (only)Andrew Bartlett2010-10-115-42/+24
| | | | | | | | | | | | | | By setting the event context to use for this operation (only) onto the krb5_context just before we call that operation, we can try and emulate the specification of an event context to the actual send_to_kdc() This eliminates the specification of an event context to many other cli_credentials calls, and the last use of event_context_find() Special care is taken to restore the event context in the event of nesting in the send_to_kdc function. Andrew Bartlett
* s4-param Refactor secrets code to not require an event context.Andrew Bartlett2010-10-111-1/+1
| | | | | | | | A new event context is constructed by LDB when required for secrets.ldb This will be essentially unused, as LDB on TDB will only trigger 'fake' events, and blocks on transactions and lock operations anyway. Andrew Bartlett
* credentials: Avoid unnecessary includes.Jelmer Vernooij2010-10-111-2/+0
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Oct 11 13:01:36 UTC 2010 on sn-devel-104
* credentials: Fix the build.Jelmer Vernooij2010-10-115-2/+7
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Oct 11 02:47:50 UTC 2010 on sn-devel-104
* credentials: Split up into several subsystems.Jelmer Vernooij2010-10-112-5/+17
|
* kerberos_util: Put into separate subsystem.Jelmer Vernooij2010-10-112-2/+3
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Oct 11 00:34:56 UTC 2010 on sn-devel-104
* credentials: Move code that doesn't need any external dependencies intoJelmer Vernooij2010-10-103-144/+147
| | | | credentials.c.
* Add missing dependencies for com_err.Jelmer Vernooij2010-10-051-1/+1
|
* heimdal: Fix library name of gssapi.Jelmer Vernooij2010-10-051-1/+1
|
* s4-pycredentials: avoid a tallloc_free on refAndrew Tridgell2010-09-251-1/+1
| | | | with the new py object structure, we need to unlink not free
* s4-kerberos Move 'set key into keytab' code out of credentials.Andrew Bartlett2010-09-243-69/+5
| | | | | | | | This code never really belonged in the credentials layer, and is easier done with direct access to the ldb_message that is in secrets.ldb. Andrew Bartlett
* s4-selftest: Move credentials tests to standard python directory.Jelmer Vernooij2010-09-221-100/+0
|
* s4-param: Fix more memory leaks, invalid memory context.Jelmer Vernooij2010-09-221-10/+38
|
* s4-param: Check type when converting python object to lp_ctx, fix someJelmer Vernooij2010-09-221-2/+7
| | | | memory leaks.
* s4-pycredentials: expose forwardable setting via pythonAndrew Tridgell2010-09-161-0/+16
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
generated by cgit (git 2.34.1) at 2025-01-25 15:04:20 +0000