summaryrefslogtreecommitdiffstats
path: root/source4/auth/gensec
Commit message (Collapse)AuthorAgeFilesLines
* s4:Remove "Py_RETURN_NONE" compatibility codeMatthias Dieter Wallnöfer2010-02-091-4/+0
| | | | This was needed only by Python 2.3 which we no longer support.
* s4:gensec: change gensec_update_send/recv to tevent_reqStefan Metzmacher2009-12-243-58/+83
| | | | metze
* s4:gensec: allow clearing local and remote address by passing NULLStefan Metzmacher2009-12-161-0/+10
| | | | metze
* s4-gensec: Remove obsolete socket_address vars and fns.Andreas Schneider2009-12-162-35/+0
|
* s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.Andreas Schneider2009-12-164-27/+21
|
* s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.Andreas Schneider2009-12-162-11/+0
|
* s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.Andreas Schneider2009-12-163-23/+24
|
* s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.Andreas Schneider2009-12-162-10/+0
|
* s4-gensec: Added remote and local setter/getter using tsocket.Andreas Schneider2009-12-163-4/+127
|
* s4:gensec/schannel: remove unused talloc_reference() in schannel_update()Stefan Metzmacher2009-10-241-1/+1
| | | | | | We never expose creds to the caller in schannel_update(). metze
* s4-python: we need to include Python.h firstAndrew Tridgell2009-10-231-1/+1
| | | | | If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
* s4:gensec Use an index on computerName in schannel.ldbAndrew Bartlett2009-10-231-1/+4
|
* s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell2009-10-231-1/+1
| | | | | | | | | This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
* s4-dsdb: create a static system_session contextAndrew Tridgell2009-10-231-2/+2
| | | | | | This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
* s4: ran minimal_includes.pl on source4/auth/gensecAndrew Tridgell2009-10-206-12/+0
|
* s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer2009-10-141-9/+5
| | | | | | For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.
* s4-pygensec: a bit closer to workingAndrew Tridgell2009-10-023-9/+56
| | | | | I'll need help from Andrew on how to get gensec to initialise it's ops element
* gensec: Avoid exposing lp_ctx on the API level.Jelmer Vernooij2009-09-263-14/+12
|
* pygensec: Add initial work on a gensec Python module.Jelmer Vernooij2009-09-263-0/+184
|
* s4:auth/gensec/schannel - fix a const warningMatthias Dieter Wallnöfer2009-09-251-1/+2
|
* s4:schannel: fix some compiler warningsStefan Metzmacher2009-09-251-2/+4
| | | | | | If we only do signing we can pass down a const data buffer. metze
* spnego: Support ASN.1 BIT STRING and use it in SPNEGO.Kouhei Sutou2009-09-171-2/+4
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* spnego: share spnego_parse.Günther Deschner2009-09-174-475/+2
| | | | Guenther
* libcli/auth: rewrite schannel sign/seal code to be more genericStefan Metzmacher2009-09-161-33/+56
| | | | | | This prepares support for HMAC-SHA256/AES. metze
* schannel: move schannel_sign to main directory.Günther Deschner2009-09-164-312/+3
| | | | Guenther
* s4-schannel: try to fix the build.Günther Deschner2009-09-161-1/+1
| | | | Guenther
* s4-schannel: first step of decoupling schannel from gensec.Günther Deschner2009-09-162-20/+51
| | | | Guenther
* s4-schannel: strip trailing whitespace.Günther Deschner2009-09-161-36/+36
| | | | Guenther
* s4-schannel: use NL_AUTH_MESSAGE for schannel.Günther Deschner2009-09-131-23/+35
| | | | Guenther
* s4-schannel: strip trailing whitespace.Günther Deschner2009-09-131-26/+26
| | | | Guenther
* s4-schannel: add ldb suffix to schannel functions.Günther Deschner2009-08-271-2/+2
| | | | Guenther
* s4:gensec/spnego: only generate the mechListMic when the server expects itStefan Metzmacher2009-07-281-1/+2
| | | | | | This fixes the ntvfs.cifs tests. metze
* s4:gensec_gssapi: pass the correct oid to the gssapi layer.Stefan Metzmacher2009-07-241-4/+11
| | | | metze
* s4:gensec/spengo: make sure we send the blob with the micListMech signature ↵Stefan Metzmacher2009-07-241-1/+1
| | | | | | | | to the peer We should even do this if the submech has no more data to send. metze
* s4:gensec Rework gensec_krb5 mutual authentication defaultsAndrew Bartlett2009-07-161-24/+28
| | | | | | | | When emulating Samba3 (which we do to ensure we don't break compatability), don't do mutual authentication by default, as it breaks the session key with AES and isn't what Samba3 does anyway. Andrew Bartlett
* s4:gensec Allow mutual auth to be turned off in 'fake_gssapi_krb5'Andrew Bartlett2009-07-161-5/+15
| | | | | | | | This allows the older 'like Samba3' GENSEC krb5 implementation to work against Windows 2008. I'm using this to track down interop issues in this area. Andrew Bartlett
* gensec_start now steals the auth_contextAndrew Tridgell2009-07-011-1/+3
|
* s4:gensec Print GSSAPI error message when unable to find PACAndrew Bartlett2009-06-181-1/+3
|
* s4:heimdal: import lorikeet-heimdal-200906080040 (commit ↵Andrew Bartlett2009-06-121-0/+3
| | | | | | | | | | | 904d0124b46eed7a8ad6e5b73e892ff34b6865ba) Also including the supporting changes required to pass make test A number of heimdal functions and constants have changed since we last imported a tree (for the better, but inconvenient for us). Andrew Bartlett
* Fix dependencies when using shared libraries.Jelmer Vernooij2009-06-021-1/+1
|
* Remove unused headersAndrew Bartlett2009-04-191-4/+2
|
* Fix Samba4 build errors with common libcli/samsyncAndrew Bartlett2009-04-161-0/+1
|
* Rework to use new API for common netlogon credential chainingAndrew Bartlett2009-04-141-1/+1
|
* Rework Samba4 to use the new common libcli/auth codeAndrew Bartlett2009-04-143-13/+26
| | | | | | | In particular, this is the rename from creds_ to netlogon_creds_, as well as other links to use the new common crypto. Andrew Bartlett
* Push schannel_state.c into the top level.Andrew Bartlett2009-04-142-284/+1
| | | | | | This is the server side state for netlogon credential chaining Andrew Bartlett
* Push sam_get_server_info_principal into the auth subsystemAndrew Bartlett2009-02-133-7/+24
| | | | | | | | | This means it must be accessed via the supplied auth_context in the GENSEC server, and should remove the hard depenceny of GENSEC on the auth subsystem and ldb (allowing LDB not to rely on LDB is considered a good thing, apparently) Andrew Bartlett
* Remove auth/ntlm as a dependency of GENSEC by means of function pointers.Andrew Bartlett2009-02-133-17/+16
| | | | | | | | | | | When starting GENSEC on the server, the auth subsystem context must be passed in, which now includes function pointers to the key elements. This should (when the other dependencies are fixed up) allow GENSEC to exist as a client or server library without bundling in too much of our server code. Andrew Bartlett
* s4:auth/gensec: s/private/private_dataStefan Metzmacher2009-02-021-10/+10
| | | | metze
* Make schannel not depend on samdb anymore.Simo Sorce2009-02-012-6/+61
|
* s4:auth: move make_server_info_netlogon_validation() function arroundStefan Metzmacher2009-01-211-1/+1
| | | | metze
generated by cgit (git 2.34.1) at 2025-09-26 09:49:41 +0000