Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is ↵ | Matthias Dieter Wallnöfer | 2010-04-05 | 1 | -5/+0 |
| | | | | | | | | available" This reverts commit 3e091a82167f51b7d9abf00755bede9354932c6b. This should be fixed through the new build system when it lands in "master". | ||||
* | s4-python: Remove convenience macro PyErr_SetStringError. | Jelmer Vernooij | 2010-04-04 | 1 | -1/+1 |
| | | | | This macro assumed that all errors were runtime errors. | ||||
* | s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is available | Matthias Dieter Wallnöfer | 2010-03-30 | 1 | -0/+5 |
| | | | | FreeBSD 7.2 needs this. | ||||
* | pytalloc: allow for using a system libtalloc-dev with pytalloc | Andrew Tridgell | 2010-03-29 | 3 | -3/+3 |
| | | | | | | | | | When we have a system talloc library, we still need to grab pytalloc.h from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise we'll get the in-tree talloc.h which may not be compatible with the system talloc.h So we need to give the path to pytalloc.h | ||||
* | s4:auth/credentials/credentials.c - initialise more content | Matthias Dieter Wallnöfer | 2010-03-26 | 1 | -0/+3 |
| | | | | Now all data should be initialised | ||||
* | libutil: moved the networking defines to util_net.h | Andrew Tridgell | 2010-03-26 | 2 | -0/+2 |
| | | | | These were causing thousands of warnings on solaris8 | ||||
* | s4:ntlmssp: move sign/seal states to a private ntlmssp_crypt_state union | Stefan Metzmacher | 2010-03-24 | 2 | -76/+63 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: make use of dump_arc4_state() | Stefan Metzmacher | 2010-03-24 | 1 | -8/+7 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: copy dump_arc4_state() from source3 | Stefan Metzmacher | 2010-03-24 | 1 | -0/+6 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: avoid usage of calc_ntlmv2_key_talloc() | Stefan Metzmacher | 2010-03-24 | 2 | -29/+10 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: make use of calc_ntlmv2_key() for seal keys | Stefan Metzmacher | 2010-03-24 | 1 | -15/+16 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: add calc_ntlmv2_key() from source3 | Stefan Metzmacher | 2010-03-24 | 1 | -0/+11 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: rename calc_ntlmv2_key => calc_ntlmv2_key_talloc | Stefan Metzmacher | 2010-03-24 | 1 | -5/+5 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: inline ntlmssp_weakend_keys() | Stefan Metzmacher | 2010-03-24 | 2 | -54/+41 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: use a 'bool ok' helper variable to make the code more readable | Stefan Metzmacher | 2010-03-24 | 1 | -6/+14 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: fix some formating | Stefan Metzmacher | 2010-03-24 | 1 | -74/+110 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: move doing_ntlm2 to ntlmssp_server_auth_state | Stefan Metzmacher | 2010-03-24 | 2 | -4/+3 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: move NTLM2 session_nonce to ntlmssp_server_auth_state | Stefan Metzmacher | 2010-03-24 | 2 | -8/+7 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: move encrypted_session_key to ntlmssp_server_auth_state | Stefan Metzmacher | 2010-03-24 | 2 | -29/+19 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: keep a ntlmssp_server_auth_state to transport variables from ↵ | Stefan Metzmacher | 2010-03-24 | 1 | -10/+23 |
| | | | | | | | | preauth to postauth hooks metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: remove unused server_multiple_authentications feature. | Stefan Metzmacher | 2010-03-24 | 2 | -14/+1 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: rename gensec_ntlmssp_state => ntlmssp_state | Stefan Metzmacher | 2010-03-24 | 5 | -352/+352 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: split gensec_ntlmssp_unseal_packet() and ntlmssp_unseal_packet() | Stefan Metzmacher | 2010-03-24 | 1 | -17/+34 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: split gensec_ntlmssp_seal_packet() and ntlmssp_seal_packet() | Stefan Metzmacher | 2010-03-24 | 1 | -19/+37 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: split gensec_ntlmssp_check_packet() and ntlmssp_check_packet() | Stefan Metzmacher | 2010-03-24 | 1 | -13/+31 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: split gensec_ntlmssp_sign_packet() and ntlmssp_sign_packet() | Stefan Metzmacher | 2010-03-24 | 1 | -12/+27 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: make user a 'const char *' in (gensec_)ntlmssp_state | Stefan Metzmacher | 2010-03-24 | 1 | -1/+1 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: remove server_name from (gensec_)ntlmssp_state and fill the ↵ | Stefan Metzmacher | 2010-03-24 | 2 | -2/+10 |
| | | | | | | | | | | server.* fields also for the client Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: calculate server names at startup and store them in ↵ | Stefan Metzmacher | 2010-03-24 | 2 | -26/+37 |
| | | | | | | | | | | (gensec_)ntlmssp_state->server.* Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: replace server_role by a server.is_standalone in ↵ | Stefan Metzmacher | 2010-03-24 | 2 | -4/+10 |
| | | | | | | | | | | (gensec_)ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: remove more whitespaces... | Stefan Metzmacher | 2010-03-24 | 1 | -32/+32 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: add NTLMSSP_FEATURE_* flags from s3 | Stefan Metzmacher | 2010-03-24 | 1 | -0/+6 |
| | | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: keep struct gensec_ntlmssp_context in gensec_security->private_data | Stefan Metzmacher | 2010-03-24 | 4 | -23/+62 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: remove gensec_security from (gensec_)ntlmssp_state | Stefan Metzmacher | 2010-03-24 | 3 | -5/+5 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: remove backend specifix stuff from (gensec_)ntlmssp_state | Stefan Metzmacher | 2010-03-24 | 2 | -22/+46 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: create a gensec_ntlmssp_context between gensec_security and ↵ | Stefan Metzmacher | 2010-03-24 | 2 | -9/+20 |
| | | | | | | | | | | ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: add definition of gensec_ntlmssp_context | Stefan Metzmacher | 2010-03-24 | 1 | -0/+7 |
| | | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp: add a callback_private pointer to gensec_ntlmssp_state | Stefan Metzmacher | 2010-03-24 | 1 | -1/+6 |
| | | | | | | | | | | | We'll remove any gensec specific stuff from gensec_ntlmssp_state and rename it to ntlmssp_state again. Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | ||||
* | s4:ntlmssp Ensure that we always negotiate signing if we negotiate sealing. | Andrew Bartlett | 2010-03-24 | 1 | -0/+1 |
| | | | | | | Without this, a sealed LDAP connection to windows does not work. Andrew Bartlett | ||||
* | s4:auth/kerberos/kerberos.c - fix also here a memory leak | Matthias Dieter Wallnöfer | 2010-03-16 | 1 | -0/+1 |
| | | | | The options need to be freed also on this error case. | ||||
* | s4: Modify auth/config.m4 to move pam tests to nsswitch.m4 so that we tests ↵ | Matthieu Patou | 2010-03-11 | 1 | -6/+1 |
| | | | | | | things in one place Signed-off-by: Stefan Metzmacher <metze@samba.org> | ||||
* | s4-gensec: Fixed wrong usage of error_string. | Andreas Schneider | 2010-03-08 | 1 | -1/+1 |
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> | ||||
* | s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵ | Matthias Dieter Wallnöfer | 2010-03-04 | 1 | -1/+1 |
| | | | | | | | "authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks. | ||||
* | s4:sam.c - make "authsam_expand_nested_groups" public | Matthias Dieter Wallnöfer | 2010-03-04 | 2 | -1/+7 |
| | | | | This is needed by the "tokenGroups" work in the operational LDB module. | ||||
* | s4:sam.c - cosmetic indentation fix | Matthias Dieter Wallnöfer | 2010-03-04 | 1 | -2/+1 |
| | |||||
* | s4:sam.c - change variable types to unsigned in "sids_contains_sid" | Matthias Dieter Wallnöfer | 2010-03-04 | 1 | -3/+4 |
| | | | | Should also be unsigned - no need for a signed "i" and "num_sids" here. | ||||
* | Fix typo in comments. | Karolin Seeger | 2010-03-03 | 1 | -2/+2 |
| | |||||
* | s4:python Add bindings to set GENSEC flags on credentials in python | Andrew Bartlett | 2010-02-26 | 2 | -0/+32 |
| | | | | | | | This should allow these to be manipulated by python scripts that need encrypted connections. Andrew Bartlett | ||||
* | s4-krb5: propogate errors from a lot more kerberos functions | Andrew Tridgell | 2010-02-26 | 10 | -99/+148 |
| | | | | | | | | We need to be able to give sensible error messages when a kerberos calls fails. This propogates the kerberos error up the stack to the caller. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | ||||
* | s4:auth - make some parts "signed-safe" | Matthias Dieter Wallnöfer | 2010-02-25 | 2 | -7/+8 |
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> |