summaryrefslogtreecommitdiffstats
path: root/source4/auth
Commit message (Collapse)AuthorAgeFilesLines
* lib/replace: split out GSSAPI from lib/replace/system/kerberos.h into ↵Alexander Bokovoy2012-04-253-4/+3
| | | | | | | | | | | | | | lib/replace/system/gssapi.h With waf build include directories are defined by dependencies specified to subsystems. Without proper dependency <gssapi/gssapi.h> cannot be found for embedded Heimdal builds when there are no system-wide gssapi/gssapi.h available. Split out GSSAPI header includes in a separate replacement header and use that explicitly where needed. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed Apr 25 00:18:33 CEST 2012 on sn-devel-104
* Make krb5 wrapper library common so they can be used all overSimo Sorce2012-04-232-4/+5
|
* For now just disable this Heindal specific stuff in the MIT buildSimo Sorce2012-04-235-3/+29
|
* Make krb5 context initialization not heimdal specificSimo Sorce2012-04-232-22/+54
| | | | | Turn the logging data to an opaque pointer. Ifdef code and use MIT logging function when built against system MIT.
* Fix Error messagesSimo Sorce2012-04-191-4/+2
|
* s4-auth: Make sure ldb context is initialized even if not passed by Python codeAlexander Bokovoy2012-04-141-1/+1
| | | | | Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Sat Apr 14 00:21:00 CEST 2012 on sn-devel-104
* srv_keytab: Pass krb5_context directly, it's all we use anyways.Simo Sorce2012-04-121-16/+11
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* auth-krb: Move pac related util functions in a single place.Simo Sorce2012-04-123-0/+3
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* auth-krb: Make functions static.Simo Sorce2012-04-121-0/+71
| | | | | | | The remaining gssapi_parse functions were used exclusively in gensec_krb5. Move them there and make them static. Signed-off-by: Andreas Schneider <asn@samba.org>
* auth-krb: Nove oid packet check to gensec_util.Simo Sorce2012-04-122-43/+3
| | | | | | | | This is clearly a utiliy function generic to gensec. Also the 3 callers had identical implementations. Provide a generic implementation for all of them and avoid duplicating the code everywhere. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Remove dependency on credentials too.Simo Sorce2012-04-122-11/+5
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Remove unneded dependency on kerberos_util.Simo Sorce2012-04-123-40/+54
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Simplify salt_princ handling.Simo Sorce2012-04-124-287/+187
| | | | | | | | This allows us to make parse_principal static in kerbeors_util again and avoid a silly game where we alloc containers and set destrcutors only to release the whole thing at the end of the function. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Move function to db-glue.c and make it static.Simo Sorce2012-04-122-20/+0
| | | | | | | kerberos_enctype_to_bitmap is not used anywhere else, so just move it there and make it static, one less dependency to worry about. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Move keytab functions in a separate file.Simo Sorce2012-04-124-707/+749
| | | | | | Confine ldb dependency. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Streamline and cleanup code to make it readable.Simo Sorce2012-04-121-190/+256
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: streamline and rename enctype functionsSimo Sorce2012-04-121-11/+12
| | | | better express what is being done in the function name.
* s4-auth-krb: Make kerberos_enctype_bitmap_to_enctype static.Simo Sorce2012-04-122-3/+1
| | | | | | It's a helper function not used anywhere else. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Make kerberos_enctype_bitmap_to_enctypes static.Simo Sorce2012-04-121-1/+7
| | | | | | It is not used anywhere else. Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Move function into more appropriate header.Simo Sorce2012-04-121-0/+8
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s4-auth-krb: Make impersonate_principal_from_credentials static.Simo Sorce2012-04-121-0/+1
| | | | | | It's not used anywhere else. Signed-off-by: Andreas Schneider <asn@samba.org>
* gensec_gssapi: keep private header file close to the actual codeSimo Sorce2012-04-122-1/+70
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* krb5_wrap: remove duplicate declaration and dead ifdefSimo Sorce2012-04-121-4/+0
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* s4:auth/gensec/schannel: initialize struct schannel_state to zeroStefan Metzmacher2012-03-021-2/+1
| | | | metze
* s4:auth/gensec/schannel: make a copy of netlogon_creds_CredentialState in ↵Stefan Metzmacher2012-03-021-1/+8
| | | | | | | | the client This is really a copy for the lifetime of the rpc connection. metze
* auth: Rename some elements of auth4_contextAndrew Bartlett2012-02-241-3/+3
| | | | | | These operate on NTLM authentication, so make that clear. Andrew Bartlett
* pygensec: Fix whitespace.Jelmer Vernooij2012-02-181-8/+8
|
* auth: Reorder arguments to generate_session_infoAndrew Bartlett2012-02-182-8/+9
| | | | | | | | | This matches check_ntlm_password() and generate_session_info_pac() Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sat Feb 18 02:19:35 CET 2012 on sn-devel-104
* auth: Move the rest of the source4 gensec_ntlmssp code to the top levelAndrew Bartlett2012-02-175-1021/+0
| | | | | | | | | | The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett2012-02-171-33/+22
| | | | | | | | | gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
* auth: Pass in the SMB username (for %U) into generate_session_infoAndrew Bartlett2012-02-134-5/+12
| | | | | | | | | This matches what Samba3 does. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Feb 13 01:25:59 CET 2012 on sn-devel-104
* gensec: inline gensec_generate_session_info() into only callerAndrew Bartlett2012-01-302-9/+27
| | | | | | | | | | | | | | This avoids casting to and from the struct auth_user_info_dc *user_info_dc to to this, the if (user_info_dc->info->authenticated) is moved into auth_generate_session_info_wrapper(), which is the function that gensec_security->auth_context->generate_session_info points to. Andrew Bartlett
* s4-auth: Return NT_STATUS_NOT_IMPLEMENTED if the challenge cannot be obtainedAndrew Bartlett2012-01-301-1/+1
|
* auth: Make check_password and generate_session_info hook genericAndrew Bartlett2012-01-303-21/+51
| | | | | | | | gensec_ntlmssp does not need to know the internal form of the struct user_info_dc or auth_serversupplied_info. This will allow the calling logic to be put in common. Andrew Bartlett
* s4:auth/gensec: make sure GSS_C_CONF_FLAG implies GSS_C_INTEG_FLAGStefan Metzmacher2012-01-201-0/+1
| | | | metze
* auth/gensec: move spnego.c to the toplevelStefan Metzmacher2012-01-132-1411/+0
| | | | metze
* auth/gensec: common helper functions should be in gensec_util.cStefan Metzmacher2012-01-131-107/+0
| | | | | | This makes the dependencies easier to handle. metze
* s4:auth/gensec: inline packet_full_request_u32()Stefan Metzmacher2012-01-131-1/+9
| | | | | | This removes the dependency to s4 specific code. metze
* s4:auth/gensec: fix compiler warnings in spnego.cStefan Metzmacher2012-01-131-3/+0
| | | | metze
* s4:auth/gensec/spnego: add support for fragmented spnego messagesStefan Metzmacher2012-01-121-3/+205
| | | | metze
* s4:pygensec: add set_max_update_size() and max_update_size() functionsStefan Metzmacher2012-01-121-0/+25
| | | | metze
* s4:auth: Make sure to check the optional auth_context hooks before using themAndrew Bartlett2012-01-111-18/+26
| | | | | | | | | | | | These are optional to supply - some callers only provide an auth_context for the other plugin functions, and so we need to deal with this cleanly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
* gensec: Rename want_flags and got_flags in gensec_gssapiAndrew Bartlett2012-01-111-26/+26
| | | | | | | | This make it clearer what type of flags these are. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: make gensec_gssapi.h commonAndrew Bartlett2012-01-111-67/+0
| | | | | | | | | This will make it easier to share elements of the GSSAPI gensec mechs, in much the same way elements of the NTLMSSP mech are shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: move gensec_util.c to the top levelAndrew Bartlett2012-01-113-104/+1
| | | | | | | | To do this some defines need to move to common_auth.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* auth: make auth4_context common to provide access to generate_session_info_pac()Andrew Bartlett2012-01-111-52/+0
| | | | | | | | | | By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* krb5: Require krb5_set_real_time is available to build with krb5Andrew Bartlett2012-01-101-4/+0
|
* s4-kerberos: remove some unused prototypes.Günther Deschner2012-01-091-22/+0
| | | | | | | | | These are defined in the krb5 abstraction headers elsewhere. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 9 14:32:08 CET 2012 on sn-devel-104
* ntlmssp: merge initial packet implementationsAndrew Bartlett2012-01-061-6/+25
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:pygensec: add session_key() methodStefan Metzmacher2012-01-041-0/+29
| | | | metze
generated by cgit (git 2.34.1) at 2026-03-01 08:33:20 +0000