summaryrefslogtreecommitdiffstats
path: root/source3/auth/auth_ntlmssp.c
Commit message (Collapse)AuthorAgeFilesLines
...
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-1/+1
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-include: use new roles.hAndrew Tridgell2011-05-031-1/+1
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-auth Rename user_session_key -> session_key to match auth_session_infoAndrew Bartlett2011-04-051-6/+6
|
* s3-auth use create_local_token() to transform server_info -> session_infoAndrew Bartlett2011-04-051-24/+9
| | | | | | | | | | | | | | | | | | Before a auth_serversupplied_info struct can be used for authorization, the local groups and privileges must be calculated. create_local_token() now copies the server_info, and then sets the calulated token and unix groups. Soon, it will also transform the result into an expanded struct auth_session_info. Until then, the variable name (server_info vs session_info provides a clue to the developer about what information has been entered in the structure). By moving the calls to create_local_token within the codebase, we remove duplication, and ensure that the session key (where modified) is consistently copied into the new structure. Andrew Bartlett
* s3-auth: use auth.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: auth also needs parts of smbd.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett2011-02-221-5/+5
| | | | | | | | | | | | | | | | | | | | | These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* Ensure we check the return from make_user_info before dereferencing the ↵Jeremy Allison2010-11-101-2/+2
| | | | | | value returned by it. Jeremy.
* s3: Lift talloc_autofree_context() from make_auth_context_subsystem()Volker Lendecke2010-09-261-1/+1
|
* libcli/auth/ntlmssp Be clear about talloc parents for session keysAndrew Bartlett2010-09-161-9/+16
| | | | | | | | | | The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3: Remove a use of smbd_server_fdVolker Lendecke2010-08-291-1/+1
| | | | | This disables different socket options per user for ntlmssp authentiation, a change in behaviour which is exotic enough I believe.
* s3: Lift smbd_server_fd from reload_services()Volker Lendecke2010-08-181-1/+1
|
* s3:auth Make Samba3 use the new common struct auth_usersupplied_infoAndrew Bartlett2010-08-141-1/+1
| | | | | | | | | | | | | This common structure will make it much easier to produce an auth module for s3compat that calls Samba4's auth subsystem. In order the make the link work properly (and not map twice), we mark both that we did try and map the user, as well as if we changed the user during the mapping. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3: Lift the smbd_messaging_context from reload_servicesVolker Lendecke2010-08-081-1/+1
|
* s3-netlogon: remove global include of netlogon.h.Günther Deschner2010-08-061-0/+1
| | | | | | | This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther
* s3-auth: Remove unimplemented functionsSimo Sorce2010-07-281-10/+0
|
* s3-auth: Move auth_ntlmssp wrappers in their own fileSimo Sorce2010-07-201-77/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-auth: Refactor and rename auth_ntlmssp_server_info()Simo Sorce2010-07-201-11/+13
| | | | | | | | | Rename it to auth_ntlmssp_steal_server_info() to make it clear that the server_info struct is stolen from the auth_ntlmssp_state structure. Use talloc_move instead of manual steal&clear Add comments to explain what is going on. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-auth: Remove unused variable.Simo Sorce2010-07-191-2/+0
| | | | It was a spurious remnant after a rebase.
* s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contextsSimo Sorce2010-07-191-6/+12
| | | | | | | Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state. Remote auth_ntlmssp_end and use TALLOC_FREE in the callers. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-auth: auth_make ntlmssp_state the parent contextSimo Sorce2010-07-191-29/+12
| | | | | | | | There is no need for a separate mem_ctx member. Also make the ntlmssp_state a children of auth_ntlmssp_state Also cleanup auth_ntlmssp_end to free only what is not automatically freed Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-auth: Simplify how we free the auth_contextSimo Sorce2010-07-191-1/+1
| | | | | | | | | Turn the freeing function into a destructor and attach it to the auth_context. Make all callers TALLOC_FREE() the auth_context instead of calling the free function. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-auth: Cleanup and readability fixesSimo Sorce2010-07-191-21/+23
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.Simo Sorce2010-07-191-1/+1
| | | | | | All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett2010-07-141-4/+7
| | | | | | | | | This fixes a bug where register_existing_vuid() could be called with a NULL server_info if the alloction failed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"Volker Lendecke2010-06-081-6/+4
| | | | | | | | This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80. Conflicts: source3/auth/auth_ntlmssp.c
* s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSPAndrew Bartlett2010-06-071-0/+10
| | | | | | | | This allows the right hooks to be called in GENSEC when s3compat implements the auth_ntlmssp interface. Otherwise, we can't do the signing or sealing as we have not negoitated it's use. Andrew Bartlett
* s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett2010-06-071-4/+6
| | | | | | | It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett
* s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()Andrew Bartlett2010-05-311-2/+4
| | | | | | | | | This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
* ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett2010-05-311-1/+1
| | | | | | | | | The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
* s3:auth Remove AUTH_NTLMSSP_STATE typedef.Andrew Bartlett2010-05-311-12/+12
| | | | | | | | | typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
* s3:auth Make AUTH_NTLMSSP_STATE a private structure.Andrew Bartlett2010-05-311-0/+87
| | | | | | | | | This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
* s3: Make "auth_context" its own talloc parentVolker Lendecke2010-04-111-1/+1
| | | | Remove "mem_ctx" from "struct auth_context"
* s3:ntlmssp: use client.netbios_name instead of workstationStefan Metzmacher2010-03-241-2/+2
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: rename void *auth_context; into void *callback_private;Stefan Metzmacher2010-03-241-5/+5
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_stateStefan Metzmacher2010-03-241-6/+28
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp: replace server_role by a server.is_standalone in ntlmssp_stateStefan Metzmacher2010-03-241-1/+5
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3: Remove the typedef for "auth_usersupplied_info"Volker Lendecke2010-01-101-1/+1
|
* s3:ntlmssp: change get_challange() to return NTSTATUSStefan Metzmacher2009-12-291-2/+3
| | | | metze
* s3:ntlmssp: only include ntlmssp.h where actually neededAndrew Bartlett2009-12-221-0/+1
| | | | Andrew Bartlett
* Fix the build on SolarisVolker Lendecke2009-02-211-1/+1
|
* Remove the static "chal" from ntlmssp.c:get_challenge()Volker Lendecke2009-02-211-2/+4
|
* Rename server_info->was_mapped to server_info->nss_tokenVolker Lendecke2008-05-071-1/+1
| | | | | | "nss_token" from my point of view much better reflects what this flag actually represents (This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
* Be more verbose why create local token has failed duringGünther Deschner2008-03-061-1/+2
| | | | | | | NTLMSSP and Kerberos session setup Guenther (This used to be commit 18b8c2c19e50aee8fc900c7507244cb95014a4fa)
* Allow auth_ntlmssp_end() to ignore null pointers passed in.Jeremy Allison2008-02-141-1/+6
| | | | | Jeremy. (This used to be commit b7628f3a47166791db4cd6451d52ea3881a45bed)
* RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison2007-10-181-2/+2
| | | | | | | | bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
* r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell2007-10-101-2/+1
| | | | (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
* r23779: Change from v2 or later to v3 or later.Jeremy Allison2007-10-101-1/+1
| | | | | Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
* r22001: change prototype of dump_data(), so that it takes unsigned char * now,Stefan Metzmacher2007-10-101-1/+1
| | | | | | | | | which matches what samba4 has. also fix all the callers to prevent compiler warnings metze (This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
* r17626: Some C++ WarningsVolker Lendecke2007-10-101-4/+8
| | | | (This used to be commit 09e7c010f03ac3c621f7a7fad44685d278c1481a)
generated by cgit (git 2.34.1) at 2025-09-28 16:55:40 +0000