summaryrefslogtreecommitdiffstats
path: root/source4/auth
Commit message (Collapse)AuthorAgeFilesLines
...
* s4:kerberos Give a better error message than "Could not allocate memory"Andrew Bartlett2010-04-271-3/+3
| | | | Andrew Bartlett
* pytalloc: ensure talloc_ctx is directly after PyObject_HEADAndrew Tridgell2010-04-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | the talloc python interface for tp_alloc and tp_dealloc relies on a cast to a py_talloc_Object to find the talloc_ctx (see py_talloc_dealloc). This means we rely on the talloc_ctx for the object being directly after the PyObject_HEAD This fixes the talloc free with references bug in samba_dnsupdate The actual problem was the tp_alloc() call in PyCredentialCacheContainer_from_ccache_container() which used a cast from a py_talloc_Object to a PyCredentialCacheContainerObject. That case effectively changed the parent/child relationship between the talloc_ctx and the ccc ptr. This patch changes all the structures that follow this pattern to put the TALLOC_CTX directly after the PyObject_HEAD, to ensure that if anyone else decides to do a dangerous cast like this that it won't cause the same sort of subtle breakage. Pair-Programmed-With: Rusty Russell <rusty@samba.org>
* s4-python: PyErr_SetString() will crash on NULL stringsAndrew Tridgell2010-04-191-1/+1
| | | | use nt_errstr() when no error available
* s4:auth Change auth_generate_session_info to take an auth contextAndrew Bartlett2010-04-1413-40/+71
| | | | | | | | | | | | | | | | | | The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett
* s4:auth Allow the simple 'struct auth_session_info' generator for all usersAndrew Bartlett2010-04-141-3/+3
| | | | | | | This code isn't ideal, but it is better than needing to consult the main SamDB in things like a torture test. Andrew Bartlett
* s4:auth/auth_sam_reply.c - fix counter typesMatthias Dieter Wallnöfer2010-04-121-3/+3
|
* lib/replace/wscript: inline LIBREPLACE_EXT into 'replace' as the autoconf ↵Stefan Metzmacher2010-04-121-1/+1
| | | | | | system does metze
* s4:auth Remove event context from anonymous_session()Andrew Bartlett2010-04-114-120/+117
| | | | | | | | This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett
* s4:credentials Add the functions needed to do S4U2Self with cli_credentialsAndrew Bartlett2010-04-106-50/+208
| | | | | | A torture test to demonstrate will be added soon. Andrew Bartlett
* s4:credentials talloc_free() any previous salt_principalAndrew Bartlett2010-04-102-1/+2
| | | | | | | This isn't used often, but it is generally better not to leak it onto what may be a longer-term context. Andrew Bartlett
* pynet: Create a net class.Jelmer Vernooij2010-04-083-10/+22
|
* s4:auth/ntlm/auth_developer.c - "fixed_challenge_get_challenge" - fix the ↵Matthias Dieter Wallnöfer2010-04-061-5/+2
| | | | | | assignment of the challenge This is a string buffer and not a DATA_BLOB.
* s4-python: Move set_session_info to PySambaLdb.Jelmer Vernooij2010-04-062-2/+2
|
* s4-waf: move to a universal method of recursing into subdirsAndrew Tridgell2010-04-061-5/+5
| | | | This works with both standalone lib builds and bundled builds
* s4-waf: removed the AUTOGENERATED markersAndrew Tridgell2010-04-064-15/+0
| | | | we won't be using the mk -> wscript generator again
* s4-waf: more dependencies on tallocAndrew Tridgell2010-04-062-1/+3
| | | | | these are needed so we can support a system talloc without using the bundled talloc.h
* s4-waf: fixed some deps now we don't auto-include tevent and replaceAndrew Tridgell2010-04-061-1/+1
| | | | | this is preparation for being able to use system versions of these libraries
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-067-0/+14
| | | | them
* s4-waf: enable the pc_files in the build rulesAndrew Tridgell2010-04-061-1/+1
|
* s4-waf: install the rest of the headersAndrew Tridgell2010-04-061-0/+1
|
* s4-waf: remove the need for some of the lib aliasesAndrew Tridgell2010-04-061-1/+1
|
* build: check libc first for several librariesAndrew Tridgell2010-04-061-1/+1
|
* build: fixed the build without sasl librariesAndrew Tridgell2010-04-062-4/+5
| | | | We need to only enable the cyrus_sasl module if we have sasl/sasl.h
* build: waf quicktest nearly worksAndrew Tridgell2010-04-064-12/+4
| | | | | Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-066-0/+223
|
* build: check for libsasl2Andrew Tridgell2010-04-061-0/+4
|
* build: check for pamAndrew Tridgell2010-04-061-0/+2
|
* Revert "s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is ↵Matthias Dieter Wallnöfer2010-04-051-5/+0
| | | | | | | | available" This reverts commit 3e091a82167f51b7d9abf00755bede9354932c6b. This should be fixed through the new build system when it lands in "master".
* s4-python: Remove convenience macro PyErr_SetStringError.Jelmer Vernooij2010-04-041-1/+1
| | | | This macro assumed that all errors were runtime errors.
* s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is availableMatthias Dieter Wallnöfer2010-03-301-0/+5
| | | | FreeBSD 7.2 needs this.
* pytalloc: allow for using a system libtalloc-dev with pytallocAndrew Tridgell2010-03-293-3/+3
| | | | | | | | | When we have a system talloc library, we still need to grab pytalloc.h from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise we'll get the in-tree talloc.h which may not be compatible with the system talloc.h So we need to give the path to pytalloc.h
* s4:auth/credentials/credentials.c - initialise more contentMatthias Dieter Wallnöfer2010-03-261-0/+3
| | | | Now all data should be initialised
* libutil: moved the networking defines to util_net.hAndrew Tridgell2010-03-262-0/+2
| | | | These were causing thousands of warnings on solaris8
* s4:ntlmssp: move sign/seal states to a private ntlmssp_crypt_state unionStefan Metzmacher2010-03-242-76/+63
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: make use of dump_arc4_state()Stefan Metzmacher2010-03-241-8/+7
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: copy dump_arc4_state() from source3Stefan Metzmacher2010-03-241-0/+6
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: avoid usage of calc_ntlmv2_key_talloc()Stefan Metzmacher2010-03-242-29/+10
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: make use of calc_ntlmv2_key() for seal keysStefan Metzmacher2010-03-241-15/+16
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: add calc_ntlmv2_key() from source3Stefan Metzmacher2010-03-241-0/+11
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: rename calc_ntlmv2_key => calc_ntlmv2_key_tallocStefan Metzmacher2010-03-241-5/+5
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: inline ntlmssp_weakend_keys()Stefan Metzmacher2010-03-242-54/+41
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: use a 'bool ok' helper variable to make the code more readableStefan Metzmacher2010-03-241-6/+14
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: fix some formatingStefan Metzmacher2010-03-241-74/+110
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: move doing_ntlm2 to ntlmssp_server_auth_stateStefan Metzmacher2010-03-242-4/+3
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: move NTLM2 session_nonce to ntlmssp_server_auth_stateStefan Metzmacher2010-03-242-8/+7
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: move encrypted_session_key to ntlmssp_server_auth_stateStefan Metzmacher2010-03-242-29/+19
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: keep a ntlmssp_server_auth_state to transport variables from ↵Stefan Metzmacher2010-03-241-10/+23
| | | | | | | | preauth to postauth hooks metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: remove unused server_multiple_authentications feature.Stefan Metzmacher2010-03-242-14/+1
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: rename gensec_ntlmssp_state => ntlmssp_stateStefan Metzmacher2010-03-245-352/+352
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
* s4:ntlmssp: split gensec_ntlmssp_unseal_packet() and ntlmssp_unseal_packet()Stefan Metzmacher2010-03-241-17/+34
| | | | | | | | Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
generated by cgit (git 2.34.1) at 2025-02-26 22:49:36 +0000