summaryrefslogtreecommitdiffstats
path: root/source4/auth
Commit message (Collapse)AuthorAgeFilesLines
...
* s4-auth Rename auth -> auth4 to avoid conflict with s3 authAndrew Bartlett2011-05-0818-74/+74
|
* s4-auth: remove unused prototypeAndrew Tridgell2011-05-081-4/+1
|
* s4-auth: removed the password combinations code in auth_unixAndrew Tridgell2011-05-051-39/+4
| | | | | | | | | | this code never did anything due to a typo, and was untested. We should not be inluding a password cracker in Samba anyway. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu May 5 07:00:14 CEST 2011 on sn-devel-104
* sasl_secret_t ends in a char [1] size. This means the extra character is ↵Jeremy Allison2011-05-041-2/+2
| | | | implicit in the safe_strcpy. When changing to strlcpy ensure we allocate an extra char for it. This fixes a bug where secret->len+1 used with safe_strcpy could actually write into secret->len+2.
* Remove strlower_m() and strupper_m() from source4 and common code.Andrew Bartlett2011-05-031-14/+14
| | | | | | | | | This function is problematic because a string may expand in size when changed into upper or lower case. This will then push characters off the end of the string in the s3 implementation, or panic in the former s4 implementation. Andrew Bartlett
* s4-messaging Rename messaging -> imessagingAndrew Bartlett2011-05-035-16/+16
| | | | | | | This avoid symbol and structure conflicts between Samba3 and Samba4, and chooses a less generic name. Andrew Bartlett
* s4-param Remove config_path() -> lpcfg_config_path()Andrew Bartlett2011-04-291-1/+1
| | | | | | This is consistent with lock_path() Andrew Bartlett
* s4-gensec: Use new common 'obtain the PAC' functions.Andrew Bartlett2011-04-271-15/+4
| | | | | | | Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Apr 27 05:08:10 CEST 2011 on sn-devel-104
* libcli/auth Move Samba4's gssapi_error_string from GENSEC to libcli/authAndrew Bartlett2011-04-271-38/+0
| | | | | | This will allow the GSSAPI PAC fetch code to use it. Andrew Bartlett
* libcli/auth Move PAC parsing and verification in common.Andrew Bartlett2011-04-203-336/+19
| | | | | | | | This uses the source3 PAC code (originally from Samba4) with some small changes to restore functionality needed by the torture tests, and to have a common API. Andrew Bartlett
* s3-auth Rename smb_krb5_open_keytab to avoid a conflict with s3Andrew Bartlett2011-04-142-9/+9
| | | | | | The s3 function doesn't use the keytab_container concept. Andrew Bartlett
* libcli/auth Move krb5 wrapper functions from s3 into commonAndrew Bartlett2011-04-143-113/+4
| | | | | | | | | This requires a small rework of the build system to ensure that the correct #define statements are made in both the s3 and top level builds. We now define the various HAVE_ macros in config.h at all times, using heimdal_build/wscript_configure when that is in use. Andrew Bartlett
* lib: make asn1_util a private libraryAndrew Tridgell2011-04-062-2/+2
| | | | | | | this prevents symbol duplication of the asn1 symbols in the service and ntvfs subsystems Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* auth: Move auth_session_info into IDLAndrew Bartlett2011-04-054-104/+16
| | | | | | | | | | This changes auth_session_info_transport to just be a wrapper, rather than a copy that has to be kept in sync. As auth_session_info was already wrapped in python, this required changes to the existing pyauth wrapper and it's users. Andrew Bartlett
* s4-auth: Always talloc_zero() the struct auth_session_infoAndrew Bartlett2011-04-051-1/+1
|
* s4-krb5: be a bit less verbose about krb5 packetsAndrew Tridgell2011-04-041-1/+1
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* Fix inspired by work done by David Disseldorp for bug #8040 - smbclient ↵Jeremy Allison2011-03-281-4/+10
| | | | | | | | | segfaults when a Cyrillic netbios name or workgroup is configured. Change msrpc_gen to return NTSTATUS and ensure everywhere this is used it is correctly checked to return that status. Jeremy.
* s4:python bindings - handle NULL returns from "loadparm_init_global"Matthias Dieter Wallnöfer2011-03-221-0/+10
| | | | | | | Reviewed-by: Jelmer Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Mar 22 19:52:57 CET 2011 on sn-devel-104
* s4:auth/system_session.c - check for OOMMatthias Dieter Wallnöfer2011-03-221-0/+2
| | | | Reviewed-by: Jelmer
* source4/auth: Fix prototypes for all functions.Jelmer Vernooij2011-03-196-1/+17
|
* source4/auth/ntlm: Fix prototypes for all functions.Jelmer Vernooij2011-03-197-0/+13
|
* source4/auth/gensec: Fix prototypes for all functions.Jelmer Vernooij2011-03-197-1/+11
|
* Fix public header not to include private (not installed) ones.Simo Sorce2011-03-142-1/+2
| | | | | Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Mon Mar 14 17:01:20 CET 2011 on sn-devel-104
* s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner2011-03-043-26/+1
| | | | Guenther
* Fix some typesJelmer Vernooij2011-02-281-1/+1
| | | | | Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Feb 28 23:30:06 CET 2011 on sn-devel-104
* tdb: Use <tdb.h> to include tdb so system headers are found when building ↵Jelmer Vernooij2011-02-282-2/+2
| | | | against system tdb.
* build: moved spnego_parse.c into a common subsystemAndrew Tridgell2011-02-241-2/+2
|
* build: moved schannel_sign.c into a shared COMMON_SCHANNEL subsystemAndrew Tridgell2011-02-241-2/+2
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* build: moved libcli/auth/ntlmssp*.c into a common libcliauth.so libraryAndrew Tridgell2011-02-243-7/+4
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-auth Move libcli/security/session.c to the top levelAndrew Bartlett2011-02-222-8/+2
| | | | | | | This code is now useful in common, as the elements of the auth_session_info structure have now been defined in common IDL. Andrew Bartlett
* s4-auth: rename 'auth' subsystem to 'auth4'Andrew Tridgell2011-02-185-25/+25
| | | | | | | | this prevents conflicts with the s3 auth modules. The auth modules in samba3 may appear in production smb.conf files, so it is preferable to rename the s4 modules for minimal disruption. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* librpc: make NDR_KRB5PAC a shared library (libndr-krb5pac.so).Günther Deschner2011-02-141-1/+1
| | | | | | | | | Simo, please check. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Feb 14 18:54:38 CET 2011 on sn-devel-104
* ldb: use #include <ldb.h> for ldbAndrew Tridgell2011-02-104-4/+4
| | | | | | | | thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-krb5: authkrb5 should depend on ldbAndrew Tridgell2011-02-101-1/+1
| | | | | | this fixes the include path to add ldb Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* libcli/named_pipe_auth Change from 'info3' to auth_session_info_transportAndrew Bartlett2011-02-102-0/+157
| | | | | | | | | | | | | | | This changes the structure being used to convey the current user state from the netlogon-derived 'netr_SamInfo3' structure to a purpose-built structure that matches the internals of the Samba auth subsystem and contains the final group list, as well as the final privilege set and session key. These previously had to be re-created on the server side of the pipe each time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* auth Move auth_sam_reply into the top level.Andrew Bartlett2011-02-102-397/+0
| | | | | | | | | These functions provide conversions between some netlogon.idl and auth.idl structures Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-auth Fix setting of bad_password_count in ↵Andrew Bartlett2011-02-091-1/+1
| | | | | | | | auth_convert_user_info_dc_sambaseinfo() Discovered during the convertion to auth_user_info. Andrew Bartlett
* s4-auth Rework auth subsystem to remove struct auth_serversupplied_infoAndrew Bartlett2011-02-0922-666/+705
| | | | | | | | | | | | | This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett
* s4-auth Add auth.idl to encode auth subsystem structures in IDLAndrew Bartlett2011-02-091-0/+1
| | | | | | | This is not only a useful way to encode stuff, it also allows python to handle the structures, and natrually allows them to be NDR encoded. Andrew Bartlett
* pam: share pam errors in a common location.Günther Deschner2011-02-084-166/+1
| | | | Guenther
* s4-python Ensure we add the Samba python path first.Andrew Bartlett2011-02-021-1/+1
| | | | | | | This exact form of the construction is important, and we match on it in the installation scripts. Andrew Bartlett
* s4:auth/pyauth.c - temporarily add compatibility code for Python 2.4Matthias Dieter Wallnöfer2011-01-301-0/+11
| | | | | | | This patch has been commited by request of Jelmer. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Jan 30 19:07:57 CET 2011 on sn-devel-104
* s4-auth Remove special case for account_sid from auth_serversupplied_infoAndrew Bartlett2011-01-208-222/+206
| | | | | | | | | | | | This makes everything reference a server_info->sids list, which is now a struct dom_sid *, not a struct dom_sid **. This is in keeping with the other sid lists in the security_token etc. In the process, I also tidy up the talloc tree (move more structures under their logical parents) and check for some possible overflows in situations with a pathological number of sids. Andrew Bartlett
* s4-gensec Add prototype for gensec_ntlmssp_init()Andrew Bartlett2011-01-201-0/+2
| | | | Andrew Bartlett
* libcli/auth move ntlmssp_wrap() and ntlmssp_unwrap() into common code.Andrew Bartlett2011-01-201-123/+12
| | | | | | | The idea here is to allow the source3/libads/sasl.c code to call this instead of the lower level ntlmssp_* functions. Andrew Bartlett
* s4-pyauth Fix AuthContext wrapperAndrew Bartlett2011-01-191-2/+13
|
* s4-auth Allow NULL methods to be specified to auth_context_create_methods()Andrew Bartlett2011-01-191-14/+3
| | | | | | | This allows us to init an auth context that isn't going to do any NTLM authentication, but is used by other subsystems. Andrew Bartlett
* s4-gensec Remove special case 'for SASL' that is not required any more.Andrew Bartlett2011-01-191-13/+0
| | | | | | | | I've examined the code paths involved, and it appears an alternative fix has been made in the ldap_server/ldap_bind.c code, and there is no code path that uses this behaviour. Andrew Bartlett
* pygensec: remove special case handling for None for buffersAndrew Tridgell2011-01-191-35/+28
| | | | | | always returning a buffer makes life easier for callers Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-gensec Extend python bindings for GENSEC and the associated testAndrew Bartlett2011-01-181-21/+223
| | | | | | | | | | This now tests a real GENSEC exchange, including wrap and unwrap, using GSSAPI. Therefore, it now needs to access a KDC. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jan 18 11:41:26 CET 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-27 17:54:04 +0000