summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2001-11-05Renamed make_user_info_for_winbindd() to be more consistent with theTim Potter2-8/+8
names of the other functions in this file. (This used to be commit 4880f37e4ee08b6363314a3fb67051a6708988d0)
2001-11-05Fixed compiler warnings.Tim Potter1-3/+2
(This used to be commit 54e40b270208774ed71eff32f3c3b1d3b86b5aca)
2001-11-05Use cli_nt_login_network() instead of domain_client_validate() to performTim Potter4-43/+88
pam authentication. This allows us to link in less other crap. Authenticating with a challenge/response doesn't seem to work though - we always get back NT_STATUS_WRONG_PASSWORD. (This used to be commit d85aa1ce83327dda6aa3dcd9bbab9cf6979dda1e)
2001-11-05Removed duplicate debug.Tim Potter1-2/+0
(This used to be commit 5c3521c937f9ba3c4c586495f54dc69a664c392a)
2001-11-05Don't put a \n on the end of the arg to exit_server()Tim Potter10-26/+26
(This used to be commit dfb8566220c3e90ca2b757ea124f53aed103269e)
2001-11-04Added missing strchr_wa.Jeremy Allison1-0/+5
Jeremy. (This used to be commit 16c5d279b97250ceb84ee6de6e5e801350c816c4)
2001-11-04Fix for broken-as-shipped RedHat 7.2 system headers. Now we haveJeremy Allison1-0/+12
to detect this in configure. Jeremy. (This used to be commit 44fb1992c98e7cca5663b17ea9a4833fcf0a8478)
2001-11-04a big one:Simo Sorce7-1113/+579
- old mangle code has gone, the new one based on tdb seem resonably ok probably the valid.dat table need to be updated to treat wild chars as invalid ones (work ok without it) - a LOT of new string manipulation function for unicode, they are somewhat tested but a review would not be bad - some new function I will need for the new unix_convert function I'm writing, this will be renamed filename_convert and use only unicode strings. - charconv, I attached a comment, if someone wnat to look if I'm right or just was hacking to late in the night to make a sane one :) of course any bug is my responsibility an will be pleased to see patches if you find any. :-) Simo. (This used to be commit ee19f7efb6ea9216fc91cf112ac1afa691983e9d)
2001-11-04get the string lengths right in domain logonsAndrew Tridgell1-2/+2
Andrew, this fixes domain logons in head. Please look at the change, as I think you may have misunderstood the max_str_len field (which is badly named) (This used to be commit fd3a657b440a61c0c146947bb62d2b83c1689b87)
2001-11-04remove {} from default valid char listAndrew Tridgell1-1/+1
(This used to be commit 5dd3c7b3fb8aac7fb3a256ae40c882fb8983537f)
2001-11-04Fix segfault. sup_tok might not always be with us.Andrew Bartlett1-3/+5
(This used to be commit 1f409a1f3fb0906f1ff985b96bb7a65f56253046)
2001-11-04Fix up authenticated pipes in line with vuser changes. This ensures that globalAndrew Bartlett1-1/+4
groups obtained via a domain logon are respected in the attached NT_USER_TOKEN. This functionality is only available in HEAD, becosue of the way authenticaion has been abstracted. Both vuid logins and authenticated pipes need to use the same code for this in future. Can sombody with the correct facilties check this please?\ Thanks, Andrew Bartlett (This used to be commit caae69fcd096f20aa4c6879b95ec2c275afea041)
2001-11-04Fixup for accounts without a local /etc/passwd entry.Andrew Bartlett1-9/+5
- Now perfectly valid. (This used to be commit be04aad90da341fb1b4ef472f2279aefab972258)
2001-11-04Fix up pdbedit so that it at least compiles without warnings.Andrew Bartlett1-92/+61
- Basic functionality intact - Now adds machine accounts without a uid. (using the machine uid range to avoid conflict with real uid based accounts) (This used to be commit 09d2e05d26f71b10ccabe4c6fa168a4923697bae)
2001-11-04Got serious about const again.Jeremy Allison5-116/+118
REMOVED BZERO CALLS YET AGAIN !!! Why do these keep creeping back in.... They are *NOT* POSIX. I'm also thinking of removing strncpy as I'm sure it's not being used correctly.... Jeremy. (This used to be commit b1930abb35dee74f858a3f7190276c418af2322b)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison22-148/+297
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-11-03Added many more defines in service category, user category and othersSteve French1-0/+26
(This used to be commit 3bfb828cf70489165b46281bf03ea7074d3ba07d)
2001-11-03Added support for UserListGroups, ServiceEnumSteve French1-0/+125
(This used to be commit 4e882289b0e291bb57d48fc2b2120919632daa5f)
2001-11-03Adding support for net password, net service, net user info, fixing net helpsSteve French1-59/+258
(This used to be commit a1f3930637a6ccadd4dba90dcd713cf1e4b5a536)
2001-11-03anonymous logins are guest logins, so mark them as such. (Otherwise they canAndrew Bartlett1-1/+1
browse non-guest shares). (This used to be commit 7131fe3be4eb2c652f3afe2f3cd99d3f82e09654)
2001-11-03Minor cleanups/fixes in the NTLMv2 codeAndrew Bartlett2-12/+4
(This used to be commit 253790f6d71653b572c0174113b8559820de6bdd)
2001-11-03Move the test for non-SPNEGO session setups when using SPNEGO, becouse its aAndrew Bartlett1-5/+5
perfectly vailid behaviour for guest logins. (This used to be commit 4db8d70ad74cdbd74c0578e66377fd0233195aaa)
2001-11-02Return 1 (rather than 0) on failure. This may well help get the build farmAndrew Bartlett1-1/+1
back into order, becouse its the inverse tests that are 'failing' - they get error 0 back and think that we just let sombody in without a password and the like. Andrew Bartlett (This used to be commit 83c2d7977445b511989b449959141aeed4bcf0b7)
2001-11-01Various post AuthRewrite cleanups, fixups and tidyups.Andrew Bartlett11-69/+83
Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a)
2001-11-01zero the data, not a pointer to the data ...Andrew Tridgell1-1/+1
(This used to be commit eeaa80aa09736dc1c5f5f72a1437eb9d9c0d4ae7)
2001-10-31Removed unneeded extern.Tim Potter1-2/+0
(This used to be commit c80641b6f335aa706a2e384b7cfe7912be4a41b1)
2001-10-31This should fix up the compile with krb5.Andrew Bartlett1-7/+9
This needs to use the auth interface at some stage, but for now this will do. (This used to be commit 8dc4f2e44b150cdcdecd2f6028bf06907ff90cad)
2001-10-31When you make a data_blob() then you probably need to free it too...Andrew Bartlett1-0/+4
(This used to be commit 531e24973227ca4f1ae65ffb2454aedd5871de96)
2001-10-31Fix up domain logons. Tested with NT4.Andrew Bartlett3-7/+6
(This used to be commit c8b2718adfe114b74a155116c5e74f014d6df887)
2001-10-31... and clean up the unused variables.Andrew Bartlett1-3/+0
(This used to be commit e0b56a31480906b39f37761eed20d3cad0d53973)
2001-10-31Small changes for guest authenticated pipes.Andrew Bartlett1-8/+7
(This used to be commit 813bf962ae6f29ddcaee4bc8b67d8017f04172b1)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett32-1139/+2216
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-31More const.Andrew Bartlett1-2/+2
(This used to be commit ceba373aa30e09be948bd0980040cba204d12084)
2001-10-31SPNEGO works perfectly well with security=domain, so don't exclude it.Andrew Bartlett1-3/+7
(This used to be commit 26a9479ad450a5135e54b45d659bf3558892d9e6)
2001-10-31Small 'const' updates ahead of some AuthRewrite merging.Andrew Bartlett4-18/+18
(This used to be commit 3b5e72bda3263c6bdf81dfface4fae4f06b71032)
2001-10-31Added some extra fields to the auth_serversupplied_info structure.Tim Potter8-8/+70
To obtain the full group membership of a user (i.e nested groups on a win2k native mode server) it is necessary to merge this list of groups with the groups returned by winbindd when creating an nt access token. This breaks winbindd linking while AB and I sync up our changes to the authentication subsystem. (This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
2001-10-31This one's a doozy. A cut&paste bug incorrectly sets the max string lengthTim Potter1-1/+1
of the lm challenge/response header in the NET_ID_INFO_2 structure included in a network logon request. It seems Windows 2000 is the only OS that cares about this. (This used to be commit 0f6207f45567a8af0a125a838a5ed68ea6c22283)
2001-10-31Don't accidentally return success when sending a broken NET_SAMLOGONTim Potter1-0/+1
request. This exposes a domain authentication bug with win2k where a rpc fault is returned but not propagated up as an error. (This used to be commit 27cd7ac85779bbc1e9488ee06e87b0c743c5b29c)
2001-10-31Some tweaking to make the samlogon function look more like NT on the wire.Tim Potter1-7/+7
(This used to be commit b30232e2b7ddb5eab419d4e6237176f695a534ad)
2001-10-31Parionia to ensure people don't install libsmb based programs setuid root.Andrew Bartlett3-1/+15
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing all sort of fun and games. Andrew Bartlett (This used to be commit 0c8e9339d8238de92e9146d04091694b62874c33)
2001-10-30Spnego on the 'server' end of security=server just does not work, so set theAndrew Bartlett4-2/+17
flags so we just do a 'normal' session setup. Also add some parinoia code to detect when sombody attempts to do a 'normal' session setup when spnego had been negoitiated. Andrew Bartlett (This used to be commit 190898586fa218c952fbd5bea56155d04e6f248b)
2001-10-30Fix debug in domain_client_validate() when password server = *.Tim Potter1-1/+1
(This used to be commit c78fec86c97075bb5726fcb7ed197bc75dd88ac0)
2001-10-30Allow the logon level to be passed to cli_netlogon_sam_logon() rather thanTim Potter1-4/+4
the validation level. (This used to be commit c79e94ea27aab31423b1bdc34e9cff25688dbe5f)
2001-10-30Allow the logon level to be passed to cli_netlogon_sam_logon() rather thanTim Potter1-13/+41
the validation level. This allows us to test interactive or network logons. Interestingly enough a win2k native mode server generates a rpc fault when presented with a network logon! (This used to be commit 0758c0ea845dd0b552e4dab3ce05f0811fa9658e)
2001-10-30Removed confusing comment.Tim Potter1-1/+1
(This used to be commit b496936634a4b676aa2df973e64c91aa0da5d7d5)
2001-10-30Fix up smbpasswd -e/-d so that it doesn't change the password under you anyAndrew Bartlett5-34/+18
more. (Previously it set them to 'XXXX' or similar when only the flags were being changed - a bug I must have introduced when I reworked the passdb end of things a few weeks back.) Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is actually to be changed. Andrew Bartlett (This used to be commit cea6b6cb228c7e1f0c2d45951590e0d8fb8b315c)
2001-10-30Display some errors if the initial connection to the server could not beTim Potter1-0/+2
made. (This used to be commit c3f5df8d6743bb7b48118b378f23268008e74145)
2001-10-30Added samlogon command to test against win2k native mode server. I thinkTim Potter2-0/+130
there's a bug in the marshalling of net_sam_logon. (This used to be commit 7c5ac46b8ad0be681d102e7ef3478d64d7a2b8e6)
2001-10-30Fixed typo in debug message.Tim Potter1-1/+1
(This used to be commit 26fa0374bb5894ece460899ca37cf512c4424b2f)
2001-10-29Fix up auth_smbpasswd.c to use the password interface, rather than theAndrew Bartlett2-16/+16
structures directly. Andrew Bartlett (This used to be commit c2dc24ab6370236437b72b929e2a56e174163d78)