summaryrefslogtreecommitdiff
path: root/auth/credentials/credentials.c
AgeCommit message (Collapse)AuthorFilesLines
2013-10-16auth:credentials: avoid talloc_reference in cli_credentials_set_netlogon_creds()Stefan Metzmacher1-1/+5
Typically cli_credentials_set_netlogon_creds() should be used directly before the DCERPC bind. And cli_credentials_get_netlogon_creds() should be only used by the gensec layer, which only needs a copy. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Oct 16 23:56:01 CEST 2013 on sn-devel-104
2013-09-20auth: fix space/tab mixup in cli_credentials_get_password()Michael Adam1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-09-18Prepare for SASL/EXTERNAL supportHoward Chu1-0/+8
Signed-off-by: Howard Chu <hyc@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-09-16auth/credentials: Add cli_credentials_{set,get}_forced_sasl_mech()Andrew Bartlett1-0/+14
This will allow us to force the use of only DIGEST-MD5, for example, which is useful to avoid hitting GSSAPI, SPNEGO or NTLM when talking to OpenLDAP and Cyrus-SASL. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2013-08-12auth/credentials: make sure cli_credentials_get_nt_hash() always returns a ↵Stefan Metzmacher1-5/+14
talloc object Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: use CRED_CALLBACK_RESULT after a callbackStefan Metzmacher1-11/+23
We only do this if it's still CRED_CALLBACK after the callback, this allowes the callback to overwrite it. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Aug 5 09:36:05 CEST 2013 on sn-devel-104
2013-08-05auth/credentials: simplify password_tries stateStefan Metzmacher1-5/+14
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: keep cli_credentials privateStefan Metzmacher1-0/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: add cli_credentials_shallow_copy()Stefan Metzmacher1-0/+15
This is useful for testing. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: add cli_credentials_[set_]callback_data*Stefan Metzmacher1-0/+11
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: remove pointless talloc_reference() from ↵Stefan Metzmacher1-1/+1
cli_credentials_get_principal_and_obtained() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-05auth/credentials: remove pointless talloc_reference() from ↵Stefan Metzmacher1-1/+1
cli_credentials_get_unparsed_name() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-08-31auth/credentials: Do not print passwords in a talloc memory dumpAndrew Bartlett1-0/+8
The fact that a password was created here is enough information, so overwrite with the function name and line. Andrew Bartlett
2012-05-24auth/credentials: 'workgroup' set via command line will not drop existing ccacheAlexander Bokovoy1-1/+5
The root cause for existing ccache being invalidated was use of global loadparm with 'workgroup' value set as if from command line. However, we don't really need to take 'workgroup' parameter value's nature into account when invalidating existing ccache. When -U is used on the command line, one can specify a password to force ccache invalidation. The commit also reverts previous fix now that root cause is clear.
2011-10-18credentials: Prioritise command-line specified options above defaults from ↵Andrew Bartlett1-3/+15
smb.conf If a user specified -W or --realm on the command line, then this is of level SPECIFIED, not UNINITIALISED, despite it going via the loadparm system. This helps us to ensure that -W server -Ulocaluser is parsed the same as -Userver\localuser. This matters as otherwise we might instead attempt to use kerberos to the realm from the smb.conf. Andrew Bartlett
2011-10-11auth/credentials Declare remaining functions are public interfaces and put ↵Andrew Bartlett1-9/+8
into credentials.h This is in preperation for this file being used by s3, and recognises that these are all reasonable, public interfaces but were not declared as such in the past. Andrew Bartlett
2011-10-11auth: move credentials layer to the top levelAndrew Bartlett1-0/+1002
This will allow gensec_start.c to move to the top level. This does not change what code uses the cli_credentials code, but allows the gensec code to be more broadly. Andrew Bartlett