summaryrefslogtreecommitdiff
path: root/nsswitch/libwbclient/wbc_pam.c
AgeCommit message (Collapse)AuthorFilesLines
2012-09-20winbind: Extend wbcAuthenticateUserEx to provide PACChristof Schmitt1-1/+15
With this new interface, external applications that have authenticated to an ADS can pass the PAC from the Kerberos ticket to wbcAuthenticateUserEx. winbindd decodes and extracts the info3 information for the external application. If winbindd can verify the PAC signature, the info3 from the PACis also added to the netsamlogon_cache. The info3 data can be used by the external application to get the uid and primary gid. The data in netsamlogon_cache allows to retrieve the complete group list through the NSS function getgrouplist. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-08-15libwbclient: Add wbcPingDc2Christof Schmitt1-0/+21
Add wbcPingDc2 that optionally returns the DC that was attempted to ping. wbcPing is implemented as a wrapper around wbcPingDc2. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-10-27nsswitch: Disable uid_wrapper in libwbclient.Andreas Schneider1-0/+1
This way we don't have to link against it in the autoconf build.
2011-03-16s3: Fix Coverity ID 2148, FORWARD_NULLVolker Lendecke1-3/+2
Further down we unconditionally reference *info
2010-11-27libwbclient: Correctly order the wbcAllocateMemory argsVolker Lendecke1-5/+5
In these cases, it does not make a functional difference. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Nov 27 19:56:02 CET 2010 on sn-devel-104
2010-09-10s3: auth.krb5ccname and auth.unix_username are both fstringsVolker Lendecke1-4/+2
There's no point in checking for != NULL
2010-04-23libwbclient: Actually copy something in wbcChangeUserPasswordExVolker Lendecke1-8/+8
The length argument for memcpy was initialized to 0 and not initialized
2010-04-23libwbclient: Remove some pointless BAIL_ON_WBC_ERROR macro callsVolker Lendecke1-12/+12
2010-04-19libwbclient: Make wbc_create_error_info not use tallocVolker Lendecke1-4/+13
2010-04-19libwbclient: Make wbcCredentialCache not use tallocVolker Lendecke1-10/+14
2010-04-19libwbclient: Make wbcAuthenticateUserEx not use tallocVolker Lendecke1-2/+3
2010-04-19libwbclient: Make wbc_create_logon_info not use tallocVolker Lendecke1-6/+11
2010-04-19libwbclient: Make wbc_create_auth_info not use tallocVolker Lendecke1-17/+33
2010-04-19libwbclient: Make wbc_create_password_policy_info not use tallocVolker Lendecke1-2/+3
2010-04-19libwbclient: Make _SID_COMPOSE a function instead of a macroVolker Lendecke1-19/+28
2010-04-13libwbclient: Re-Fix a bug that was fixed with e5741e27c4cVolker Lendecke1-9/+9
> r21878: Fix a bug with smbd serving a windows terminal server: If winbind > decides smbd to be idle it might happen that smbd needs to do a winbind > operation (for example sid2name) as non-root. This then fails to get the > privileged pipe. When later on on the same connection another authentication > request comes in, we try to do the CRAP auth via the non-privileged pipe. > > This adds a winbindd_priv_request_response() request that kills the existing > winbind pipe connection if it's not privileged. The fix for this was lost during the conversion to libwbclient. Thanks to Ira Cooper <samba@ira.wakeful.net> for pointing this out! Volker
2010-04-13libwbclient: Remove a pointless variableVolker Lendecke1-3/+1
2010-04-04libwbclient: Streamline result processing of wbcCredentialCache()Volker Lendecke1-4/+2
2010-04-04libwbclient: Fix a memleak in wbcCredentialCacheVolker Lendecke1-0/+1
2010-02-13libwbclient: Separate out the async functionsKai Blin1-269/+0
2010-02-11libwbclient: Implement wbcAuthenticateUserEx_send/recvKai Blin1-0/+270
2010-02-07libwbclient: wbc_create_logon_info is always called with mem_ctx==NULLVolker Lendecke1-5/+3
2010-02-07libwbclient: wbc_create_password_policy_info is always called with mem_ctx==NULLVolker Lendecke1-7/+4
2010-02-07libwbclient: wbc_create_error_info is always called with mem_ctx==NULLVolker Lendecke1-18/+10
2010-01-24libwbclient: Actually implement wbcCredentialCache()Volker Lendecke1-1/+127
2010-01-24s3: Add wbinfo --ccache-saveVolker Lendecke1-0/+18
With this command you can give winbind your password for later use by the automatic ntlm_auth
2010-01-24libwbclient: Use winbindd_free_response()Volker Lendecke1-4/+3
2009-12-21s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dcVolker Lendecke1-0/+45
This just does a NULL RPC call through an existing NETLOGON connection. If someone knows an operation that "just works" and does not return NOT_SUPPORTED, please tell me :-)
2009-10-13libwbclient: add wbcChangeTrustCredentials.Günther Deschner1-0/+38
Guenther
2009-10-07libwbclient: implement secure channel verification for specific domains in ↵Günther Deschner1-9/+5
wbcCheckTrustCredentials(). Guenther
2009-09-01wbclient: Fix Bug #6680: always activate handling of large (> 256 byte) ntlmv2Günther Deschner1-4/+15
blobs in wbcAuthenticateUserEx(). Guenther
2009-06-18libwbclient: fix returned LogonInfo in wbc_LogonUser().Günther Deschner1-2/+4
That function could return emtpy blobs for username and ccache for e.g. cached logins. Guenther
2009-06-04libwbclient: Attempt to fix build on AIXKai Blin1-0/+1
2009-05-30libwbclient: Silence a compiler warningKai Blin1-1/+1
2009-04-23Fix Coverity ID 626: DEADCODEVolker Lendecke1-5/+0
2008-12-16nsswitch: Move source3 files to top level dir.Kai Blin1-0/+1034
Don't move source4 files yet to not confuse git's rename tracking too much.
generated by cgit (git 2.34.1) at 2024-06-10 01:52:50 +0000