Age | Commit message (Collapse) | Author | Files | Lines |
|
Remove "mem_ctx" from "struct auth_context"
|
|
Jeremy.
|
|
|
|
|
|
str_list_make(). From Dan Sledz <dan.sledz@isilon.com>:
In samba 3.2 passing NULL or an empty string returned NULL.
In master, it now returns a list of length 1 with the first string set
to NULL (an empty list).
Jeremy.
|
|
|
|
Karolin
(This used to be commit 6cee34703503fbf3629057345fe221b866560648)
|
|
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
|
|
(This used to be commit 22e49ef2c0c9b641068ac5419b9c82fb97d3e8e6)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
replace all data_blob(NULL, 0) calls.
(This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
|
|
which matches what samba4 has.
also fix all the callers to prevent compiler warnings
metze
(This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
|
|
idle event.
Volker
(This used to be commit 6226b30f38cd82531422815ba66a687aab50028d)
|
|
and DLIST_DEMOTE() now take the type of the tmp pointer
not the tmp pointer itself anymore.
metze
(This used to be commit 2f58645b7094e81dff3734f11aa183ea2ab53d2d)
|
|
patch to SAMBA_3_0 to declare prototypes for the initialization functions. These are the same changes I just made to head. --paulg
(This used to be commit 17774387ad879b6a72dd1cf406326318add31b04)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
x86_64 box.
Jeremy.
(This used to be commit d720867a788c735e56d53d63265255830ec21208)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
bad uid'; make sure the authentication suceeds
(This used to be commit 5de1ffce2f2a0a340f6591939b8f63a3d96a627e)
|
|
aruna.prabakar@hp.com).
This re-enables the Samba 2.2 behavior where a user that was
successfully authenticated by a remote DC would be mapped
to the guest account if there was not existing UNIX account
for that user and we could not create one.
(This used to be commit b7455fbf81f4e47c087c861f70d492a328730a9b)
|
|
(This used to be commit c70c5c4ee9b14fbdb174f542607aceebe0e88470)
|
|
about unitialized variable
(This used to be commit 3a91b20e4bcc78c91932e6c4394b3f6f153b2ff5)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
(This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
|
|
free() each auth method. (We had relied on the use of talloc() only, despite providing the free() callback)
Andrew Bartlett
(This used to be commit 5872c0e26e3407c7c1dcf2074a36896a3ca1325a)
|
|
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
|
|
as that's what they do. Fix string_replace() to fast-path ascii.
Jeremy.
(This used to be commit f35e9a8b909d3c74be47083ccc4a4e91a14938db)
|
|
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
|
|
(This used to be commit 228fe54f0d65b895bef9e095ad996a48edf964df)
|
|
have the domain\ qualification).
Andrew Bartlett
(This used to be commit 7cfa1e7c4abee10fe8c75e36aee68ee9f557656e)
|
|
- The 'not implmented' checks are now done by all auth modules
- the ntdomain/trustdomain/winbind modules are more presise as to
what domain names they can and cannot handle
- The become_root() calls are now around the winbind pipe opening only,
not the entire auth call
- The unix username is kept seperate from the NT username, removing the
need for 'clean off the domain\' in parse_net.c
- All sid->uid translations are now validated with getpwuid() to put a very
basic stop to logins with 'half deleted' accounts.
Andrew Bartlett
(This used to be commit 85f88191b9927cc434645ef4c1eaf5ec0e8af2ec)
|
|
(This used to be commit fd24183ec30688f3699e466bd4d908b24918e328)
|
|
to handle domain trusts. Jeremy and I talked about this
and it's going in as working code. It keeps winbind clean
and solves the trust problem with minimal changes.
To summarize, there are 2 basic cases where the deadlock would
occur. (1) lookuping up secondary groups for a user, and
(2) get[gr|pw]nam() calls that fall through the NSS layer because
they don't exist anywhere.
o To handle case #1, we bypass winbindd in sys_getgrouplist() unless
the username includes the 'winbind separator'.
o Case #2 is handled by adding checks in winbindd to return failure
if we are a DC and the domain matches our own.
This code has been tested using basic share connections, domain
logons, and with pam_winbind (both with and without 'winbind
use default domain'). The 'trustdomain' auth module should work
as well if an admin wants to manually create UNIX users for
acounts in the trusted domains.
Other misc fixes:
* we need to fix check_ntlm_password() to be able to determine
if an auth module is authoritative over a user (NT_STATUS_WRONG_PASSWORD,
etc...). I worked around my specific situation, but this needs to be
fixed. the winbindd auth module was causing delays.
* fix named server mutex deadlock between trust domain auth module
and winbindd looking up a uid
* make sure SAM_ACCOUNT gets stored in the server_info struct for the
_net_sam_logon() reply.
Configuration details:
The recommended method for supporting trusts is to use winbind.
The gets us around some of the server mutex issues as well.
* set 'files winbind' for passwd: and group: in /etc/nsswitch.conf
* create domain trusts like normal
* join winbind on the pdc to the Samba domain using 'net rpc join'
* add normal parameters to smb.conf for winbind
* set 'auth method = guest sam winbind'
* start smbd, nmbd, & winbindd
Problems that remain:
* join a Windows 2k/XP box to a Samba domain.
* create a 2-way trust between the Samba domain
and an NT domain
* logon to the windows client as a user from theh trusted
domain
* try to browse server in the trusted domain (or other
workstations). an NT client seems to work ok, but 2k
and XP either prompt for passwords or fail with errors.
apparanently this never got tested since no one has ever been
able to logon as a trusted user to a Samba domain from a Windows
client.
(This used to be commit f804b590f9dbf1f0147c06a0a2f12e221ae6fc3b)
|
|
map to guest = bad user works again when "trustdomain" is listed
as last auth method.
Also clean up some more DC location calls.
(This used to be commit 77a5b1032f39b8d20925721b719fdcfff910cb06)
|
|
(This used to be commit d376b67de9ff7a43c9c03c8640d9fe1671d223cb)
|
|
I'm still not convinced that sharing the option name with the administrative
code is the best idea, but anyway...
Tested by vl, bug #41.
Andrew Bartlett
(This used to be commit 9d78f064c5e4e6b340f994204977aaac6513320b)
|
|
(This used to be commit 1480c7e8c7a84c34181118c449c50ca99fdcbc6b)
|
|
modules in auth/
(This used to be commit 4b6785a6c0fe0aebb1cc69bfc9937d19bc692642)
|
|
(This used to be commit dbe36b4c43dceddea9f14161c6cf7b34709287c8)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
|
|
- better error codes than NT_STATUS_UNSUCCESSFUL for domain logon errors
- make auth_winbind load the ntdomain module if winbind isn't there.
- use new trusted domains cache to determine if the domain is valid.
Andrew Bartlett
(This used to be commit ec8d6524c6b0c70927a2b57aab71d9e3a7f8a150)
|
|
(This used to be commit c7a1de090db35835be1a1623bfc80c04065c5dd9)
|
|
(This used to be commit 7a2566f2e922191e691b6dafb1a09e22913cccd6)
|
|
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor.
- also consequential changes to the NTLMSSP and SPNEGO parsing functions
- and the client code that uses the same functions
- Add ntlm_auth, a NTLMSSP authentication interface for use by applications
like Squid and Apache.
- also consquential changes to use common code for base64 encode/decode.
- Winbind changes to support ntlm_auth (I don't want this program to need
to read smb.conf, instead getting all it's details over the pipe).
- nmbd changes for fstrcat() instead of fstrcpy().
Andrew Bartlett
(This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
|
|
Jeremy.
(This used to be commit ec4ed45563f9d8e25fcfd88840944a90b3139c3e)
|