summaryrefslogtreecommitdiff
path: root/source3/auth/auth_sam.c
AgeCommit message (Collapse)AuthorFilesLines
2009-04-19s3:auth Fix segfault: Always initialise returned session keysAndrew Bartlett1-1/+3
2009-04-14Make Samba3 use the new common libcli/auth codeAndrew Bartlett1-8/+42
This is particuarly in the netlogon client (but not server at this stage)
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-0/+1
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-02-10Fix some nonempty blank linesVolker Lendecke1-9/+9
2008-10-11Cope with changed signature of http_timestring().Jelmer Vernooij1-1/+1
2008-06-24Fix bug #5555. Don't return NT_STATUS_PASSWORD_MUST_CHANGE error on machine ↵Jeremy Allison1-2/+3
account logon. Jeremy. (This used to be commit 10da498a2349bf5944183adf5a9284eafa2b8b74)
2008-05-07Rename server_info->was_mapped to server_info->nss_tokenVolker Lendecke1-1/+1
"nss_token" from my point of view much better reflects what this flag actually represents (This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
2008-03-20Fix crash bug in check_sam_security() when make_server_info_sam() did aGünther Deschner1-1/+0
talloc_steal and talloc_free on the sam account already. Guenther (This used to be commit dbc7237a8a566f3e86bd6e4b48593b93c5bfb94e)
2008-02-05Fix typo.Karolin Seeger1-1/+1
Karolin (This used to be commit 906e19bad40ba0c0a473ec2601e9eb0fff169f83)
2007-12-07Remove next_token - all uses must now be next_token_talloc.Jeremy Allison1-7/+8
No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-5/+5
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25401: BUG 4982: Don't delete lanman hashes on invalid logins whenGerald Carter1-4/+6
using the "lanman auth = no". Tested by Guenter Kukkukk. (This used to be commit 611fdd95a583ebd22ffa17e2f39c5a1bb0936c63)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23358: Fix from Justin Maggard <jmaggard@infrant.com> - ensure we don'tJeremy Allison1-1/+1
expire a password if it's explicitly set as ACB_PWNOTREQ. Jeremy. (This used to be commit 2ea5a6bd334e31201aa6f93f5c51e42924d36ebd)
2007-10-10r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke1-2/+2
replace all data_blob(NULL, 0) calls. (This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
2007-10-10r22022: - Clarify the commentsAndrew Bartlett1-2/+2
- make sure never to free an uninitialised variable - ensure to free result on getpwnam_alloc failure Andrew Bartlett (This used to be commit 5fe3328e66661371182cc1c3b6e239797c3b4f93)
2007-10-10r22020: Make it more clear that both the vuser struct and it's contents areAndrew Bartlett1-1/+1
talloc_free()'ed at the end of a session. Rework the passwd cache code to use talloc_unlink and talloc_reference, to more carefully manage the cache. Andrew Bartlett (This used to be commit e3e0ec25e67308de314aa61852905ee42aa2c8fe)
2007-10-10r19058: Implement "user cannot change password", and complete "user must changeJim McDonough1-1/+1
password at next logon" code. The "password last set time" of zero now means "user must change password", because that's how windows seems to use it. The "can change" and "must change" times are now calculated based on the "last set" time and policies. We use the "can change" field now to indicate that a user cannot change a password by putting MAX_TIME_T in it (so long as "last set" time isn't zero). Based on this, we set the password-can-change bit in the faked secdesc. (This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
2007-10-10r16230: Fix Klocwork #861 and others. localtime and asctimeJeremy Allison1-3/+18
can return NULL. Ensure we check all returns correctly. Jeremy. (This used to be commit 6c61dc8ed6d84f310ef391fb7700e93ef42c4afc)
2007-10-10r16204: Fix Klocwork # 14Volker Lendecke1-3/+5
localtime() can return NULL. Volker (This used to be commit 07c5dcb8633e6fadb596dc5a22d8d31b2e16a3ef)
2007-10-10r15476: Transfer the was_mapped flag from user_info to server_info also in ↵Volker Lendecke1-0/+2
auth_sam and auth_domain. Thanks for Simo to point this out. Volker (This used to be commit 293b89dfb109d6e220ced433f025cf987aa1f500)
2007-10-10r15088: Remove all time() and gettimeofday() calls out of the mainlineJeremy Allison1-3/+1
packet processing code. Only do these when needed (ie. in the idle timeout code). We drop an unneccessary global here too. Jeremy. (This used to be commit 8272a5ab0605fcf95527143c4f909aa1008e5b94)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner1-2/+2
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new()Gerald Carter1-2/+3
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)
2007-10-10r13576: This is the beginnings of moving the SAM_ACCOUNT data structureGerald Carter1-9/+9
to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10r13541: we have to wrap pen_enum_group_memberships() in become/unbecome_root()Gerald Carter1-1/+5
blocks. This fixes the problem I had with missing groups in the net_samlogon() reply from a Samba PDC. (This used to be commit 06b83fe35048c84dfd68be2ee656317c51e89bce)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-17/+26
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r11886: Fix 3187: logon hours restrictions were off corresponding to our ↵Jim McDonough1-2/+3
offset from GMT. Use gmtime() instead of localtime() in the calc, but still use localtime() in displaying it. (This used to be commit 9b34f2d0f4bfc623eaec9c1334e34fa3965ba25b)
2007-10-10r11573: Adding Andrew Bartlett's patch to make machine accountJeremy Allison1-6/+9
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes the auth module interface to 2 (from 1). The effect of this is that clients can access resources as a machine account if they set these flags. This is the same as Windows (think of a VPN where the vpn client authenticates itself to a VPN server using machine account credentials - the vpn server checks that the machine password was valid by performing a machine account check with the PDC in the same was as it would a user account check. I may add in a restriction (parameter) to allow this behaviour to be turned off (as it was previously). That may be on by default. Andrew Bartlett please review this change carefully. Jeremy. (This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
2007-10-10r9252: 2 type fixes from Luke Mewburn <lukem@NetBSD.org>. Bugid #2934.Jeremy Allison1-1/+3
Jeremy. (This used to be commit c63ad85b8c1aedd04a65e46c27a6e2661093847a)
2007-10-10r6225: get rid of warnings from my compiler about nested externsHerb Lewis1-1/+2
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
2007-10-10r5655: Added support for Novell NDS universal password. Code donated byJeremy Allison1-1/+7
Vince Brimhall <vbrimhall@novell.com> - slight tidyup by me to use Samba conventions. Vince - thanks a *lot* for this code - please test to make sure I haven't messed anything up. Jeremy. (This used to be commit 6f5ea963abe8e19d17a1803d4bedd9d87a317e58)
2007-10-10r5562: * bump version to 3.0.12pre2Gerald Carter1-1/+1
* change special character in gd's valid workstation check to a '+' to be more in line with the characters used by valid users (This used to be commit 8bff0486508b9952c192345302b9313ac0b2270e)
2007-10-10r5528: Expand the invalid-workstation-scheme. Workstation-Names with leadingGünther Deschner1-1/+13
'@'-sign are expanded on-the-fly as posix-groups of workstations. This allows optional, more flexible login-control in larger networks. Guenther (This used to be commit 8f143b6800e0b6964c8ba4ba9607dc74da12ae59)
2007-10-10r4972: Fix a warning and some debugging-outputs.Günther Deschner1-1/+1
Guenther (This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
2007-10-10r1780: Remove the UTC comment as it isn't.Jeremy Allison1-2/+2
Jeremy. (This used to be commit f454821ff5545a34704b149514da9064f73ca3ad)
2007-10-10r1778: Fix based on code from Richard Renard <rrenard@idealx.com> toJeremy Allison1-0/+42
enforce logon hours. ldap fixes to follow. Jeremy. (This used to be commit 9ce273ed662bd34987eaeedeeeb7cb1c99cd50a4)
2007-10-10r1414: Memory leak fixes found by valgrind whilst checking the password ↵Jeremy Allison1-0/+6
history code. Error code paths were not freeing up some memory. Jeremy. (This used to be commit 7c4666e56c2c281e023c6483459cb9e8d4787d36)
2007-10-10r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session ↵Andrew Bartlett1-1/+1
key could be anything, and may not be based on anything 'NT'. This is also what microsoft calls it. (This used to be commit 724e8d3f33719543146280062435c69a835c491e)
2004-04-03Fix most of bug #169.Andrew Bartlett1-1/+2
For a (very) long time, we have had a bug in Samba were an NTLMv2-only PDC would fail, because it converted the password into NTLM format for checking. This patch performs the direct comparison required for interactive logons to function in this situation. It also removes the 'auth flags', which simply where not ever used. Natrually, this plays with the size of structures, so rebuild, rebuild rebuild... Andrew Bartlett (This used to be commit 9598593bcf2d877b1d08cd6a7323ee0bc160d4ba)
2004-02-21Add calls to password lockout functions. Should now work against tdbsam only.Jim McDonough1-0/+38
(This used to be commit 3e8a9c3584ff2a3c2e120c97569676ac45ec8e59)
2003-12-30Move our basic password checking code from inside the authenticationAndrew Bartlett1-345/+1
subsystem into a seperate file - ntlm_check.c. This allows us to call these routines from ntlm_auth. The purpose of this exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to avoid talking to winbind. This should allow for easier debugging. ntlm_auth itself has been reorgainised, so as to share more code between the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode has been added, for use with a Cyrus-SASL module I am writing (based on vl's work) Andrew Bartlett (This used to be commit 48315e8fd227978e0161be293ad4411b45e3ea5b)
2003-12-30Refactor our authentication and authentication testing code.Andrew Bartlett1-148/+219
The next move will be to remove our password checking code from the SAM authentication backend, and into a file where other parts of samba can use it. The ntlm_auth changes provide for better use of common code. Andrew Bartlett (This used to be commit 2375abfa0077a884248c84614d5109f57dfdf5b1)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett1-19/+45
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-10-24Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth.Jeremy Allison1-0/+16
Jeremy. (This used to be commit 46e66ee950eee035ad008c189cd2378f734af605)
2003-09-08Tidy up some formatting. Get ready for allowing bad password lockout. (basedJeremy Allison1-49/+38
on a patch posted from Richard Renard <rrenard@idealx.com>. Jeremy. (This used to be commit abf54b58e95a949cb883d4485853dc560489c03f)
2003-07-25More printf portability fixes. Got caught out by some gcc'isms lastTim Potter1-6/+6
time. )-: (This used to be commit 59dae1da66a5eb7e128263bd578f167d8746e9f0)
2003-07-24More printf fixes - size_t is long on some architectures.Tim Potter1-4/+4
(This used to be commit ba4d334b822248d8ab929c9568533431603d967e)
2003-07-08Spelling.Tim Potter1-1/+1
(This used to be commit a9a3339b2d99dcb64b675b27255d4aa5959a1caf)