Age | Commit message (Collapse) | Author | Files | Lines |
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
using the "lanman auth = no". Tested by Guenter Kukkukk.
(This used to be commit 611fdd95a583ebd22ffa17e2f39c5a1bb0936c63)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
expire a password if it's explicitly set as ACB_PWNOTREQ.
Jeremy.
(This used to be commit 2ea5a6bd334e31201aa6f93f5c51e42924d36ebd)
|
|
replace all data_blob(NULL, 0) calls.
(This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
|
|
- make sure never to free an uninitialised variable
- ensure to free result on getpwnam_alloc failure
Andrew Bartlett
(This used to be commit 5fe3328e66661371182cc1c3b6e239797c3b4f93)
|
|
talloc_free()'ed at the end of a session.
Rework the passwd cache code to use talloc_unlink and
talloc_reference, to more carefully manage the cache.
Andrew Bartlett
(This used to be commit e3e0ec25e67308de314aa61852905ee42aa2c8fe)
|
|
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9b7f7cff1d34d048463c30cda44a2e3)
|
|
can return NULL. Ensure we check all returns correctly.
Jeremy.
(This used to be commit 6c61dc8ed6d84f310ef391fb7700e93ef42c4afc)
|
|
localtime() can return NULL.
Volker
(This used to be commit 07c5dcb8633e6fadb596dc5a22d8d31b2e16a3ef)
|
|
auth_sam
and auth_domain. Thanks for Simo to point this out.
Volker
(This used to be commit 293b89dfb109d6e220ced433f025cf987aa1f500)
|
|
packet processing code. Only do these when needed (ie. in the
idle timeout code). We drop an unneccessary global here too.
Jeremy.
(This used to be commit 8272a5ab0605fcf95527143c4f909aa1008e5b94)
|
|
* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
returning zero)
Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
|
|
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix()
(This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)
|
|
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
(This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
|
|
blocks. This fixes the problem I had with missing groups in the
net_samlogon() reply from a Samba PDC.
(This used to be commit 06b83fe35048c84dfd68be2ee656317c51e89bce)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
offset from
GMT. Use gmtime() instead of localtime() in the calc, but still use
localtime() in displaying it.
(This used to be commit 9b34f2d0f4bfc623eaec9c1334e34fa3965ba25b)
|
|
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT
or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes
the auth module interface to 2 (from 1). The effect of this is
that clients can access resources as a machine account if they
set these flags. This is the same as Windows (think of a VPN
where the vpn client authenticates itself to a VPN server
using machine account credentials - the vpn server checks
that the machine password was valid by performing a machine
account check with the PDC in the same was as it would a
user account check. I may add in a restriction (parameter)
to allow this behaviour to be turned off (as it was previously).
That may be on by default.
Andrew Bartlett please review this change carefully.
Jeremy.
(This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
|
|
Jeremy.
(This used to be commit c63ad85b8c1aedd04a65e46c27a6e2661093847a)
|
|
(This used to be commit efea76ac71412f8622cd233912309e91b9ea52da)
|
|
Vince Brimhall <vbrimhall@novell.com> - slight tidyup by me to
use Samba conventions.
Vince - thanks a *lot* for this code - please test to make sure
I haven't messed anything up.
Jeremy.
(This used to be commit 6f5ea963abe8e19d17a1803d4bedd9d87a317e58)
|
|
* change special character in gd's valid workstation
check to a '+' to be more in line with the characters
used by valid users
(This used to be commit 8bff0486508b9952c192345302b9313ac0b2270e)
|
|
'@'-sign are expanded on-the-fly as posix-groups of workstations. This
allows optional, more flexible login-control in larger networks.
Guenther
(This used to be commit 8f143b6800e0b6964c8ba4ba9607dc74da12ae59)
|
|
Guenther
(This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
|
|
Jeremy.
(This used to be commit f454821ff5545a34704b149514da9064f73ca3ad)
|
|
enforce logon hours. ldap fixes to follow.
Jeremy.
(This used to be commit 9ce273ed662bd34987eaeedeeeb7cb1c99cd50a4)
|
|
history code.
Error code paths were not freeing up some memory.
Jeremy.
(This used to be commit 7c4666e56c2c281e023c6483459cb9e8d4787d36)
|
|
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
(This used to be commit 724e8d3f33719543146280062435c69a835c491e)
|
|
For a (very) long time, we have had a bug in Samba were an NTLMv2-only
PDC would fail, because it converted the password into NTLM format for
checking.
This patch performs the direct comparison required for interactive
logons to function in this situation. It also removes the 'auth flags', which
simply where not ever used.
Natrually, this plays with the size of structures, so rebuild, rebuild
rebuild...
Andrew Bartlett
(This used to be commit 9598593bcf2d877b1d08cd6a7323ee0bc160d4ba)
|
|
(This used to be commit 3e8a9c3584ff2a3c2e120c97569676ac45ec8e59)
|
|
subsystem into a seperate file - ntlm_check.c.
This allows us to call these routines from ntlm_auth. The purpose of this
exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to
avoid talking to winbind. This should allow for easier debugging.
ntlm_auth itself has been reorgainised, so as to share more code between
the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode
has been added, for use with a Cyrus-SASL module I am writing (based on vl's
work)
Andrew Bartlett
(This used to be commit 48315e8fd227978e0161be293ad4411b45e3ea5b)
|
|
The next move will be to remove our password checking code from the SAM
authentication backend, and into a file where other parts of samba can use
it.
The ntlm_auth changes provide for better use of common code.
Andrew Bartlett
(This used to be commit 2375abfa0077a884248c84614d5109f57dfdf5b1)
|
|
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
|
|
Jeremy.
(This used to be commit 46e66ee950eee035ad008c189cd2378f734af605)
|
|
on a patch posted from Richard Renard <rrenard@idealx.com>.
Jeremy.
(This used to be commit abf54b58e95a949cb883d4485853dc560489c03f)
|
|
time. )-:
(This used to be commit 59dae1da66a5eb7e128263bd578f167d8746e9f0)
|
|
(This used to be commit ba4d334b822248d8ab929c9568533431603d967e)
|
|
(This used to be commit a9a3339b2d99dcb64b675b27255d4aa5959a1caf)
|
|
* rename original sam auth method to sam_ignoredomain
* remove samstrict_dc auth method (now covered by 'sam')
* fix wbinfo -a '...' and getent passwd bugs when running
winbindd on a samba PDC (reported by Volker)
(This used to be commit 52166faee793d337e045d64f7cb27ea7ac895f60)
|
|
(This used to be commit e1a8e9b7f3e69c7271d2b715703b2d5b2412bd42)
|
|
(This used to be commit eda897306896b729129582fdf4fdd26af555f014)
|
|
me to review it).
This patch works well for a DC running with trusted domains, becouse it lets
you check the local SAM first, but only for this domain's users.
Andrew Bartlett
(This used to be commit e0bd4d2844e6073a83b72925bca1aec007a8dd0b)
|
|
(This used to be commit 865c11275685c85124b506c9bbd2a8bde2e760b9)
|
|
password. On NT4, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT means
the password was correct. So the PDC believed that he had his trust
account correctly added. Later the auth2 naturally failed.
BTW, setting up an interdom trust account is not what I would call
well documented and easy to handle... Working on that now :-)
Volker
(This used to be commit e4e44cf3b18231ec5d7326fb42edec741caa147b)
|
|
structure-memcpy for DATA_BLOB parameters to using a pointer to that DATA_BLOB.
auth_sam calls some of these functions, so I've cleaned it all up to use this
format now.
Also clean up some debug statements to make them easier to read.
Andrew Bartlett
(This used to be commit 0c355c274a6ac084e4bf15a15613dfc007d6c5fc)
|
|
LMv2 response less than 24 bytes is just silly.
Andrew Bartlett
(This used to be commit b4ecdb2e582376d2713f81e8e32a668014905d70)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
|
|
(This used to be commit c7a1de090db35835be1a1623bfc80c04065c5dd9)
|