Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-02-10 | s3-auth Remove unused pam_handle | Andrew Bartlett | 1 | -1/+0 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2011-02-10 | s3-auth Rename cryptic 'ptok' to security_token | Andrew Bartlett | 1 | -18/+18 | |
This will allow the auth_serversupplied_info struct to be migrated to auth_session_info easier. Adnrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-11-10 | Remove fstring from map_username. Create a more sane interface than the ↵ | Jeremy Allison | 1 | -28/+59 | |
called-parameter-is-modified. Jeremy. | |||||
2010-10-20 | Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵ | Jeremy Allison | 1 | -2/+2 | |
lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104 | |||||
2010-10-14 | s3-auth Use security_token_debug() from common code | Andrew Bartlett | 1 | -1/+1 | |
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-10-12 | libcli/security Provide a common, top level libcli/security/security.h | Andrew Bartlett | 1 | -1/+1 | |
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104 | |||||
2010-09-28 | s3-auth_util: make sure the system server info actually contains S-1-5-18. | Günther Deschner | 1 | -0/+9 | |
Without this, all security descriptor checks for the winreg spoolss backend fail and make our spoolss system in its current shape basically unusable. Andreas, please check. Guenther | |||||
2010-09-26 | s3: Fix a memleak in make_new_server_info_system() | Volker Lendecke | 1 | -0/+1 | |
2010-09-26 | s3: Remove talloc_autofree_context() from init_system_info() | Volker Lendecke | 1 | -1/+2 | |
2010-09-20 | s3-util: use shared dom_sid_dup. | Günther Deschner | 1 | -1/+2 | |
Guenther | |||||
2010-09-11 | s3:auth Remove NT_USER_TOKEN | Andrew Bartlett | 1 | -2/+2 | |
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-09 | s3-auth: Added get_server_info_system function. | Andreas Schneider | 1 | -0/+5 | |
2010-09-01 | s3-auth: fix uninitialized error code in get_guest_info3(). | Günther Deschner | 1 | -2/+1 | |
Guenther | |||||
2010-08-31 | s3-auth Rename NT_USER_TOKEN user_sids -> sids | Andrew Bartlett | 1 | -5/+5 | |
This is closer to the struct security_token from security.idl | |||||
2010-08-30 | s3-auth: Use SamInfo3_for_guest to create guest server_info. | Andreas Schneider | 1 | -19/+70 | |
Signed-off-by: Simo Sorce <idra@samba.org> | |||||
2010-08-20 | Fix const warning. | Jeremy Allison | 1 | -1/+1 | |
2010-08-14 | s3:auth Make Samba3 use the new common struct auth_usersupplied_info | Andrew Bartlett | 1 | -38/+41 | |
This common structure will make it much easier to produce an auth module for s3compat that calls Samba4's auth subsystem. In order the make the link work properly (and not map twice), we mark both that we did try and map the user, as well as if we changed the user during the mapping. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-07-11 | s3: [ug]id_to_unix_... can not fail | Volker Lendecke | 1 | -9/+3 | |
Remove some silly failure checks | |||||
2010-07-08 | s3: Slightly simplify make_server_info_pw | Volker Lendecke | 1 | -3/+1 | |
2010-06-25 | s3: In make_server_info_info3, check the result of copy_netr_SamInfo3 | Volker Lendecke | 1 | -0/+4 | |
2010-06-16 | s3-auth: in make_user_info_for_reply_enc make sure to check length and data | Günther Deschner | 1 | -2/+2 | |
pointer of nt and lm hash. This fixes kernel cifs client with sec=ntlmv2. Guenther | |||||
2010-06-07 | s3:auth make sure the primary group sid is usable | Simo Sorce | 1 | -13/+30 | |
This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth return the full passwd struct from check_account | Simo Sorce | 1 | -12/+6 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth remove unused structure member | Simo Sorce | 1 | -75/+1 | |
sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth create nt token from info3 directly | Simo Sorce | 1 | -12/+5 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth handle unix domain sids in samu | Simo Sorce | 1 | -2/+3 | |
When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth set the resolved user sid in the fake sam account | Simo Sorce | 1 | -0/+3 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth check the user is valid first | Simo Sorce | 1 | -43/+39 | |
It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-07 | s3:auth make sure we set the right username | Simo Sorce | 1 | -0/+5 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-01 | s3:auth Rename wksta_name -> workstation_name in auth_usersupplied_info | Andrew Bartlett | 1 | -8/+8 | |
2010-05-31 | s3:smbd map_username() doesn't need sconn anymore | Simo Sorce | 1 | -4/+2 | |
Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
2010-05-31 | s3-auth: add "system" bool flag to auth_serversupplied_info. | Günther Deschner | 1 | -1/+10 | |
Guenther | |||||
2010-05-29 | s3:auth Fix segfault when the user cannot be found by getpwnam() | Andrew Bartlett | 1 | -3/+10 | |
Add comment to notify when getpwnam() fails. Reviewed-by: Simo Sorce <idra@samba.org> | |||||
2010-05-28 | s3-auth: Added a function to get the server_info from the system user. | Andreas Schneider | 1 | -0/+39 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-27 | s3:auth remove login_server from server info | Simo Sorce | 1 | -3/+0 | |
It is not used anymore, we have that information in info3->base.logon_server already | |||||
2010-05-28 | s3:auth Free sampass as soon as we have server_info | Simo Sorce | 1 | -1/+4 | |
We don't keep sampass in server_info anymore So it makes no sense to keep it around. Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-28 | s3:auth use info3 in auth_serversupplied_info | Simo Sorce | 1 | -366/+41 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-21 | s3:dom_sid Global replace of DOM_SID with struct dom_sid | Andrew Bartlett | 1 | -10/+10 | |
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3-crypto: only include crypto headers when crypto is done. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-05-18 | s3-rpc_misc: clean out include/rpc_misc.h. | Günther Deschner | 1 | -1/+1 | |
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther | |||||
2010-04-11 | s3: Move [make|free]_user_info to auth/user_info.c | Volker Lendecke | 1 | -108/+0 | |
2010-04-11 | s3: Move make_server_info_sam to auth/server_info_sam.c | Volker Lendecke | 1 | -121/+0 | |
2010-04-11 | s3: Move sanitize_username to lib/util_str.c | Volker Lendecke | 1 | -8/+0 | |
2010-04-11 | s3: Move make_server_info to auth/server_info.c | Volker Lendecke | 1 | -32/+0 | |
2010-04-11 | s3: Move user_in_group() and create_token_from_username() to token_utils.c | Volker Lendecke | 1 | -315/+0 | |
Goal is to be able to call check_sam_security from winbind | |||||
2010-04-11 | s3: Use talloc_stackframe() in user_in_group | Volker Lendecke | 1 | -7/+1 | |
2010-04-11 | s3: Use talloc_stackframe() in user_in_group_sid | Volker Lendecke | 1 | -8/+1 | |
2010-04-11 | s3: Use talloc_stackframe() in create_token_from_username | Volker Lendecke | 1 | -7/+1 | |
2010-04-11 | s3: Fix a memleak in user_in_group_sid | Volker Lendecke | 1 | -0/+1 | |
2010-04-11 | s3: Remove the make_auth_methods routine | Volker Lendecke | 1 | -26/+0 | |
This was just TALLOC_ZERO_P |