summaryrefslogtreecommitdiff
path: root/source3/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-06-16s3-auth: in make_user_info_for_reply_enc make sure to check length and dataGünther Deschner1-2/+2
pointer of nt and lm hash. This fixes kernel cifs client with sec=ntlmv2. Guenther
2010-06-16s3-auth: fix debug message in check_winbind_security().Günther Deschner1-1/+1
Guenther
2010-06-16Revert "s4-smbtorture: only pull info when status code indicates success in ↵Günther Deschner1-11/+3
smbcli_rap_netprintqgetinfo()." This reverts commit 1f1c04010a55e67d8dc2110276eed4cf2a8a0afa.
2010-06-16s4-smbtorture: only pull info when status code indicates success in ↵Günther Deschner1-3/+11
smbcli_rap_netprintqgetinfo(). Guenther
2010-06-11s3-auth: Fix valgrind warning (unitialized var) in samu_to_SamInfo3().Günther Deschner1-5/+7
Guenther s3:auth do not fail if there are 0 group sids Signed-off-by: Günther Deschner <gd@samba.org>
2010-06-11s3:auth fix samu->info3 conversionSimo Sorce1-0/+3
Some pdb_get_ functions where missing because of previous mis-patching
2010-06-10s3:misc make use of server_[event/messaging]_context directlyAndreas Schneider1-1/+1
Untangle these functions from smbd specific dependencies so they can be freely used in multiple servers.
2010-06-08Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"Volker Lendecke1-6/+4
This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80. Conflicts: source3/auth/auth_ntlmssp.c
2010-06-07s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSPAndrew Bartlett1-0/+10
This allows the right hooks to be called in GENSEC when s3compat implements the auth_ntlmssp interface. Otherwise, we can't do the signing or sealing as we have not negoitated it's use. Andrew Bartlett
2010-06-07s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett1-4/+6
It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett
2010-06-07s3:auth Rename user_info->domain -> user_info->mapped.domain_nameAndrew Bartlett9-37/+37
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->client_domain -> user_info->client.domain_nameAndrew Bartlett5-8/+8
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->internal_username -> user_info->mapped.account_nameAndrew Bartlett11-30/+30
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->smb_name -> user_info->client.account_nameAndrew Bartlett10-29/+29
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth make sure the primary group sid is usableSimo Sorce1-13/+30
This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth return the full passwd struct from check_accountSimo Sorce1-12/+6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth remove unused structure memberSimo Sorce2-106/+2
sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth create nt token from info3 directlySimo Sorce2-38/+162
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth handle unix domain sids in samuSimo Sorce3-38/+129
When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth set the resolved user sid in the fake sam accountSimo Sorce1-0/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth check the user is valid firstSimo Sorce1-43/+39
It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth make sure we set the right usernameSimo Sorce1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-04s3-auth: Moved smbd user functions to a generic place.Andreas Schneider1-0/+406
Reviewed-by: Simo Sorce <idra@samba.org>
2010-06-01s3:auth Rename wksta_name -> workstation_name in auth_usersupplied_infoAndrew Bartlett8-29/+29
2010-05-31s3:smbd map_username() doesn't need sconn anymoreSimo Sorce1-4/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-05-31s3-auth: add "system" bool flag to auth_serversupplied_info.Günther Deschner1-1/+10
Guenther
2010-05-31s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()Andrew Bartlett1-2/+4
This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Remove AUTH_NTLMSSP_STATE typedef.Andrew Bartlett1-12/+12
typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Make AUTH_NTLMSSP_STATE a private structure.Andrew Bartlett1-0/+87
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-29s3:auth make it easier to trace auth modulesSimo Sorce8-0/+21
2010-05-29s3:auth fix info3 duplication functionSimo Sorce1-3/+8
2010-05-29s3:auth Fix segfault when the user cannot be found by getpwnam()Andrew Bartlett1-3/+10
Add comment to notify when getpwnam() fails. Reviewed-by: Simo Sorce <idra@samba.org>
2010-05-28s3-auth: Added a function to get the server_info from the system user.Andreas Schneider1-0/+39
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3-auth: fix c++ buildwarnings.Günther Deschner1-2/+2
Guenther
2010-05-27s3:auth remove login_server from server infoSimo Sorce1-3/+0
It is not used anymore, we have that information in info3->base.logon_server already
2010-05-27Fix Out of memory checksSimo Sorce1-37/+59
Günther pushed an older version of the patch "s3:auth add function to copy a netr_SamInfo3 structure" that was missing these fixes.
2010-05-28s3:auth add function to convert wbcAuthUserInfo to netr_SamInfo3Simo Sorce1-0/+135
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth Free sampass as soon as we have server_infoSimo Sorce3-8/+6
We don't keep sampass in server_info anymore So it makes no sense to keep it around. Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth use info3 in auth_serversupplied_infoSimo Sorce3-570/+123
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth add function to copy a netr_SamInfo3 structureSimo Sorce1-0/+61
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth: add function to convert samu to netr_SamInfo3Simo Sorce1-0/+166
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21Fix bug #7448 - smbd crash when sambaLMPassword and sambaNTPassword entries ↵Roel van Meer1-0/+3
missing from ldap. Protect SMBsesskeygen_ntv1() from a NULL pointer.
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett3-39/+39
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-rpc_client: move protos to cli_netlogon.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-crypto: only include crypto headers when crypto is done.Günther Deschner2-0/+2
Guenther
2010-05-18security: merge builtin rid tables.Günther Deschner1-2/+2
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner2-5/+5
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-05-13s3:auth Make get_ntlm_challenge more like Samba4Andrew Bartlett1-2/+3
This helps with the upcoming NTLMSSP merge, and allows errors to be returned. Andrew Bartlett
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner2-0/+2
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther