summaryrefslogtreecommitdiff
path: root/source3/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-07-20s3-dcerpc: Unifiy cli_pipe_auth_data and pipe_auth_dataSimo Sorce1-2/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-20s3-auth: Move auth_ntlmssp wrappers in their own fileSimo Sorce1-77/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-20s3-auth: Refactor and rename auth_ntlmssp_server_info()Simo Sorce1-11/+13
Rename it to auth_ntlmssp_steal_server_info() to make it clear that the server_info struct is stolen from the auth_ntlmssp_state structure. Use talloc_move instead of manual steal&clear Add comments to explain what is going on. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-auth: Remove unused variable.Simo Sorce1-2/+0
It was a spurious remnant after a rebase.
2010-07-19s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contextsSimo Sorce1-6/+12
Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state. Remote auth_ntlmssp_end and use TALLOC_FREE in the callers. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-auth: auth_make ntlmssp_state the parent contextSimo Sorce1-29/+12
There is no need for a separate mem_ctx member. Also make the ntlmssp_state a children of auth_ntlmssp_state Also cleanup auth_ntlmssp_end to free only what is not automatically freed Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-auth: Simplify how we free the auth_contextSimo Sorce3-18/+20
Turn the freeing function into a destructor and attach it to the auth_context. Make all callers TALLOC_FREE() the auth_context instead of calling the free function. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-auth: Cleanup and readability fixesSimo Sorce1-21/+23
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.Simo Sorce1-1/+1
All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-14s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett1-4/+7
This fixes a bug where register_existing_vuid() could be called with a NULL server_info if the alloction failed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-07-11s3: [ug]id_to_unix_... can not failVolker Lendecke2-14/+5
Remove some silly failure checks
2010-07-08s3: Slightly simplify make_server_info_pwVolker Lendecke1-3/+1
2010-06-25s3: In make_server_info_info3, check the result of copy_netr_SamInfo3Volker Lendecke1-0/+4
2010-06-25s3: In copy_netr_SamInfo3 copy all of the sids arrayVolker Lendecke1-0/+3
2010-06-16s3-auth: in make_user_info_for_reply_enc make sure to check length and dataGünther Deschner1-2/+2
pointer of nt and lm hash. This fixes kernel cifs client with sec=ntlmv2. Guenther
2010-06-16s3-auth: fix debug message in check_winbind_security().Günther Deschner1-1/+1
Guenther
2010-06-16Revert "s4-smbtorture: only pull info when status code indicates success in ↵Günther Deschner1-11/+3
smbcli_rap_netprintqgetinfo()." This reverts commit 1f1c04010a55e67d8dc2110276eed4cf2a8a0afa.
2010-06-16s4-smbtorture: only pull info when status code indicates success in ↵Günther Deschner1-3/+11
smbcli_rap_netprintqgetinfo(). Guenther
2010-06-11s3-auth: Fix valgrind warning (unitialized var) in samu_to_SamInfo3().Günther Deschner1-5/+7
Guenther s3:auth do not fail if there are 0 group sids Signed-off-by: Günther Deschner <gd@samba.org>
2010-06-11s3:auth fix samu->info3 conversionSimo Sorce1-0/+3
Some pdb_get_ functions where missing because of previous mis-patching
2010-06-10s3:misc make use of server_[event/messaging]_context directlyAndreas Schneider1-1/+1
Untangle these functions from smbd specific dependencies so they can be freely used in multiple servers.
2010-06-08Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"Volker Lendecke1-6/+4
This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80. Conflicts: source3/auth/auth_ntlmssp.c
2010-06-07s3:auth add hooks to indicate if signing or sealing is desired with NTLMSSPAndrew Bartlett1-0/+10
This allows the right hooks to be called in GENSEC when s3compat implements the auth_ntlmssp interface. Otherwise, we can't do the signing or sealing as we have not negoitated it's use. Andrew Bartlett
2010-06-07s3:auth Change auth_ntlmssp_server_info API to return NTSTATUSAndrew Bartlett1-4/+6
It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett
2010-06-07s3:auth Rename user_info->domain -> user_info->mapped.domain_nameAndrew Bartlett9-37/+37
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->client_domain -> user_info->client.domain_nameAndrew Bartlett5-8/+8
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->internal_username -> user_info->mapped.account_nameAndrew Bartlett11-30/+30
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth Rename user_info->smb_name -> user_info->client.account_nameAndrew Bartlett10-29/+29
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
2010-06-07s3:auth make sure the primary group sid is usableSimo Sorce1-13/+30
This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth return the full passwd struct from check_accountSimo Sorce1-12/+6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth remove unused structure memberSimo Sorce2-106/+2
sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth create nt token from info3 directlySimo Sorce2-38/+162
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth handle unix domain sids in samuSimo Sorce3-38/+129
When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth set the resolved user sid in the fake sam accountSimo Sorce1-0/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth check the user is valid firstSimo Sorce1-43/+39
It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth make sure we set the right usernameSimo Sorce1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-04s3-auth: Moved smbd user functions to a generic place.Andreas Schneider1-0/+406
Reviewed-by: Simo Sorce <idra@samba.org>
2010-06-01s3:auth Rename wksta_name -> workstation_name in auth_usersupplied_infoAndrew Bartlett8-29/+29
2010-05-31s3:smbd map_username() doesn't need sconn anymoreSimo Sorce1-4/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-05-31s3-auth: add "system" bool flag to auth_serversupplied_info.Günther Deschner1-1/+10
Guenther
2010-05-31s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()Andrew Bartlett1-2/+4
This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Remove AUTH_NTLMSSP_STATE typedef.Andrew Bartlett1-12/+12
typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Make AUTH_NTLMSSP_STATE a private structure.Andrew Bartlett1-0/+87
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-29s3:auth make it easier to trace auth modulesSimo Sorce8-0/+21
2010-05-29s3:auth fix info3 duplication functionSimo Sorce1-3/+8
2010-05-29s3:auth Fix segfault when the user cannot be found by getpwnam()Andrew Bartlett1-3/+10
Add comment to notify when getpwnam() fails. Reviewed-by: Simo Sorce <idra@samba.org>
2010-05-28s3-auth: Added a function to get the server_info from the system user.Andreas Schneider1-0/+39
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3-auth: fix c++ buildwarnings.Günther Deschner1-2/+2
Guenther
2010-05-27s3:auth remove login_server from server infoSimo Sorce1-3/+0
It is not used anymore, we have that information in info3->base.logon_server already