Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-20 | s3-util: use shared dom_sid_dup. | Günther Deschner | 2 | -6/+7 | |
Guenther | |||||
2010-09-20 | s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. | Günther Deschner | 2 | -4/+5 | |
Guenther | |||||
2010-09-16 | libcli/auth/ntlmssp Be clear about talloc parents for session keys | Andrew Bartlett | 1 | -9/+16 | |
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Call security_token_set_privilege() rather than manual assignment | Andrew Bartlett | 1 | -1/+1 | |
This avoids as much direct modifiction of the bitmask as possible. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Inline dump_se_priv into callers now that it's just a uint64_t | Andrew Bartlett | 1 | -1/+1 | |
The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3:auth Remove NT_USER_TOKEN | Andrew Bartlett | 2 | -8/+8 | |
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-auth Change struct nt_user_token -> struct security_token | Andrew Bartlett | 1 | -14/+14 | |
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-auth Change type of num_sids to uint32_t | Andrew Bartlett | 1 | -5/+7 | |
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-09 | s3-auth: Added get_server_info_system function. | Andreas Schneider | 1 | -0/+5 | |
2010-09-01 | s3-auth: fix uninitialized error code in get_guest_info3(). | Günther Deschner | 1 | -2/+1 | |
Guenther | |||||
2010-08-31 | s3-auth: remove global include of krb5pac.h. | Günther Deschner | 2 | -0/+2 | |
Guenther | |||||
2010-08-31 | s3-auth: remove unused variable in check_sam_security(). | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-08-31 | s3-auth Rename NT_USER_TOKEN privileges -> privilege_mask | Andrew Bartlett | 1 | -3/+3 | |
This is closer to the struct security_token from security.idl Andrew Bartlett | |||||
2010-08-31 | s3-auth Rename NT_USER_TOKEN user_sids -> sids | Andrew Bartlett | 2 | -29/+29 | |
This is closer to the struct security_token from security.idl | |||||
2010-08-30 | s3-auth: The unlock of the account is now done by the get_sampwnam call. | Andreas Schneider | 1 | -5/+2 | |
Signed-off-by: Simo Sorce <idra@samba.org> | |||||
2010-08-30 | s3-auth: Use SamInfo3_for_guest to create guest server_info. | Andreas Schneider | 1 | -19/+70 | |
Signed-off-by: Simo Sorce <idra@samba.org> | |||||
2010-08-30 | s3-auth: add helper to get server_info out of kerberos info | Simo Sorce | 1 | -0/+100 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-30 | s3-auth: Add helper function to retrieve the unix user from a kerberos ticket | Simo Sorce | 1 | -0/+172 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-29 | s3: Remove a use of smbd_server_fd | Volker Lendecke | 1 | -1/+1 | |
This disables different socket options per user for ntlmssp authentiation, a change in behaviour which is exotic enough I believe. | |||||
2010-08-28 | s3: Remove smbd_server_conn() from check_unix_security | Volker Lendecke | 1 | -7/+2 | |
2010-08-28 | s3: Lift smbd_server_fd() from pass_check() | Volker Lendecke | 2 | -7/+8 | |
2010-08-28 | s3: Lift smbd_server_fd() from password_check() | Volker Lendecke | 1 | -11/+13 | |
2010-08-28 | s3: Fix some nonempty blank lines | Volker Lendecke | 1 | -15/+15 | |
2010-08-28 | s3: Fix smb_pam_passcheck | Volker Lendecke | 1 | -2/+2 | |
2010-08-28 | s3: Those functions are no macros anymore :-) | Volker Lendecke | 1 | -4/+0 | |
2010-08-27 | s3: Lift smbd_server_fd() from smb_pam_passcheck | Volker Lendecke | 2 | -8/+10 | |
2010-08-27 | s3: Lift smbd_server_fd() from smb_pam_start | Volker Lendecke | 1 | -16/+9 | |
smb_pam_passcheck() is the only caller that fills in NULL, all other callers now properly fill rhost | |||||
2010-08-27 | s3: Pass "private_data" through string_combinations() | Volker Lendecke | 1 | -12/+24 | |
2010-08-27 | s3: Pass rhost through to smb_pam_passchange | Volker Lendecke | 1 | -2/+3 | |
2010-08-26 | s3: Fix typos | Volker Lendecke | 1 | -2/+2 | |
2010-08-26 | s3-build: only include nsswitch header where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-26 | s3-build: only include memcache.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-24 | pam: fix unused variable warning | Björn Jacke | 1 | -1/+1 | |
2010-08-23 | s3: PAM_RHOST and PAM_TTY are enums on FreeBSD | Volker Lendecke | 1 | -3/+3 | |
2010-08-22 | s3: Turn two macros into functions | Volker Lendecke | 1 | -6/+24 | |
2010-08-22 | s3: Pass the rhost through smb_pam_accountcheck | Volker Lendecke | 2 | -4/+7 | |
2010-08-22 | s3: Rename auth.c:backends to auth_backends | Volker Lendecke | 1 | -4/+4 | |
2010-08-22 | s3: Fix some nonemtpy blank lines | Volker Lendecke | 1 | -10/+9 | |
2010-08-20 | Fix const warning. | Jeremy Allison | 1 | -1/+1 | |
2010-08-19 | s3: Remove smb_pam_accountcheck from the auth modules | Volker Lendecke | 3 | -32/+4 | |
We go through the same check in auth/auth.c line 287 after the module has done its job. So we don't have to do that check twice. | |||||
2010-08-18 | s3: Lift smbd_server_fd from reload_services() | Volker Lendecke | 1 | -1/+1 | |
2010-08-16 | s3: Remove get_client_fd() | Volker Lendecke | 1 | -2/+3 | |
2010-08-16 | s3-auth: Remove obsolete 'update encrypted' option. | Andreas Schneider | 2 | -66/+5 | |
2010-08-14 | s3:auth Add error paths for invalid password_state values | Andrew Bartlett | 3 | -2/+10 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-14 | s3:auth Change winbindd -> auth interface to more standard structures | Andrew Bartlett | 1 | -0/+37 | |
This removes conversions to and from the source3 varient of the server_info structure when replaced in s3compat, and presents a tidier interface to winbindd in any case. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-14 | s3:auth Change 'make_user_info' to be talloc based | Andrew Bartlett | 1 | -72/+58 | |
This is an ideal candidate, as it already uses a free function. It now uses talloc destructors to clear the passwords if required. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-14 | s3:auth Whitespace fixes after auth merge | Andrew Bartlett | 3 | -20/+20 | |
2010-08-14 | s3:auth Make Samba3 use the new common struct auth_usersupplied_info | Andrew Bartlett | 14 | -152/+191 | |
This common structure will make it much easier to produce an auth module for s3compat that calls Samba4's auth subsystem. In order the make the link work properly (and not map twice), we mark both that we did try and map the user, as well as if we changed the user during the mapping. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-08 | s3: Lift the smbd_messaging_context from reload_services | Volker Lendecke | 1 | -1/+1 | |
2010-08-06 | s3-netlogon: remove global include of netlogon.h. | Günther Deschner | 3 | -0/+4 | |
This reduces precompiled headers by another 4 MB and also slightly speeds up the build. Guenther |