Age | Commit message (Collapse) | Author | Files | Lines |
|
This is causing circular depdnendcies that bring libpdb in all code and this is
BAD.
This change 'protects' the sid and guid of the domain by adding a special key
that makes them effectively read only.
Limit this temporarily to the samba 4 build, once it gets some good testing the
samba4 ifdefs can be dropped.
fix pdb dependencies
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This matches the auth_ntlmssp case and the smbd/sesssetup.c code.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 26 17:58:17 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This simplifies a lot of code, as we know we are always dealing with a
struct gensec_security, and allows the gensec module being used to
implement GSSAPI to be swapped when required for AD-server operation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This will allow non-krb5 services to get the full user groups
without need to do an online s4u2self.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This will allow gensec_gse to parse the PAC.
This is a copy from source3/rpc_server/dcesrv_generic.c to preserve
behaviour. A future commit will enable the samlogon cache.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jan 12 17:33:10 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This is possible because the s3 gensec modules are started as
normal gensec modules, so we do not need a wrapper any more.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
This removes the abstraction violation in auth_generic.c.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This makes the long term owner of this memory more clear. So far only the
clear cases have been moved from NULL however.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This will allow the supply of multiple modules in future
without duplicating the module selection logic.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This makes it clear that this can support more than just NTLMSSP.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This function handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This was lost when the server_info and session_info structures were split.
This helps avoid doing lookups for the guest account to determine the
uid/gid and SID values.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Dec 22 15:51:09 CET 2011 on sn-devel-104
|
|
metze
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 2 18:34:55 CET 2011 on sn-devel-104
|
|
Guenther
|
|
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
|
|
Instead, call gensec_session_info() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We do not need it on the auth_ntlmssp_state any longer.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104
|
|
This will help with having "sidHistory" support in future.
metze
|
|
This avoids keeping the event context around on a the gensec_security
context structure long term.
In the Samba3 server, the event context we either supply is a NULL
pointer as no server-side modules currently use the event context.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This uses the top level gensec_ntlmssp helper functions which are identical
to the parts of ntlmssp_wrap.c that are now not called.
(Includes formatting and correctness fixes from Metze)
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
I have done plenty of work here, I deserve some of the blame :-)
Andrew Bartlett
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Oct 17 23:32:58 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
This will allow the TDB layer to get at the lp_ctx for tdb options.
Andrew Bartlett
|
|
This will allow gensec_start.c to move to the top level. This does not change
what code uses the cli_credentials code, but allows the gensec code to be
more broadly.
Andrew Bartlett
|
|
this allows the s3 code to understand and cache responses from the s4
winbindd which may include a single SID mapped to both a uid and a gid
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Sep 23 01:47:54 CEST 2011 on sn-devel-104
|
|
Reviewed-by: Jelmer
|
|
group_sids_to_info3 does a sid_peek_check_rid on the domain sid before adding
the rids to the array. If the domain sid is 0x0, then the check will always
fail.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Sep 17 00:51:27 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
move something that might be invalid.
Makes the code match what is currently in 3.6.x.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Sep 12 22:21:24 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Sep 12 17:44:46 CEST 2011 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Sep 8 10:21:50 CEST 2011 on sn-devel-104
|
|
|
|
Changes to the s3 epmapper behaviour seem to have fixed the rest of these
tests.
Andrew Bartlett
|
|
|