summaryrefslogtreecommitdiff
path: root/source3/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-06-07s3:auth make sure the primary group sid is usableSimo Sorce1-13/+30
This function was previously performed under the cover by converting back and forth from info3 to samu and then later from samu to info3. Since we now shortcircuit that in some cases, check explicitly using get_primary_group_sid() Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth return the full passwd struct from check_accountSimo Sorce1-12/+6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth remove unused structure memberSimo Sorce2-106/+2
sids are now completely handled using info3, remove dead code that fills server info sids and the structure members themselves Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth create nt token from info3 directlySimo Sorce2-38/+162
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth handle unix domain sids in samuSimo Sorce3-38/+129
When we generate a user out of thin air we may end up adding sids that are not part of the sam domain (unix domain sids). Handle the case and preserve these sids as extra sids. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth set the resolved user sid in the fake sam accountSimo Sorce1-0/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth check the user is valid firstSimo Sorce1-43/+39
It makes no sense to go through all the hoops to build samu and convert it to info3, just to discard them later if the user was not valid. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-07s3:auth make sure we set the right usernameSimo Sorce1-0/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-04s3-auth: Moved smbd user functions to a generic place.Andreas Schneider1-0/+406
Reviewed-by: Simo Sorce <idra@samba.org>
2010-06-01s3:auth Rename wksta_name -> workstation_name in auth_usersupplied_infoAndrew Bartlett8-29/+29
2010-05-31s3:smbd map_username() doesn't need sconn anymoreSimo Sorce1-4/+2
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-05-31s3-auth: add "system" bool flag to auth_serversupplied_info.Günther Deschner1-1/+10
Guenther
2010-05-31s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()Andrew Bartlett1-2/+4
This ensures the results can't be easily left to leak. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Remove AUTH_NTLMSSP_STATE typedef.Andrew Bartlett1-12/+12
typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Make AUTH_NTLMSSP_STATE a private structure.Andrew Bartlett1-0/+87
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-29s3:auth make it easier to trace auth modulesSimo Sorce8-0/+21
2010-05-29s3:auth fix info3 duplication functionSimo Sorce1-3/+8
2010-05-29s3:auth Fix segfault when the user cannot be found by getpwnam()Andrew Bartlett1-3/+10
Add comment to notify when getpwnam() fails. Reviewed-by: Simo Sorce <idra@samba.org>
2010-05-28s3-auth: Added a function to get the server_info from the system user.Andreas Schneider1-0/+39
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3-auth: fix c++ buildwarnings.Günther Deschner1-2/+2
Guenther
2010-05-27s3:auth remove login_server from server infoSimo Sorce1-3/+0
It is not used anymore, we have that information in info3->base.logon_server already
2010-05-27Fix Out of memory checksSimo Sorce1-37/+59
Günther pushed an older version of the patch "s3:auth add function to copy a netr_SamInfo3 structure" that was missing these fixes.
2010-05-28s3:auth add function to convert wbcAuthUserInfo to netr_SamInfo3Simo Sorce1-0/+135
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth Free sampass as soon as we have server_infoSimo Sorce3-8/+6
We don't keep sampass in server_info anymore So it makes no sense to keep it around. Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth use info3 in auth_serversupplied_infoSimo Sorce3-570/+123
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth add function to copy a netr_SamInfo3 structureSimo Sorce1-0/+61
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-28s3:auth: add function to convert samu to netr_SamInfo3Simo Sorce1-0/+166
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21Fix bug #7448 - smbd crash when sambaLMPassword and sambaNTPassword entries ↵Roel van Meer1-0/+3
missing from ldap. Protect SMBsesskeygen_ntv1() from a NULL pointer.
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett3-39/+39
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18s3-rpc_client: move protos to cli_netlogon.hGünther Deschner2-0/+2
Guenther
2010-05-18s3-crypto: only include crypto headers when crypto is done.Günther Deschner2-0/+2
Guenther
2010-05-18security: merge builtin rid tables.Günther Deschner1-2/+2
Guenther
2010-05-18s3-rpc_misc: clean out include/rpc_misc.h.Günther Deschner2-5/+5
Well known rids don't really belong into an rpc header, just use the ones defined in security.idl. Guenther
2010-05-13s3:auth Make get_ntlm_challenge more like Samba4Andrew Bartlett1-2/+3
This helps with the upcoming NTLMSSP merge, and allows errors to be returned. Andrew Bartlett
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner2-0/+2
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-04-12s3: Apply some constVolker Lendecke1-3/+5
2010-04-12s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" ↵Matthias Dieter Wallnöfer1-3/+3
attribute According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the forest one.
2010-04-11s3: Move serverinfo_to_SamInfoX to auth/server_info.cVolker Lendecke1-0/+287
2010-04-11s3: Move [make|free]_user_info to auth/user_info.cVolker Lendecke2-108/+131
2010-04-11s3: Move make_server_info_sam to auth/server_info_sam.cVolker Lendecke2-121/+151
2010-04-11s3: Move sanitize_username to lib/util_str.cVolker Lendecke1-8/+0
2010-04-11s3: Move make_server_info to auth/server_info.cVolker Lendecke2-32/+55
2010-04-11s3: Move check_sam_security to auth/check_sam.cVolker Lendecke2-485/+512
2010-04-11s3: Make check_sam_security publicVolker Lendecke1-20/+28
2010-04-11s3: Replace "auth_context" by "challenge" in need_to_increment_bad_pw_count argsVolker Lendecke1-5/+5
2010-04-11s3: Replace "auth_context" by "challenge" in sam_password_ok argsVolker Lendecke1-7/+10
2010-04-11s3: Move user_in_group() and create_token_from_username() to token_utils.cVolker Lendecke2-315/+315
Goal is to be able to call check_sam_security from winbind
2010-04-11s3: Use talloc_stackframe() in user_in_groupVolker Lendecke1-7/+1
2010-04-11s3: Use talloc_stackframe() in user_in_group_sidVolker Lendecke1-8/+1