summaryrefslogtreecommitdiff
path: root/source3/auth
AgeCommit message (Collapse)AuthorFilesLines
2008-03-10Use a separate tdb for mutexesVolker Lendecke2-14/+18
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. (This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
2008-03-06Be more verbose why create local token has failed duringGünther Deschner1-1/+2
NTLMSSP and Kerberos session setup Guenther (This used to be commit 18b8c2c19e50aee8fc900c7507244cb95014a4fa)
2008-02-17Use netr_SamInfo3 in remaining places.Günther Deschner1-5/+5
Guenther (This used to be commit 92fca97951bf7adf8caaeabdaff21682b18dd91f)
2008-02-17Use netr_SamInfo3 in make_server_info_info3().Günther Deschner1-25/+27
Guenther (This used to be commit 5866c11b288c217f0c38240c44f8bfeff185890d)
2008-02-14Allow auth_ntlmssp_end() to ignore null pointers passed in.Jeremy Allison1-1/+6
Jeremy. (This used to be commit b7628f3a47166791db4cd6451d52ea3881a45bed)
2008-02-13auth_winbind: use wbcAuthenticateUserEx()Stefan Metzmacher2-69/+277
smbd doesn't need $(WBCOMMON_OBJ) anymore, it works with any libwbclient.so now and may talk to an older winbindd. metze (This used to be commit e3435930a307cff3066fe2047ed8c5c48911f001)
2008-02-05Fix typo.Karolin Seeger1-1/+1
Karolin (This used to be commit 906e19bad40ba0c0a473ec2601e9eb0fff169f83)
2008-02-04Always pass a TALLOC_CTX to str_list_make and str_list_copyVolker Lendecke1-10/+26
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
2008-02-04tiny simplificationVolker Lendecke1-5/+3
(This used to be commit 22e49ef2c0c9b641068ac5419b9c82fb97d3e8e6)
2008-01-23Windows 2008 (Longhorn) auth2 flag fixes.Andreas Schneider1-1/+1
Interop fixes for AD specific flags. Original patch from Todd Stetcher. (This used to be commit 5aadfcdaacd6f136eab9e107a88b8544e6d2105f)
2008-01-08Fix CID 460 - resource leak on error.Jeremy Allison1-0/+1
Jeremy. (This used to be commit d61831164b482d02e0eef3c28aeed93d3e44433f)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam2-34/+52
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2008-01-04More logical operations on booleans. IBM checker.Jeremy Allison2-2/+6
Jeremy. (This used to be commit e289a0c8592f9e5c58100ddcde2577b452725b88)
2007-12-29Fix a panicVolker Lendecke1-1/+1
get_root_nt_token asks for "struct nt_user_token". talloc_get_type is not smart enough to see that this is the same as NT_USER_TOKEN... :-) (This used to be commit 22a98bf7b81fb89dce1f32ef65cfe6caaba985b3)
2007-12-28Convert get_root_nt_token to memcacheVolker Lendecke1-3/+15
(This used to be commit fada689893314bed2fc78588b3fd9b144f4c808a)
2007-12-28Remove static zerosVolker Lendecke1-3/+6
(This used to be commit dbcc213710a9af31b6094d4741a6f68f573dcdad)
2007-12-22Fix "may be used uninitialized" compiler warnings.James Peach1-3/+3
(This used to be commit 22ac34a329c9be9cf7d1e6749ebcfb50215378e4)
2007-12-21De-couple smbd from staticly linking against winbindd client files.Gerald (Jerry) Carter1-3/+3
Implements a wrapper layer in winbind_util.c which are just stubs if compiled --without-winbind. When building with winbindd, it is now required to build the libwbclient DSO first (in the Makefile) and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the library PATH. (This used to be commit 42787bccff4fcffafc7aae6a678e792604ecaaa5)
2007-12-19Remove Get_Pwnam and its associated static variableVolker Lendecke1-1/+2
All callers are replaced by Get_Pwnam_alloc (This used to be commit 735f59315497113aebadcf9ad387e3dbfffa284a)
2007-12-17Correctly define prototypes for accessor functions.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 299ea5d122e173adf6edb6399fc90798747b0c97)
2007-12-17More static fstring removal.Jeremy Allison1-33/+116
Jeremy. (This used to be commit dcf624aa02cf7415a4a55e6d45606e813ae6b91f)
2007-12-17Reformat: Remove trailing spaces.Michael Adam1-47/+47
Michael (This used to be commit 5249b3d204bf5f9191c2a4a7e81d09227eb5ddea)
2007-12-17Fix flags in caller of lookup_name() in create_builtin_administrators().Michael Adam1-1/+2
Michael (This used to be commit 46bfbf5c8af6c030e67219a29c49fd2d40003b18)
2007-12-16Remove another static string and static passwd.Jeremy Allison1-19/+22
Jeremy. (This used to be commit 2a700c5a57a417add3b1975b2c396d20c8a5f301)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke2-7/+8
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-12-15Use sid_string_talloc where we have a tmp talloc ctxVolker Lendecke1-2/+2
(This used to be commit f00ab810d2540679bec109498ac89e1eafe18f03)
2007-12-13Fix typo in debug statement.Michael Adam1-1/+1
Michael (This used to be commit da23684261f40c06dea30ab2df0c878ebb0d0d81)
2007-12-13Rename get_trust_pw() to get_trust_pw_hash().Michael Adam1-2/+2
Michael (This used to be commit 0cde7ac9cb39a0026a38ccf66dbecefc12931074)
2007-12-13Let get_trust_pw() determine the machine_account_name to use.Michael Adam1-2/+5
Up to now each caller used its own logic. This eliminates code paths where there was a special treatment of the following situation: the domain given is not our workgroup (i.e. our own domain) and we are not a DC (i.e. it is not a typical trusted domain situation). In situation the given domain name was previously used as the machine account name, resulting in an account name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me. get_trust_pw would not have obtained a password in this situation anyways. I hope I have not missed an important point here! Michael (This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f)
2007-12-10Correctly unbecome_root() on errorVolker Lendecke1-0/+2
(This used to be commit aec5f1512660953168a2c55b2890cd6c076b8a92)
2007-12-08Fix two incompatible pointer warningsVolker Lendecke1-1/+1
Jeremy, please check (This used to be commit 60500fac30911500eade7c2a9aa13569dcab0911)
2007-12-07Remove next_token - all uses must now be next_token_talloc.Jeremy Allison3-31/+44
No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-11-27Remove pstrings from everything except srv_spoolss_nt.c.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-14Remove pstring from auth/*Jeremy Allison2-16/+43
Jeremy. (This used to be commit 72c19d114b40ee307bbe45d9828667165a26d7a3)
2007-11-13Remove last pstring from smbd/*.cJeremy Allison1-1/+1
Jeremy. (This used to be commit f1680bada913af4eaf5c0d686983018d6c8b3e5f)
2007-11-03Remove most of the remaining globals out of lib/util_sock.c.Jeremy Allison1-2/+2
I have a plan for dealing with the remaining..... Watch this space. Jeremy. (This used to be commit 963fc7685212689f02b3adcc05b4273ee5c382d4)
2007-11-03I can't get away without a 'length' arg. :-).Jeremy Allison1-1/+1
Jeremy. (This used to be commit 95d01279a5def709d0a5d5ae7224d6286006d120)
2007-11-03Stop get_peer_addr() and client_addr() from using globalJeremy Allison1-1/+2
statics. Part of my library cleanups. Jeremy. (This used to be commit e848506c858bd16706c1d7f6b4b032005512b8ac)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison2-15/+15
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison11-70/+70
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-12Add become_root/unbecome_root around one call of getsampwsid()Michael Adam1-1/+6
in create_token_from_username(). This caused set_nt_acl to partially fail in certain circumstances. This is expected to bring an improvement to bug #4308. Michael (This used to be commit e68671b59500d7e1b645c80ee264c49893f8df84)
2007-10-10Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison1-1/+1
IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy. (This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
2007-10-10[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.Gerald (Jerry) Carter1-9/+4
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-10r25598: Add missing become_root/unbecome_root around calls of add_aliases.Michael Adam1-0/+4
This triggered a "cannot access LDAP when not root"-bug with "passdb backend = ldap" and "winbind nested groups = yes". This *might* be a step towards fixing bug #4308, since the failure was observerd when triggered by acl code. Michael (This used to be commit ba8c48244e140403b728d9a2ca297b40e8888964)
2007-10-10r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.Gerald Carter1-1/+1
The translate_name() used by cli_session_setup_spnego() cann rely Winbindd since it is needed by the join process (and hence before Winbind can be run). (This used to be commit 00a93ed336c5f36643e6e33bd277608eaf05677c)
2007-10-10r25401: BUG 4982: Don't delete lanman hashes on invalid logins whenGerald Carter1-4/+6
using the "lanman auth = no". Tested by Guenter Kukkukk. (This used to be commit 611fdd95a583ebd22ffa17e2f39c5a1bb0936c63)
2007-10-10r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,Gerald Carter1-1/+1
and client fixes. Patch from Todd Stetcher <todd.stetcher@isilon.com>. (This used to be commit 8304ccba7346597425307e260e88647e49081f68)
2007-10-10r23928: Merge all "copy-info3-groups-to-sid-array" blocks to a ↵Günther Deschner1-32/+6
sid_array_from_info3() function. Guenther (This used to be commit 1e1e480115e37b3f4c85f979ddd800b8de0b9c57)
2007-10-10r23801: The FSF has moved around a lot. This fixes their Mass Ave address.Andrew Tridgell1-2/+1
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell13-26/+13
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)