summaryrefslogtreecommitdiff
path: root/source3/libads/authdata.c
AgeCommit message (Collapse)AuthorFilesLines
2013-08-10auth/gensec: treat struct gensec_security_ops as const if possible.Stefan Metzmacher1-5/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10auth/gensec: introduce gensec_internal.hStefan Metzmacher1-0/+1
We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-07-06auth: Common function for retrieving PAC_LOGIN_INFO from PACChristof Schmitt1-26/+3
Several functions use the same logic as kerberos_pac_logon_info. Move kerberos_pac_logon_info to common code and reuse it to remove the code duplication. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-06-27s3-param: Rename loadparm_s3_context -> loadparm_s3_helpersAndrew Bartlett1-1/+1
This helps clarify the role of this structure and wrapper function. The purpose here is to provide helper functions to the lib/param loadparm_context that point back at the s3 lp_ functions. This allows a struct loadparm_context to be passed to any point in the code, and always refer to the correct loadparm system. If this has not been set, the variables loaded in the lib/param code will be returned. As requested by Michael Adam. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jun 27 17:11:16 CEST 2012 on sn-devel-104
2012-04-24s3: Attempt to fix the build without kerberosVolker Lendecke1-1/+2
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Tue Apr 24 15:04:14 CEST 2012 on sn-devel-104
2012-04-23Make krb5 wrapper library common so they can be used all overSimo Sorce1-0/+1
2012-04-03s3-libads: Rework kerberos_return_pac() to use GENSEC for the server-sideAndrew Bartlett1-22/+167
This removes the last user of ads_verify_ticket(), and means that we only have one code path to verify an incoming krb5 (GSSAPI) ticket. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-1/+1
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-04-20libcli/auth Move PAC parsing and verification in common.Andrew Bartlett1-317/+0
This uses the source3 PAC code (originally from Samba4) with some small changes to restore functionality needed by the torture tests, and to have a common API. Andrew Bartlett
2010-08-30s3-krb: Reformat and add doxygen comment to decode_pac_data()Simo Sorce1-63/+91
Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-05s3: avoid global include of ads.h.Günther Deschner1-0/+1
Guenther
2010-07-20s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keysSimo Sorce1-1/+2
2010-06-03s3: remove authdata.hGünther Deschner1-1/+0
Guenther
2010-05-18s3: Remove use of iconv_convenience.Jelmer Vernooij1-13/+7
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett1-116/+6
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-04s3: Fix a memleak in check_pac_checksumVolker Lendecke1-2/+8
2009-11-27s3-kerberos: do not include authdata headers before including krb5 headers.Günther Deschner1-0/+1
Guenther
2009-11-27s3-kerberos: only use krb5 headers where required.Günther Deschner1-0/+1
This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther
2009-11-12Remove unused variable warning.Jeremy Allison1-1/+0
Jeremy.
2009-11-12s3-kerberos: remove smb_krb5_get_tkt_from_creds().Günther Deschner1-60/+4
Now that cli_krb5_get_ticket() already handles S4U2SELF impersonation, remove smb_krb5_get_tkt_from_creds() which is not required anymore. Guenther
2009-11-06s3-kerberos: let smb_krb5_get_tkt_from_creds() compile with older heimdal libs.Günther Deschner1-1/+1
Guenther
2009-11-06s3-kerberos: support S4U2SELF impersionation through cli_krb5_get_ticket().Günther Deschner1-1/+2
Guenther
2009-11-06s3-kerberos: add impersonate_principal for kerberos_return_pac_X calls.Günther Deschner1-1/+25
Guenther
2009-11-06s3-kerberos: add smb_krb5_get_tkt_from_creds().Günther Deschner1-0/+40
Guenther
2009-04-07s3:kerberos Rework smb_krb5_unparse_name() to take a talloc contextAndrew Bartlett1-1/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2008-10-20s3-build: no need to duplicate generated ndr_ prototypes.Günther Deschner1-0/+1
Guenther
2008-10-11Cope with changed signature of http_timestring().Jelmer Vernooij1-2/+2
2008-09-23s3: use samba4 prototype for ndr_push/pull_struct_blob.Günther Deschner1-7/+7
Guenther
2008-02-27Add my copyright.Günther Deschner1-1/+1
Guenther (This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
2008-02-17Some more cleanup in authdata.c.Günther Deschner1-621/+7
Guenther (This used to be commit 5483f5fb44bb2138a1348c05845a2b8f3588697a)
2008-02-17Align our krb5 PAC decoding routines to the samba4 ones.Günther Deschner1-234/+224
(while keeping all the trans krb5 lib support) Guenther (This used to be commit c06e507737bb07ff995876e49341de3f60b0da35)
2008-01-17Finally enable pidl generated SAMR & NETLOGON headers and clients.Günther Deschner1-6/+6
Guenther (This used to be commit f7100156a7df7ac3ae84e45a47153b38d9375215)
2008-01-11Coverity 512, uninitialized var.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 1b7cc80c61ccbf766801080f5a3f0260f40ccc17)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-5/+8
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-19/+19
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r24432: Expand kerberos_return_pac() so that it can be used in winbindd.Günther Deschner1-6/+72
Guenther (This used to be commit e70bf0ecc3ec6d3ba8ba384024bbdf9a783072ea)
2007-10-10r24424: Fix the build.Günther Deschner1-5/+5
Guenther (This used to be commit 029bf26f8a571ae060f7be60fd3e8c61d86004f7)
2007-10-10r24158: SE_GROUP_RESOURCE in the other_sids list apparently means aGerald Carter1-1/+1
domain local group. Fix a typo in the PAC debugging routine (This used to be commit b0b66b2e7af133b199868b946fad70016e1cefbd)
2007-10-10r23973: For debugging, add (undocumented) net ads kerberos commands (kinit, ↵Günther Deschner1-1/+1
renew, pac). Guenther (This used to be commit 4cada7c1485c9957e553d6e75cb6f30f4338489f)
2007-10-10r23970: Allow to set the debuglevel at which to dump the PAC logon info.Günther Deschner1-18/+18
Guenther (This used to be commit 7d321aad83cb7b9cc766bc89a886676337a2bad8)
2007-10-10r23969: Some helper routines to retrieve a PAC and PAC elements.Günther Deschner1-0/+160
Guenther (This used to be commit d4c87c792a955be7d5ef59fc683fc48e3d8afe16)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23251: whoops! Fix compile errorGerald Carter1-2/+6
(This used to be commit 22a3ea40ac69fa3722abf28db845ab284a65ad97)
2007-10-10r23080: Fix bug #4637 - we hads missed some cases whereJeremy Allison1-12/+24
we were calling PRS_ALLOC_MEM with zero count. Jeremy. (This used to be commit 9a10736e6fa276ca4b0726fbb7baf0daafbdc46d)
2007-10-10r18188: merge 3.0-libndr branchJelmer Vernooij1-2/+2
(This used to be commit 1115745caed3093c25d6be01ffee21819fb0a675)
2007-10-10r13588: Second attempt to fix Bug #3330 - treat the string as aJeremy Allison1-7/+7
uint8 array and copy as such. Gunther please check (sorry I reverted your earlier fix). Jeremy. (This used to be commit 7a17b39c80703909f102487690d2117d874b0e15)
2007-10-10r13585: Sorry Gunther, had to revert this. It's got a bufferJeremy Allison1-3/+11
overrun. Spoke to Jerry about the correct fix. Will add this after. Jeremy. (This used to be commit 33e13aabd3825c59d15dc897536e2ccf8c8f6d5e)
2007-10-10r13581: Correctly parse a non-null terminated, little-endian UCS2 string in theGünther Deschner1-11/+3
PAC_LOGON_NAME structure. This was broken on big-endian machines (Solaris SPARC and ppc). Fixes Bug #3330. Jerry, this should be in 3.0.21c. Guenther (This used to be commit 9732490811f8f02ee547ddc6e2694e1122a3a518)
2007-10-10r11183: add small helper function to return a PAC_LOGON_INFO.Günther Deschner1-0/+16
Guenther (This used to be commit a8d5d6b845efb62e73e281549528376f3ee74211)