summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_misc.c
AgeCommit message (Collapse)AuthorFilesLines
2003-03-23NTLM Authentication:Andrew Bartlett1-0/+17
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
2003-01-16Updates to the NTLMSSP code again - moving the base64 decode fuctionality outAndrew Bartlett1-0/+12
of the SWAT code, and adding a base64 encoder. The main purpose of this patch is to add NTLMSSP support to 'ntlm_auth', for use with Squid. Unfortunetly the squid side doesn't quite support what we need yet. Changes to winbind to get us the info we need, and a couple of consequential changes/cleanups in the rest of the code. Andrew Bartlett (This used to be commit fe50ca8f54ded2e119bde08831785fbe0db2ee99)
2003-01-14Remove wrapper function _get_trust_account_password() as it doesn'tTim Potter1-15/+2
seem to do anything useful anymore other than call secrets_fetch_trust_account_password(). (This used to be commit 7b0c03cbf1376f82b0bb5f4cf86e2db3b0bc1dec)
2003-01-13Merge of remove "winbindd holding pattern" from appliance. It's a bitTim Potter1-1/+5
simpler as the rescanning of trusted domains helps us out a bit. (This used to be commit 089729c02cb2088e85f0e7f8ec79afb58fe98be7)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-3/+1
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-10-18must add one to the extra_data size to transfer the 0 string terminator.Herb Lewis1-1/+2
This was causing "wbinfo --sequence" to access past the end of malloced memory. (This used to be commit 4125c582aaf86ee5d92b0c800266543a390aefce)
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-05-18As per rsharpe's request, require only a Masters in Astrophysics toAndrew Bartlett1-2/+8
correctly configure winbind. (Next job: Fill in the 'error_msg' field with somthing useful) (This used to be commit 49ee2a25c131641887cbc438a6336652f042cfb0)
2002-03-19Fix a double-free bug in wbinfo -t's call in winbindd.Andrew Bartlett1-5/+4
I forgot to clean this up when netlogon move across to the connection cache arrangement. Also add some smb_panics to the connection_ok() code to try to catch this kind of thing better in future. Andrew Bartlett (This used to be commit f4f23fad6099143ec26550afc67655390070ceb8)
2002-03-12get the test for disconnection the right way around!Andrew Tridgell1-3/+3
(This used to be commit ed80311b41f9869084d1e510cd8fd4213c3a1c19)
2002-03-06nicer message for --sequence when the server is disconnectedAndrew Tridgell1-2/+7
(This used to be commit 233e8b7d447b7efb0227c6c7a6cd2f9e034719fa)
2002-01-31added 'wbinfo --sequence' to show sequence numbers of all domainsAndrew Tridgell1-0/+29
(This used to be commit bcd234a3dad2cd3d1c57780f4a7a3833ea611764)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Allow a winbind client to obtain the server's domain name.Andrew Bartlett1-1/+13
(This used to be commit 85018fecfad1f7f6ef44b511bac937881a7bf937)
2002-01-11Always query the PDC for the list of trusted domains rather than interatingTim Potter1-3/+6
the list received at startup or we get an out of date list. I thought there might be some sequence number that is incremented when a trusted domain is added or removed - perhaps there is but I just haven't found it yet. - Renamed get_domain_info() to init_domain_list() - Made an accessor function to return the list of trusted domains rather than using a global so we don't have to remember to put a magic init function - The getent state can not keep a pointer to a winbind_domain structure as it may be freed if init_domain_list() is called again so we keep the domain name instead (This used to be commit 37216c649a394b449eaaaa6644709eafb3bf37ff)
2002-01-10Return the winbind separator over the socket, so programs don't have to parseAndrew Bartlett1-1/+27
smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett (This used to be commit 2bd2a092ee3d49a74d896385688d7c7256aa297e)
2002-01-10This changes the winbind protcol a bit:Andrew Bartlett1-11/+10
It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett (This used to be commit 6df29bfe335144a968f5367f624ef2b4cf9e69b0)
2001-11-23Fixed delete on close bug. Added core dump code to winbindd.Jeremy Allison1-2/+1
Jeremy. (This used to be commit a58d0f91f9ee7354c01a9c20cfe178d5dc02142d)
2001-11-23Fixed check machine account function.Tim Potter1-55/+29
(This used to be commit 8f01a8b07883d18f44da665cbc8e5fba04d3bc91)
2001-11-15Get list of trusted domains if we haven't fetched them yet.Tim Potter1-0/+3
(This used to be commit 187663210055ecd7b717b3894e3189ca3aaa0ed2)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-1/+3
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-09-17move to SAFE_FREE()Simo Sorce1-2/+2
(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
2001-09-10more static/dead fnsAndrew Tridgell1-2/+2
(This used to be commit f59826c0c9ba283c25faeec2cbdc7e19cca7aa04)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-10/+8
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-1/+1
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-12this is a big global fix for the ptr = Realloc(ptr, size) bug.Simo Sorce1-3/+8
many possible mem leaks, and segfaults fixed. someone should port this fix to 2.2 also. (This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9)
2001-07-25Merge of change machine account password race fix from appliance branch.Tim Potter1-1/+17
(This used to be commit 6e698d65ecb13b0b46d15bce7e0314fa1a46a13a)
2001-07-04The big character set handling changeover!Andrew Tridgell1-6/+2
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-05-07iAdditional files for winbind merge.Tim Potter1-0/+159
(This used to be commit 38ab3b31b5dc39fb59f224b399bb9c2269f1c933)