samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2003-04-07	Winbind merges from HEAD:	Andrew Bartlett	1	-2/+2
	- fix winbindd_pam bugs - give a better error message for unauthorized access to auth_crap - show this message in wbinfo - fix spelling: privilaged -> privileged This changes the location of the winbindd privileged pipe (thanks to tpot) Andrew Bartlett (This used to be commit 92c2a33483cc9ddd1dd627224192a3023f8caff8)
2003-03-24	(merge from HEAD)	Andrew Bartlett	1	-1/+4
	NTLM Authentication: - Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This will break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
2003-01-28	Merge from HEAD:	Andrew Bartlett	1	-1/+3
	- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor. - also consequential changes to the NTLMSSP and SPNEGO parsing functions - and the client code that uses the same functions - Add ntlm_auth, a NTLMSSP authentication interface for use by applications like Squid and Apache. - also consquential changes to use common code for base64 encode/decode. - Winbind changes to support ntlm_auth (I don't want this program to need to read smb.conf, instead getting all it's details over the pipe). - nmbd changes for fstrcat() instead of fstrcpy(). Andrew Bartlett (This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
2003-01-04	The winbind in Samba 3.0 doesn't use the 'proof' for ntlm_auth_crap, so don't	Andrew Bartlett	1	-1/+0
	include it in the struct. (Important becouse it currently has the same version number as the one in HEAD, which also doesn't have this). Andrew Bartlett (This used to be commit 0d2da985906219d68e2558a840905a272803bfcc)
2002-12-23	Finish adding strings to all talloc_init() calls.	Jeremy Allison	1	-0/+1
	Jeremy. (This used to be commit aa8439a49ec4b9f433745fefa1e769e45398f4df)
2002-12-20	Merge from HEAD.	Tim Potter	1	-2/+2
	- null termination of winbind request fix - bail out if we can't open winbind socket (This used to be commit 102e490d683c0758a9798a3c15e748509690c95b)
2002-09-25	sync'ing up for 3.0alpha20 release	Gerald Carter	1	-0/+3
	(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-08-17	sync 3.0 branch with head	Jelmer Vernooij	1	-1/+11
	(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
2002-07-15	updated the 3.0 branch from the head branch - ready for alpha18	Andrew Tridgell	1	-0/+3
	(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-29	merge winbindd WINS changes from 2.2	Herb Lewis	1	-0/+8
	(This used to be commit 205399dc17e464360b0152538329b9e111b0e7f4)
2002-02-05	Drastic impromvents to pam_winbind.	Andrew Bartlett	1	-1/+8
	This adds code to do generic PAM -> NTSTATUS and NTSTATUS -> PAM error conversions, and uses them to make the error handling in pam_winbind sane. In particular, pam_winbind now uses PAM error codes, not silly '-1, -2 ...' stuff, and logs the NTSTATUS error that winbind now sends over the pipe. Added code to wbinfo to display these - makes a big difference in debugging winbindd. The main change here is the code to allow pam_winbind password changing to correctly stack - This code ripped from pam_unix, and the copyright attached. (Same as for all pam modules, including pam_winbind) Andrew Bartlett (This used to be commit dc1a72f896b83bc1ad3c7bf6c12c36ace3967280)
2002-01-31	added 'wbinfo --sequence' to show sequence numbers of all domains	Andrew Tridgell	1	-0/+2
	(This used to be commit bcd234a3dad2cd3d1c57780f4a7a3833ea611764)
2002-01-30	Removed version number from file header.	Tim Potter	1	-2/+1
	Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26	Change the winbind interface to use seperate 'domain' and 'username' feilds for	Andrew Bartlett	1	-3/+9
	the sid->uid and uid->sid conversions. Remove some duplicate arguments from these funcitons, and update the request/response structures for this and the 'winbind domain name' feature. As such 'winbindd_lookup_name' now takes both a domain and username. (This used to be commit ce1b4d4c309e4a60bec5a53224585bd504264672)
2002-01-10	Since AB has been changing the winbind interface it's time to add the "mock	Tim Potter	1	-5/+8
	swedish" test to client calls. This is putting a length field at the start of a request so we can disconnect clients talking with an out of date libnss_winbind.so rather than deadlock them. Misc cleanups: - made some int values uint32 - moved WINBIND_INTERFACE_VERSION to start of cmd list (This used to be commit a4af65b9b93671f13f277d49279a85042a8fd1d5)
2002-01-10	Return the winbind separator over the socket, so programs don't have to parse	Andrew Bartlett	1	-0/+10
	smb.conf to get it right. While wb_client needs its lp_load() for samba dependency reasons, it now uses the new method both to example and test the new code. Also add an interface version function, and return the winbind's samba version string. In preperation for default domains, its now up to winbindd to reject plaintext auths that don't have a seperator, but NTLM (CRAP) auths now have two feilds, hence need parsing. Andrew Bartlett (This used to be commit 2bd2a092ee3d49a74d896385688d7c7256aa297e)
2002-01-10	This changes the winbind protcol a bit:	Andrew Bartlett	1	-0/+2
	It adds a 'ping' request, just to check winbind is in fact alive It also changes winbindd_pam_auth_crap to take usernames and domain seperatly. (backward incompatible change, needs merge to 2.2, but this is not yet released code, so no workarounds) Finally, it adds some debugs and fixes a few memory leaks (uses talloc to do it). Andrew Bartlett (This used to be commit 6df29bfe335144a968f5367f624ef2b4cf9e69b0)
2002-01-10	A big tidyup while thinking about getting trusted domains being re-read	Tim Potter	1	-4/+4
	when they are added or removed on the PDC. - renamed GETPWNAM_FROM_{UID,USER} constants and functions to GETPW{NAM,UID} - renamed GETGRNAM_FROM_{GID,GROUP} constants and functions to GETGR{NAM,GID} - use SIGUSR2 in winbindd for debugging/logging instead of SIGUSR1 in preparation for moving to smbcontrol type messages (not sure whether to ditch this altogether or not) - tidy debugging messages in top level winbind user and group routines - convert talloc_init() to talloc_init_named() - make enumerations of the domain list use the same local variable names (This used to be commit eeb8af9c1a66bfcd80823d7b406acbab79857a16)
2001-11-21	Preparing to implement +ve and -ve caching for lookupname/lookupsid calls.	Jeremy Allison	1	-2/+2
	Jeremy. (This used to be commit 1f6cc536b2db0c36feee45cfd6ac1ad5ee8fb05a)
2001-11-14	Got ready to implement Martin's idea, but request doesn't have a length	Jeremy Allison	1	-5/+5
	field.... well, now at least the code is there when it does :-). Jeremy. (This used to be commit 22e323ca47325482b6ae527070509ed9c6cbccee)
2001-09-17	move to SAFE_FREE()	Simo Sorce	1	-0/+4
	(This used to be commit 03dc67788f68c9e01b5a82fdf43f837cb19f4608)
2001-09-05	fixed a bunch of compilation errors on Solaris, mostly people getting ↵	Andrew Tridgell	1	-1/+1
	NSS_STATUS and WINBINDD error codes mixed up (This used to be commit 66698d6b841df809a8654012a8385bffacb9dc4a)
2001-08-22	Added another authentication interface to winbindd. The Challenge Response	Tim Potter	1	-0/+9
	Authentication Protocol (CRAP) takes a tuple of (username, random challenge, encrypted lm password, encrypted nt password) where the passwords are encrypted with the random challenge ala ntlmssp. (This used to be commit 11f72a78e3a16bbb17b576d80b47a9eb818ee428)
2000-10-11	Renamed WINBINDD_INITGROUPS constant to WINBINDD_GETGROUPS.	Tim Potter	1	-1/+1
	(This used to be commit 5f3cf2eb78bfa6fb00890d449d38e9f13964712c)
2000-08-25	Updated file with version in TNG.	Tim Potter	1	-2/+3
	(This used to be commit 156e17dea48962bca98a3f7d1e876eb6047ebc8a)
2000-07-05	Merge of wbinfo program from TNG.	Tim Potter	1	-1/+4
	(This used to be commit 659e4d88ff9dbf1fa9cd8904470c4a8d02d8674b)
2000-06-30	Merge from TNG.	Tim Potter	1	-2/+4
	(This used to be commit b46fc0ed040ff24bb4e348904fdb0e9788364837)
2000-06-14	Merge from TNG.	Tim Potter	1	-53/+103
	(This used to be commit e5cb97dda89fe23612b75861232591e4831733e0)
2000-05-09	brought the winbindd code into head	Andrew Tridgell	1	-0/+118
	this does not yet compile, but I'm working on that. (This used to be commit 3fb862531a4e78dca13d16d958517b16e5bdd4e2)