samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2011-07-20	s3-auth Use the common auth_session_info	Andrew Bartlett	1	-1/+1
	This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20	s3-auth Use struct auth3_session_info outside the auth subsystem	Andrew Bartlett	1	-2/+2
	This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-04	s3-rpc_server: Replace client_id in dcerpc gssapi server.	Andreas Schneider	1	-3/+22
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-04-27	s3-rpc_server Fix compile without kerberos	Andrew Bartlett	1	-2/+7
	Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Apr 27 23:08:48 CEST 2011 on sn-devel-104
2011-04-27	auth/kerberos: Create common helper to get the verified PAC from GSSAPI	Andrew Bartlett	1	-54/+8
	This only works for Heimdal and MIT Krb5 1.8, other versions will get an ACCESS_DEINED error. We no longer manually verify any details of the PAC in Samba for GSSAPI logins, as we never had the information to do it properly, and it is better to have the GSSAPI library handle it. Andrew Bartlett
2011-04-20	s3-gse: Allow the GSSAPI wrapper to load a keytab using gss_krb5_import_cred()	Andrew Bartlett	1	-1/+1
	This Heimdal function does not set the global state, and allows the GSSAPI server to progress further when compiled against Heimdal (such as in the top level build). The ability to specify a keytab has been removed from the API as it is unused, and and the Heimdal function (avoiding setting global variables) works with an open keytab. Andrew Bartlett
2011-04-05	s3-auth use create_local_token() to transform server_info -> session_info	Andrew Bartlett	1	-2/+3
	Before a auth_serversupplied_info struct can be used for authorization, the local groups and privileges must be calculated. create_local_token() now copies the server_info, and then sets the calulated token and unix groups. Soon, it will also transform the result into an expanded struct auth_session_info. Until then, the variable name (server_info vs session_info provides a clue to the developer about what information has been entered in the structure). By moving the calls to create_local_token within the codebase, we remove duplication, and ensure that the session key (where modified) is consistently copied into the new structure. Andrew Bartlett
2011-04-04	s3-auth consolidate create_local_token() into make_server_info_krb5()	Andrew Bartlett	1	-1/+1
	This ensures that all callers don't need to each add builtin groups and privileges to the user's token Andrew Bartlett
2011-03-30	s3-auth: rpc_server needs auth.h	Günther Deschner	1	-0/+1
	Guenther
2010-09-23	s3-dcerpc: add server helpers for gssapi auth	Simo Sorce	1	-0/+248
	Signed-off-by: Günther Deschner <gd@samba.org>