summaryrefslogtreecommitdiff
path: root/source3/smbd/sesssetup.c
AgeCommit message (Collapse)AuthorFilesLines
2002-05-31Removed some unused variables - tidy up some formating, add struct toJeremy Allison1-3/+2
client state to implement smb signing - this is a test at present. Jeremy. (This used to be commit a234e303558a25c4ea26b7f6788006e4fee651bf)
2002-05-26Add support for NTLMv2 (tested!) with NTLMSSP.Andrew Bartlett1-17/+49
The problem was the NTLMv2 uses extra data in order to make reply/lookup more difficult. That extra data includes the hostname, and the domain. This matches Win2k (sort of) by sending this information. Win2k connects with LMCompatibilityLevel=5 without a problem. We can change the negotiation bits if we want, this should allow us to make NTLMv2 the default for other clients as well. Some of the extra #defines were found in the squid source. Andrew Bartlett (This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
2002-04-18fixed the fallback to a BDC for ADS connectionsAndrew Tridgell1-1/+1
(This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a)
2002-04-16make sure we don't walk past the end of the current SMB buffer whenAndrew Tridgell1-9/+5
pulling a string this might explain a serious filename corruption bug that Quantum QA spotted (This used to be commit a877eae24becad9e0cd5b33ffe0916a20d5ba227)
2002-04-14it looks like it is possible for a w2k client to send a spnego auth without ↵Andrew Tridgell1-1/+6
sending the negotiate - try to cope (This used to be commit 95278aa41f654108d9d20cd0096a34caf175d32b)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-7/+0
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-11Back out the crazy notion that the NTLMSSP flags actually mean anything...Andrew Bartlett1-1/+12
Replace this with some flags that *we* define. We can do a mapping later if we actually get some more reliable info about what passwords are actually valid. Andrew Bartlett (This used to be commit 7f7a42c3e4d5798ac87ea16a42e4976c3778a76b)
2002-01-09Better explanation message for dmalloc.Martin Pool1-5/+5
Also more insertion of parenthesis to handle struct members called 'free'. You can now get useful dmalloc output, as long as it is compatible with your C library. On RH7.1 it looks like you have to rebuild dmalloc to allow free(0) by default, because something in libcrypt does that. (sigh) (This used to be commit 391cbb690196537c8b6292b42c2e27408cc7e249)
2002-01-06Get this code back to where it belongs...Andrew Bartlett1-7/+7
Apparently (and I will doublecheck) its legal to do an annoymous session setup when we negoitiated SPNEGO, but we can't do an authenticated one becouse we didn't give a challange. Andrew Bartlett (This used to be commit 08a5c5bf940fac7a779be01db01ae7d97df80f79)
2002-01-06Some more SPNEGO fixes.Andrew Bartlett1-1/+1
(This used to be commit 0e564cb32acc70c1fc43f1be5ceb3637f0dc7361)
2002-01-05Fix up the SPNEGO segfault.Andrew Bartlett1-2/+2
(This used to be commit 17b1c83dd02035048bd38b305460c96c6c09343a)
2002-01-05I've decided to move the auth code around a bit more...Andrew Bartlett1-45/+56
The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett (This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
2002-01-02debug statement fixups.Jeremy Allison1-5/+0
Merge SAFE_FREE fix in tdb from 2.2, and IRIX fix. Jeremy. (This used to be commit eb6607466565bcd5b3800492d0bc1ae8a44da4f6)
2001-12-31- portablitity fixes for cc -64 on irixAndrew Tridgell1-1/+1
- fixed gid* bug in rpc_server (This used to be commit 48aa90c48c5f0e3054c4acdc49668e222e7c0d36)
2001-12-20check for a winbindd username when doing a kerberos authAndrew Tridgell1-0/+11
(This used to be commit 39f2e2e1623a011e2c99ecca64e0643b1e450657)
2001-12-20don't use server_info after its been freedAndrew Tridgell1-2/+4
(This used to be commit ee161a57289409e2fa43e33b045473077c7b6ba5)
2001-12-20support "map to guest" with spnegoAndrew Tridgell1-21/+43
(This used to be commit e873d0ff1eee9442ff6152d666b8d874b6a01972)
2001-12-19added trusted realm support to ADS authenticationAndrew Tridgell1-5/+10
the method used for checking if a domain is a trusted domain is very crude, we should really call a backend fn of some sort. For now I'm using winbindd to do the dirty work. (This used to be commit adf44a9bd0d997ba4dcfadc564a29149531525af)
2001-12-08Ensure that 'use spnego' restricts, rather than just advises our clients.Andrew Bartlett1-1/+6
This means that if a hole is found in the spnego code, we can tell people to just set 'use spengo' in their config file while we sort it out. Other than that, preventing 'unusual' behaviour is always a good thing. Andrew Bartlett (This used to be commit a8a53c08f7d607268a3959486a850a2df50ca7a2)
2001-12-05Ensure we fill in the %U for NTLMSSP connectionsAndrew Bartlett1-1/+3
(This used to be commit d15ea4fa8e23469f104405c197206e2779461323)
2001-12-05added a REALLY gross hack into kerberos_kinit_password so thatAndrew Tridgell1-1/+1
winbindd can do a kinit this will be removed once we have code that gets a tgt and puts it in a place where cyrus-sasl can see it (This used to be commit 7d94f1b7365215a020d3678d03d820a7d086174f)
2001-11-29Make better use of the ads_init() function to get the kerberos relam etc.Andrew Bartlett1-7/+12
This allows us to use automagically obtained values in future, and the value from krb5.conf now. Also fix mem leaks etc. Andrew Bartlett (This used to be commit 8f9ce717819235d98a1463f20ac659cb4b4ebbd2)
2001-11-28fixed some krb5 ifdefsAndrew Tridgell1-2/+2
(This used to be commit 23ef22f11700bbaa5778a9678a990a2b041fcefe)
2001-11-27fixed another memory leakAndrew Tridgell1-1/+1
(This used to be commit 37aa2873e5f476a587316893b0ea3a6fbdfe746f)
2001-11-27more memory leak fixesAndrew Tridgell1-1/+6
(This used to be commit 5abf8442033587b79651301d39260abd44b1c3fa)
2001-11-26we can safely give NO_SUCH_USER if the ticket decodes but the localAndrew Tridgell1-1/+1
account doesn't exist (This used to be commit 477b6d27fd7281418739bc8ba0b984a53430ecda)
2001-11-26challange -> challengeTim Potter1-2/+2
(This used to be commit d6318add27f6bca5be00cbedf2226b642341297a)
2001-11-24added "net join" commandAndrew Tridgell1-38/+5
this completes the first stage of the smbd ADS support (This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-38/+85
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-20add a hook to save the krb5 PACAndrew Tridgell1-0/+8
(This used to be commit 1cbc18ae732671d9a60528f8300ca7609e124d11)
2001-11-12Spelling fixes.Tim Potter1-6/+6
(This used to be commit 5c486bd28a5d4194b7cd50fd0fe3430d0d2eaa9b)
2001-11-12Code duplication is bad. So add an add_signiture() function and just refernceAndrew Bartlett1-23/+17
that. (This used to be commit a82c8638576b2c2164eaf046aa529e233ffb71d6)
2001-11-11Kill off 'restrict anonymous' becouse it is useless in its current form.Andrew Bartlett1-47/+0
To be replaced with a real restriction in consultation with jra. (Hence why I've not touched loadparm.c). Andrew Bartlett (This used to be commit 95901449158a4ef7f95f75b22f63f6f8d43a01fe)
2001-11-09This change updates lp_guestaccount() to be a *global* paramater, rather thanAndrew Bartlett1-2/+2
per-share. I beleive that almost all the things that this could have done on a per-share basis can be done with other tools, like 'force user'. Almost all the user's of this paramater used it as a global anyway... While this is one step at a time, I hope it will allow me to considerably simplfy the make_connection() code, particularly for the user-level security case. This already removes an absolute truckload of extra attempted password lookups on the guest account. Andrew Bartlett (This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)
2001-11-09fix the tree so it compiles againAndrew Tridgell1-1/+1
grumble, mumble, ... (This used to be commit 72c1af6f8d9893dd5b8b4d105b301d8c621749c6)
2001-11-08Change to guest logon code.Andrew Bartlett1-58/+62
This changes the way we process guest logons - we now treat them as normal logons, but set the 'guest' flag. In particular this is needed becouse Win2k will do an NTLMSSP login with username "", therefore missing our previous guest connection code - this is getting a pain to do as a special case all over the shop. Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the anonymous or authenticated case, can you take a look at this? Also some cleanups in the check_password() code that should make some of the debugs clearer. Various other minor cleanups: - change the session code to just take a vuser, rather than having to do a vuid lookup on vuser.vuid - Change some of the global_client_caps linking - Better debug in authorise_login(): show the vuid. Andrew Bartlett (This used to be commit 62f4e4bd0aef9ade653b3f8d575d2864c166ab4d)
2001-11-03anonymous logins are guest logins, so mark them as such. (Otherwise they canAndrew Bartlett1-1/+1
browse non-guest shares). (This used to be commit 7131fe3be4eb2c652f3afe2f3cd99d3f82e09654)
2001-11-03Move the test for non-SPNEGO session setups when using SPNEGO, becouse its aAndrew Bartlett1-5/+5
perfectly vailid behaviour for guest logins. (This used to be commit 4db8d70ad74cdbd74c0578e66377fd0233195aaa)
2001-11-01Various post AuthRewrite cleanups, fixups and tidyups.Andrew Bartlett1-3/+3
Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a)
2001-10-31This should fix up the compile with krb5.Andrew Bartlett1-7/+9
This needs to use the auth interface at some stage, but for now this will do. (This used to be commit 8dc4f2e44b150cdcdecd2f6028bf06907ff90cad)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett1-197/+159
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-30Spnego on the 'server' end of security=server just does not work, so set theAndrew Bartlett1-1/+7
flags so we just do a 'normal' session setup. Also add some parinoia code to detect when sombody attempts to do a 'normal' session setup when spnego had been negoitiated. Andrew Bartlett (This used to be commit 190898586fa218c952fbd5bea56155d04e6f248b)
2001-10-23get rid of compiler warnings (casts and delete unused variables)Herb Lewis1-1/+1
(This used to be commit 51cb4411df61d1caec9d84809b1a53a6a632f808)
2001-10-22- fixed link order of krb5 libsAndrew Tridgell1-19/+5
- accept a wide range of principal names in session setup (This used to be commit 672df66296f540b606aa43effab5f021b8978e4b)
2001-10-21Ok, I know it's a language thing and it shouldn't matter.... but a kerberosJeremy Allison1-6/+6
name is a "principal", not a principle. English majors will complain :-). Jeremy. (This used to be commit b668d7d656cdd066820fb8044f24bcd4fda29524)
2001-10-21change smbd to use HOST/hostname principle form until I work out howAndrew Tridgell1-22/+18
to use the other form in netjoin smb_wct is a char, not a word (This used to be commit 3dbb48b188980cf6c869dc762e3039dd375bf392)
2001-10-21fixed the spnego detection code in session setupAndrew Tridgell1-2/+8
this gets share mode working again (This used to be commit 8286e5307ca47f14d27ee0d9bc9700d52151d56a)
2001-10-20crude fix for anonymous session setup with extended securityAndrew Tridgell1-1/+62
negotiated (This used to be commit b3caf2109090cb2b97a829913bee7e50e7eacba8)
2001-10-20better krb5 error handling (thanks andrewb!)Andrew Tridgell1-1/+6
(This used to be commit fd3a3daef3b8f7140e7006d30d23d739ac3aad2f)