summaryrefslogtreecommitdiff
path: root/source3/smbd/sesssetup.c
AgeCommit message (Collapse)AuthorFilesLines
2010-05-11s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATAAndrew Bartlett1-7/+3
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-06s3: only include gen_ndr headers where needed.Günther Deschner1-0/+1
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time as follows: ccache build w/o patch real 4m21.529s ccache build with patch real 3m6.402s pch build w/o patch real 4m26.318s pch build with patch real 3m6.932s Guenther
2010-03-15s3: Fix an uninitialized variable readVolker Lendecke1-1/+1
Found by Laurent Gaffie <laurent.gaffie@gmail.com> Thanks for that, Volker
2010-03-01s3: Add connections_forall_read()Volker Lendecke1-3/+2
In a cluster, this makes a large difference: For r/w traverse, we have to do a fetch_locked on every record which for most users of connections_forall is just overkill.
2010-02-17s3: Fix bug 7139Volker Lendecke1-2/+32
To provide the user with the same SID when doing Kerberos logins, attempt to do a make_server_info_sam instead of a make_server_info_pw.
2010-01-10s3: Remove the typedef for "auth_serversupplied_info"Volker Lendecke1-4/+4
2010-01-10s3: Remove the typedef for "auth_usersupplied_info"Volker Lendecke1-2/+2
2009-12-22s3:ntlmssp: only include ntlmssp.h where actually neededAndrew Bartlett1-0/+1
Andrew Bartlett
2009-11-23Revert "s3: Move the global variable Protocol to struct smbd_server_connection"Volker Lendecke1-2/+2
This reverts commit c85a4c9ba4a7de65a7850f6f9708df66bd24deea.
2009-11-21s3: Move the global variable Protocol to struct smbd_server_connectionVolker Lendecke1-2/+2
2009-11-04Remove "Protocol" as an extern, and add accessor functions.Jeremy Allison1-4/+2
Jeremy.
2009-09-17spnego: share spnego_parse.Günther Deschner1-0/+1
Guenther
2009-07-15Fix bug #6551 - win98 clients cannot connect after server upgrade to ↵Jeremy Allison1-0/+1
samba-3.4.0. The values of vuid and tid were not being correctly updated in the struct smb_request when passed to chain_reply inside sessionsetupX and tconX. Jeremy.
2009-06-03s3:smbd: move more session specific globals to struct smbd_server_connectionStefan Metzmacher1-26/+31
metze
2009-06-03s3:smbd: move some session specific globals to struct smbd_server_connectionStefan Metzmacher1-4/+5
metze
2009-06-03s3:smbd: move negprot related globals to struct smbd_server_connectionStefan Metzmacher1-6/+9
metze
2009-06-03s3:smbd: move pending_auth_data list to struct smbd_server_connectionStefan Metzmacher1-14/+33
metze
2009-04-07s3:kerberos Rework smb_krb5_unparse_name() to take a talloc contextAndrew Bartlett1-8/+0
Signed-off-by: Günther Deschner <gd@samba.org>
2009-03-23s3:smbd: use new simplified snb_signing code in the serverStefan Metzmacher1-25/+0
We keep the seqnum/mid mapping in the smb_request structure. This also moves one global variable into the smbd_server_connection struct. metze
2009-02-23More warning fixes for Solaris.Jeremy Allison1-2/+2
Jeremy.
2009-02-21Remove the static "chal" from ntlmssp.c:get_challenge()Volker Lendecke1-3/+4
2009-02-01Add two new parameters to control how we verify kerberos tickets. Removes ↵Dan Sledz1-2/+2
lp_use_kerberos_keytab parameter. The first is "kerberos method" and replaces the "use kerberos keytab" with an enum. Valid options are: secrets only - use only the secrets for ticket verification (default) system keytab - use only the system keytab for ticket verification dedicated keytab - use a dedicated keytab for ticket verification. secrets and keytab - use the secrets.tdb first, then the system keytab For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only The major difference between "system keytab" and "dedicated keytab" is that the latter method relies on kerberos to find the correct keytab entry instead of filtering based on expected principals. The second parameter is "dedicated keytab file", which is the keytab to use when in "dedicated keytab" mode. This keytab is only used in ads_verify_ticket.
2009-01-15s3: make better use of ccache by not including version.h in every C-file.Michael Adam1-1/+1
version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael
2009-01-08s3:smbd: move all globals and static variables in globals.[ch]Stefan Metzmacher1-13/+1
The goal is to move all this variables into a big context structure. metze
2008-12-30Move a comment to its placeVolker Lendecke1-5/+5
2008-12-12s3 sesssetup.c: Add missing line break to debug message.root1-1/+1
Karolin
2008-11-28Remove two direct inbuf references from reply_sesssetup_and_X_spnego()Volker Lendecke1-2/+2
2008-11-02Remove a bunch of direct inbuf references by adding "vwv" to smb_requestVolker Lendecke1-10/+10
2008-11-02Remove some direct inbuf references by adding smbreq_bufremVolker Lendecke1-3/+3
2008-11-02Simplify params of srvstr_pull_buf_talloc()Volker Lendecke1-20/+13
Now that "req" is available everywhere, use it. Rename srvstr_pull_buf_talloc() to srvstr_pull_req()
2008-11-01Kill some fstringsVolker Lendecke1-31/+55
2008-11-01Remove a bunch of direct inbuf references by adding "buf" to smb_requestVolker Lendecke1-10/+9
2008-11-01Add a "buflen" struct member to smb_requestVolker Lendecke1-2/+1
This removes some explicit inbuf references and also removes a pointless check in reply_echo. The buflen can never be more than 64k, this is just a 16 bit value.
2008-10-31Remove a pointles call to smb_bufremVolker Lendecke1-2/+1
This call expanded to (smb_buflen(req->inbuf) - PTR_DIFF(smb_buf(req->inbuf) - smb_buf(req->inbuf))) which seems pretty pointless :-)
2008-10-22s3-asn1: make all of s3 asn1 code do a proper asn1_init() first.Günther Deschner1-12/+17
Guenther
2008-10-22s3: use shared asn1 code.Günther Deschner1-1/+1
Guenther
2008-10-22Slightly simplify reply_sesssetup_blob(): Remove an else branchVolker Lendecke1-10/+11
2008-10-22Don't push the data out to the client in reply_sesssetup_blob()Volker Lendecke1-4/+0
Sending the data at this level breaks the assumption at higher levels that req->outbuf == NULL means this request is deferred. It also breaks potential chaining (Kerberos session setup and tcon X in one request)
2008-08-22Don't re-initialize a token when we already have one. This fixes the build ↵Jeremy Allison1-10/+13
farm failures when winbindd connects as guest. This one took a *lot* of tracking down :-). Jeremy. (This used to be commit dca827791276906436452c650062164eb819dfe0)
2008-05-20Fix type error in debug messageVolker Lendecke1-1/+1
(This used to be commit eb281532b1721ded39c39bb00c26202080dcd735)
2008-05-20sesssetup.c: Add debug message.Karolin Seeger1-0/+3
Log when we kill other smbd sessions like when we hit the VC == 0 case. This one fixes BUG #5476. Initial patch from Björn Jacke <bj@sernet.de>. Karolin (This used to be commit 1429f3b7cf293994b334052428fcdadcee162dea)
2008-05-11Fix a memleak in new auth_serversupplied codeVolker Lendecke1-1/+2
(This used to be commit f23e970848b6e6655453fa65f6f160f624acfcff)
2008-05-10Fix a memleakVolker Lendecke1-5/+0
(This used to be commit 9891c7c30858a3bea9adbea1c5bfa5c6b1b85221)
2008-05-10Add a mem_ctx argument to make_server_info_guest()Volker Lendecke1-3/+3
(This used to be commit e4a9492967f3d2b64f27943f99414608e0c03d21)
2008-05-07Rename server_info->was_mapped to server_info->nss_tokenVolker Lendecke1-3/+1
"nss_token" from my point of view much better reflects what this flag actually represents (This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
2008-05-05Fix typoVolker Lendecke1-1/+1
(This used to be commit 8047a1991a09191fec254815f3bfc85a2c36674a)
2008-05-05Remove "session_key" from "struct user_struct"Volker Lendecke1-18/+13
This one took a bit -- I hope I covered all data paths (This used to be commit 74c88a44422f88d6e2f2cdbfdfa0bafe0dbe06c4)
2008-04-07Fix Kerberos interop with Mac OS X 10.5 clients.Bill Ricker1-21/+28
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated with the client rather than hardcoding OID_KERBEROS5_OLD. (This used to be commit 59a2bcf30fef14ecc826271862b645dd3a61cb48)
2008-03-27Fix up the comments on security=share to explain we'reJeremy Allison1-1/+5
ignoring passwords. Jeremy. (This used to be commit e7b6ea46532a26611dfd9d9e2727d52ba6a9cf50)
2008-03-20smbd: fix session setup with security = share.Michael Adam1-1/+1
Broken by pstring removal in 9ed12bfc48fe7f9b1863a9dd88e881974083053c. Jeremy, please check. Thanks to Yannick Bergeron <yaberger@ca.ibm.com> for noting this. Michael (This used to be commit 008c4bdbe5de064b4469fc1f7c7173290f35b3ef)