summaryrefslogtreecommitdiff
path: root/source3/utils/ntlm_auth.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r23474: Here's a small patch that disables the libkrb5.so replay cacheGerald Carter1-1/+1
when verifying a ticket from winbindd_pam.c. I've found during multiple, fast, automated SSH logins (such as from a cron script) that the replay cache in MIT's krb5 lib will occasionally fail the krb5_rd_req() as a replay attack. There seems to be a small window during which the MIT krb5 libs could reproduce identical time stamps for ctime and cusec in the authenticator since Unix systems only give back milli-seconds rather than the micro-seconds needed by the authenticator. Checked against MIT 1.5.1. Have not researched how Heimdal does it. My thinking is that if someone can spoof the KDC and TDS services we are pretty hopeless anyways. (This used to be commit cbd33da9f78373e29729325bbab1ae9040712b11)
2007-10-10r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke1-26/+26
replace all data_blob(NULL, 0) calls. (This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
2007-10-10r22001: change prototype of dump_data(), so that it takes unsigned char * now,Stefan Metzmacher1-3/+3
which matches what samba4 has. also fix all the callers to prevent compiler warnings metze (This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
2007-10-10r21663: Fix from the Wine guys: Robert Shearman <rob@codeweavers.com>Jeremy Allison1-1/+2
The background behind this patch is that we're using ntlm_auth with Wine. Windows allows us to pass in a NULL domain and a username of the form of "user@domain" and this is converted into an NTLMSSP_AUTH packet with a NULL domain name and a username of the same form. Jeremy. (This used to be commit 32b040fe05707d5ce6322cb41d36cfdd2c3b31fc)
2007-10-10r21240: Fix longstanding Bug #4009.Günther Deschner1-2/+2
For the winbind cached ADS LDAP connection handling (ads_cached_connection()) we were (incorrectly) assuming that the service ticket lifetime equaled the tgt lifetime. For setups where the service ticket just lives 10 minutes, we were leaving hundreds of LDAP connections in CLOSE_WAIT state, until we fail to service entirely with "Too many open files". Also sequence_number() in winbindd_ads.c needs to delete the cached LDAP connection after the ads_do_search_retry() has failed to submit the search request (although the bind succeeded (returning an expired service ticket that we cannot delete from the memory cred cache - this will get fixed later)). Guenther (This used to be commit 7e1a84b7226fb8dcd5d34c64a3478a6d886a9a91)
2007-10-10r21010: fix the pstring change in ntlm_auth for require-membership-of in ↵Gerald Carter1-1/+1
ntlm_auth (This used to be commit 2d877e41d1fdf71b45074f257930062539e379d8)
2007-10-10r18029: More C++ stuffVolker Lendecke1-1/+1
(This used to be commit 089b51e28cc5e3674e4edf5464c7a15673c5ec0f)
2007-10-10r17984: Ensure we never indirect a null opt_username if it wasn'tJeremy Allison1-0/+10
specified. Jeremy. (This used to be commit 5d9bb91ab7bb080b56b25849e646143ab3ad8252)
2007-10-10r17981: Hmmm. Don't break helper functions that don't needJeremy Allison1-5/+7
the username by forcing it to be specified. Still split out domain \ user for the ones that do use it. Jeremy. (This used to be commit c097e107391cd97dd829c19b672b6a7adece504f)
2007-10-10r17979: Make ntlm_auth more intelligent about figuring out it'sJeremy Allison1-14/+31
domain and user args. if only given a parameter of the form --username DOMAIN\user. When called by firefox or other user apps they may not know what the domain is (and they don't care). They just want to pass the contents of $USERNAME without having to parse it or guess a domain. Jeremy. (This used to be commit 5f51417916ed8bfc0dd08f44e669cb044fc83d01)
2007-10-10r17921: Comment is obsolte. This is now implemented in winbindd.Jeremy Allison1-3/+1
Jeremy. (This used to be commit 37c636eb480e3736b143653231d73620152eb470)
2007-10-10r17903: Fix null deref caught by Stanford checker. Don'tJeremy Allison1-1/+0
call ntlmssp_end on a null pointer ! (Doh !). Jeremy. (This used to be commit 7b53932b5190c78b2b483f36af95174fe38ed45e)
2007-10-10r17610: Added the ability for firefox to drive the winbinddJeremy Allison1-10/+99
ntlm_auth module to allow it to use winbindd cached credentials.The credentials are currently only stored in a krb5 MIT environment - we need to add an option to winbindd to allow passwords to be stored even in an NTLM-only environment. Patch from Robert O'Callahan, modified with some fixes by me. Jeremy. (This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3)
2007-10-10r17446: Fix some C++ warnings and two memleaks found by Coverity, IDs 304 ↵Volker Lendecke1-7/+13
and 305. Volker (This used to be commit 4f6605a4880f54f2c7d1f3c7554408d893bc623c)
2007-10-10r17216: From Kai Blin <kai.blin@gmail.com>:Andrew Bartlett1-0/+71
A patch to make ntlm_auth recognize three new commands in ntlmssp-client-1 and squid-2.5-ntlmssp: The commands are the following: Command: SF <hex number> Reply: OK Description: Takes feature request flags similar to samba4's gensec_want_feature() call. So far, only NTLMSSP_FEATURE_SESSION_KEY, NTLMSSP_FEATURE_SIGN and NTLMSSP_FEATURE_SEAL are implemented, using the same values as the corresponding GENSEC_FEATURE_* flags in samba4. Command: GF Reply: GF <hex number> Description: Returns the negotiated flags. Command: GK Reply: GK <base64 encoded session key> Description: Returns the negotiated session key. (These commands assist a wine project to use ntlm_auth for signing and sealing of bulk data). Andrew Bartlett (This used to be commit bd3e06a0e4435f1c48fa3b7862333efe273119ee)
2007-10-10r17005: Add a new helper mode to ntlm_auth: ntlm-change-password-1Andrew Bartlett1-1/+295
This mode proxies pre-calculated blobs from a remote (probably VPN) client into the domain. This allows clients to change their password over a PPTP connection (where they would not be able to connect to SAMR directly). The precalculated blobs do not reveal the plaintext password. Original patch by Alexey Kobozev <cobedump@gmail.com> (This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison1-1/+1
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r15523: Honour the time_offset also when verifying kerberos tickets. ThisGünther Deschner1-1/+1
prevents a nasty failure condition in winbindd's pam_auth where a tgt and a service ticket could have been succefully retrieved, but just not validated. Guenther (This used to be commit a75dd80c6210d01aff104a86b0a9d39d65f2c348)
2007-10-10r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit ↵Gerald Carter1-1/+1
winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2007-10-10r14585: Tighten argument list of kerberos_kinit_password again,Günther Deschner1-2/+1
kerberos_kinit_password_ext provides access to more options. Guenther (This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
2007-10-10r14033: Fix Coverity bug # 126Volker Lendecke1-0/+1
(This used to be commit bb6d678575faac050376607a5c778b8a10805061)
2007-10-10r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter1-4/+4
macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-3/+3
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13212: r12414@cabra: derrell | 2006-01-28 17:52:17 -0500Derrell Lipman1-1/+1
lp_load() could not be called multiple times to modify parameter settings based on reading from multiple configuration settings. Each time, it initialized all of the settings back to their defaults before reading the specified configuration file. This patch adds a parameter to lp_load() specifying whether the settings should be initialized. It does, however, still force the settings to be initialized the first time, even if the request was to not initialize them. (Not doing so could wreak havoc due to uninitialized values.) (This used to be commit f2a24de769d1b2266e576597c57a8e3b1e2a2b51)
2007-10-10r12555: Fix more load_case_table swegfaults. Arggg.Jeremy Allison1-0/+1
What I'd give for a global constructor... Jeremy. (This used to be commit c970d7d0a5ba225465dfb0980989b8817b17c643)
2007-10-10r11573: Adding Andrew Bartlett's patch to make machine accountJeremy Allison1-0/+2
logons work if the client gives the MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT or MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT flags. This changes the auth module interface to 2 (from 1). The effect of this is that clients can access resources as a machine account if they set these flags. This is the same as Windows (think of a VPN where the vpn client authenticates itself to a VPN server using machine account credentials - the vpn server checks that the machine password was valid by performing a machine account check with the PDC in the same was as it would a user account check. I may add in a restriction (parameter) to allow this behaviour to be turned off (as it was previously). That may be on by default. Andrew Bartlett please review this change carefully. Jeremy. (This used to be commit d1caef866326346fb191f8129d13d98379f18cd8)
2007-10-10r11232: Added ab's POSIX statvfs vfs call. Sorry for the delay ab.Jeremy Allison1-1/+1
Jeremy. (This used to be commit af8545806770a7530eecc184bdd230ca14999884)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-2/+2
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-13/+18
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r9198: Convert hex_encode and strhex_to_data_blob to take a talloc context.Volker Lendecke1-22/+20
Volker (This used to be commit c7d10e2c834d8d5136e2d01dea1ad286757deddb)
2007-10-10r7882: Looks like a large patch - but what it actually does is make SambaJeremy Allison1-6/+6
safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2007-10-10r6450: * fix typo in htlm_auth help messageGerald Carter1-2/+2
* add synonym for idmap_rid in better lining with other idmap backend names * remove old debug messages when idmap {uid|gid} options are not defined (This used to be commit 03ebf3ebfe83897d8c18e57ed378154d1377874b)
2007-10-10r4259: Fix cast in SMB_XMALLOC_ARRAY. Bugzilla #2168.Tim Potter1-1/+1
(This used to be commit 0c3bb181e8f4d10d446f9211904d53f42ddcbaeb)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-14/+14
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3377: Merge in first part of modified patch from Nalin Dahyabhai ↵Jeremy Allison1-1/+1
<nalin@redhat.com> for bug #1717.The rest of the code needed to call this patch has not yet been checked in (that's my next task). This has not yet been tested - I'll do this once the rest of the patch is integrated. Jeremy. (This used to be commit 7565019286cf44f43c8066c005b1cd5c1556435f)
2007-10-10r3273: Ensure we're consistent in the use of strchr_m for '@'.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 0f3f7b035b37bfc51d3a59d0472003c3d4ac1511)
2007-10-10r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid ofTim Potter1-1/+1
'..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2007-10-10r2762: Remove silly conversion to and from UTF8 on the winbind pipe. Fix theAndrew Bartlett1-28/+16
naming of the require_membership_of parameter in pam_winbind and fix the error code for 'you didn't specify a domain' in ntlm_auth. Andrew Bartlett (This used to be commit 4bf0b94011fe6bfbec5635e58cafbfe3dc898569)
2007-10-10r2147: Fix utility name in error message (pre-emptivly merged to trunk ;-)Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 657bb14789bcec65668d072fec0f954d1e5322ef)
2007-10-10r1582: On failure, print the length of the right variable.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 5bd6abb54e12aee2031d48bc5b240bb4f127bf5a)
2007-10-10r1492: Rework our random number generation system.Andrew Bartlett1-1/+1
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
2007-10-10r1128: The end-of-file is not the end of the world, so don't make a load ↵Andrew Bartlett1-3/+7
DEBUG() about it. Andrew Bartlett (This used to be commit 4da976dbd07e70726055cc4251fd1c26f63b3b2c)
2007-10-10r1126: Allow more flexible GSS-SPENGO client and server operation. TheAndrew Bartlett1-16/+18
client now falls back to NTLMSSP, and the server allows the client to start, without first asking for a mech list. Andrew Bartlett (This used to be commit feccc3daca7b2e9091b81fbbb93dc7284baedb99)
2007-10-10r1124: ntlm_auth memory leak fixes by James Wilkinson - ↵Andrew Bartlett1-0/+4
jwilk@alumni.cse.ucsc.edu Andrew Bartlett (This used to be commit 94c0827ce20d8d1084703f6f5e4ad3b3c33151f8)
2007-10-10r517: Remove wrong commit I did by mistakeAlexander Bokovoy1-6/+0
(This used to be commit 72d30ea06612461bdf19916fa40ca459f0c37acc)
2007-10-10r516: On GNU/Linux distributions which allow to use both 2.4 and 2.6 kernelsAlexander Bokovoy1-0/+6
there is SYS_utimes syscall defined at compile time in glibc-kernheaders but it is available on 2.6 kernels only. Therefore, we can't rely on syscall at compile time but have to check that behaviour during program execution. An easy workaround is to have replacement for utimes() implemented within our wrapper and do not rely on syscall at all. Thus, if REPLACE_UTIME is defined already (by packager), skip these syscall shortcuts. (This used to be commit e278e2e6e095b1c01eab307d55edf2cde48dcba2)
2007-10-10r240: I'm pretty happy with the 'ntlm-server-1' helper protocol now, and asAndrew Bartlett1-2/+0
there is now a public patch that uses it, make it always available. (It was #ifdef DEVELOPER) Andrew Bartlett (This used to be commit aa3bc79835c79652199ce5aaf2f3981f8211c9bd)
2007-10-10r201: Fix bugs in the --helper-protocol=ntlm-server-1 implementation.Andrew Bartlett1-8/+9
(allow the use of base64 encoded strings, LM or NT passwords) Andrew Bartlett (This used to be commit 57a5563b421b0684e7bb40d10c2168916c59c89d)
2007-10-10r191: Only send the ntlm_auth 'ntlm-server-1' helper client a '.' after theAndrew Bartlett1-2/+1
server had said something (such as an error). Andrew Bartlett (This used to be commit c05016a2f750960c40387c1d6aba9f6841f66a3b)
2007-10-10r188: Add a new 'helper protocol' to ntlm_auth.Andrew Bartlett1-2/+202
This protocol looks rather like SMTP headers/LDAP: NT-Domain: TESTWG Username: abartlet ... Password: foo Challenge-response passwords are in hexideciaml, while any 'plain' string can be base64 encoded when like this: Password:: Zm9vCg== (the :: indicates it, just like LDAP - I hope) The protocol is not final, so it is #ifdef DEVELOPER for now (so nobody starts to rely on it until I'm happy), but we may as well get this into subversion. My intention is to use this to power the next version of my PPP/ntlm_auth plugin, and hopefully entice a FreeRadius plugin out of the woods. Andrew Bartlett (This used to be commit 8efdd957ba8310515242ba2979ff07130a0b1a3a)