Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-16 | s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth | Volker Lendecke | 1 | -0/+4 | |
2010-09-16 | s3: Correctly unwrap the krb ticket in gss-spnego | Volker Lendecke | 1 | -1/+52 | |
2010-09-16 | s3: Fall back to raw NTLMSSP for the gss-spnego protocol | Volker Lendecke | 1 | -0/+25 | |
This is to handle the mod_auth_ntlm_winbind protocol sending "Negotiate" to IE, which sends raw NTLMSSP instead of a SPNEGO wrapped NTLMSSP blob. | |||||
2010-09-16 | s3: Split off output generation from manage_squid_ntlmssp_request | Volker Lendecke | 1 | -17/+41 | |
2010-09-16 | s3: Wrap the ntlm_auth loop with a talloc_stackframe | Volker Lendecke | 1 | -0/+2 | |
2010-09-16 | libcli/auth/ntlmssp Be clear about talloc parents for session keys | Andrew Bartlett | 1 | -5/+7 | |
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-15 | s3: Fix some debug msgs in ntlm_auth | Volker Lendecke | 1 | -8/+8 | |
2010-09-13 | s3: Remove some unnecessary if-statements | Volker Lendecke | 1 | -10/+5 | |
2010-09-13 | ntlm_auth: Fix a valgrind error | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo (authentictaion->authentication) | Volker Lendecke | 1 | -1/+3 | |
2010-09-11 | s3-privs Hide the bitmap-based grant_privilege and revoke_privilege | Andrew Bartlett | 1 | -7/+6 | |
The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Make privilege_enum_sids() take an LUID, not a bitmap | Andrew Bartlett | 1 | -3/+5 | |
This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Remove a pointer from grant_privilege() | Andrew Bartlett | 1 | -1/+1 | |
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Remove a pointer indirection from revoke_privilege() | Andrew Bartlett | 1 | -1/+1 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | libcli/security Don't export privs[] as a global variable | Andrew Bartlett | 1 | -4/+2 | |
Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3:auth Remove NT_USER_TOKEN | Andrew Bartlett | 3 | -12/+12 | |
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-auth Change struct nt_user_token -> struct security_token | Andrew Bartlett | 2 | -5/+5 | |
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-privs Further changes to remove SE_PRIV | Andrew Bartlett | 1 | -3/+3 | |
Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-10 | Check all SMB_MALLOC returns correctly. Found by Andreas Moroder ↵ | Jeremy Allison | 1 | -0/+3 | |
<andreas.moroder@gmx.net>. Jeremy | |||||
2010-09-09 | s3-utils: remove unused variable in smbget. | Günther Deschner | 1 | -1/+0 | |
Guenther | |||||
2010-09-08 | s3: use time_mono throughout in smbget | Björn Jacke | 1 | -6/+5 | |
2010-08-31 | s3: use monotonic clock for time deltas in smbget | Björn Jacke | 1 | -2/+5 | |
2010-08-31 | s3-auth Rename NT_USER_TOKEN user_sids -> sids | Andrew Bartlett | 2 | -13/+13 | |
This is closer to the struct security_token from security.idl | |||||
2010-08-28 | s3: Remove the dependency of g_lock on procid_self | Volker Lendecke | 2 | -2/+2 | |
procid_self() references global vars, don't depend on them unnecessarily | |||||
2010-08-26 | s3-build: use dbwrap.h only where needed. | Günther Deschner | 5 | -0/+5 | |
Guenther | |||||
2010-08-26 | s3-build: only include krb5 environment variables where required. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-26 | s3-idmap: only include idmap headers where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-26 | s3-build: only include "fake_file.h" where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-26 | s3-build: only include nsswitch header where needed. | Günther Deschner | 2 | -0/+2 | |
Guenther | |||||
2010-08-25 | s3-lsa: separate out init_lsa headers. | Günther Deschner | 3 | -0/+3 | |
Guenther | |||||
2010-08-14 | s3:net: remove the "net idmap secret alloc" functionality. | Michael Adam | 1 | -39/+18 | |
This is now not available any more, since allocation is moved below the id mapping layer. The functionality could be reintroduced on a per domain basis as an e.g "net idmap secret <domain> alloc" command. | |||||
2010-08-14 | s3:net: rewrite "net idmap restore" using dbwrap | Michael Adam | 1 | -52/+130 | |
This removes the use of libwbclient from "net idmap". This detects the idmap backend from the current smb.conf and stores the id mapping tables in the corresponding data bases. Currently, only tdb and tdb2 backends are supported. Support for the ldap backend may be implemented later. | |||||
2010-08-14 | s3:net: change "net idmap dump" to use dbwrap instead of direct tdb access | Michael Adam | 1 | -15/+17 | |
This way, it will also work in a samba-ctdb cluster. | |||||
2010-08-14 | s3:net sam provision: compose sid before getting uid for Guest | Michael Adam | 1 | -2/+2 | |
Michael | |||||
2010-08-14 | s3:net sam provision: allocate the uid after composing the sid for Administrator | Michael Adam | 1 | -6/+7 | |
Michael | |||||
2010-08-08 | s3: Lift the server_messaging_context from notify_printer_byname | Volker Lendecke | 1 | -1/+2 | |
2010-08-08 | s3: Lift the server_messaging_context from notify_job_status_byname | Volker Lendecke | 1 | -0/+4 | |
2010-08-08 | s3: Lift the server_messaging_context from notify_printer_status_byname | Volker Lendecke | 1 | -3/+7 | |
2010-08-08 | s3:utils/net_rpc_service.c: we also need some ndr_pull functions | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2010-08-06 | s3-net: fix copy/paste typo in usage of "net printing". | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-08-06 | s3-net: only include netapi header when needed. | Günther Deschner | 5 | -1/+4 | |
Guenther | |||||
2010-08-06 | s3-rap: include svcctl.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-06 | s3-passdb: include samr.h where needed. | Günther Deschner | 3 | -0/+3 | |
Guenther | |||||
2010-08-06 | s3: Remove some explicit calls to procid_self() | Volker Lendecke | 1 | -7/+10 | |
2010-08-05 | s3-popt: Only include popt-common.h when needed. | Andreas Schneider | 18 | -0/+18 | |
2010-08-05 | s3-secrets: only include secrets.h when needed. | Günther Deschner | 8 | -1/+8 | |
Guenther | |||||
2010-08-05 | s3: avoid global include of ads.h. | Günther Deschner | 4 | -4/+6 | |
Guenther | |||||
2010-08-04 | s3: Convert cli_list() to return NTSTATUS | Volker Lendecke | 1 | -2/+5 | |
If needed, the callback functions can count themselves | |||||
2010-08-01 | s3: Fix some nonempty blank lines | Volker Lendecke | 1 | -14/+14 | |