Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-02-20 | s3-winbindd: pass logon parmeters down to check_sam_security() | Andrew Bartlett | 1 | -2/+6 | |
This allows ntlm_auth --diagnostics to work against the local DC, just as it works against a member server. Andrew Bartlett | |||||
2012-01-30 | s3-winbind: don't try to do clever thing if the username is not found while ↵ | Matthieu Patou | 1 | -1/+2 | |
authenticating through winbind This could cause that we authenticate a user with a bogus domain to winbind's domain if the password supplied for the PAM_AUTH match. The problem was reported by Jeff Venable (jvenable@juniper.net). Patch from Andrew Bartlett (abartlett@samba.org). Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104 | |||||
2011-10-28 | Fix bug #8548 - winbind_samlogon_retry_loop ignores logon_parameters flags. | Jeremy Allison | 1 | -2/+2 | |
Fix confirmed by reporter. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 28 23:04:47 CEST 2011 on sn-devel-104 | |||||
2011-10-24 | idl: Improve MS-PAC IDL | Simo Sorce | 1 | -7/+7 | |
Change some misleading variable names to reflect the actual function. Add missing field name/types previously marked as unkown. Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104 | |||||
2011-07-04 | s3-auth: Pass the remote_address down to user_info. | Andreas Schneider | 1 | -2/+13 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2011-06-30 | s3-winbind: Fix bug 7888 -- deal with buggy 3.0 based PDCs | Günther Deschner | 1 | -7/+19 | |
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Jun 30 00:42:23 CEST 2011 on sn-devel-104 | |||||
2011-06-09 | s3-param Remove special case for global_myname(), rename to lp_netbios_name() | Andrew Bartlett | 1 | -3/+3 | |
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett | |||||
2011-05-25 | s3-winbind: BUG 8166 - Don't lockout users when offline. | Jim McDonough | 1 | -1/+4 | |
Windows does not track bad password attempts when offline. We were locking users out but not honoring the lockout duration. Autobuild-User: Jim McDonough <jmcd@samba.org> Autobuild-Date: Wed May 25 18:11:10 CEST 2011 on sn-devel-104 | |||||
2011-05-05 | More simple const fixups. | Jeremy Allison | 1 | -3/+3 | |
2011-05-04 | Fix simple uses of safe_strcpy -> strlcpy. Easy ones where we just remove -1. | Jeremy Allison | 1 | -2/+2 | |
2011-05-02 | s3: remove various references to server side dcerpc structs (which are not ↵ | Günther Deschner | 1 | -1/+0 | |
needed). Guenther | |||||
2011-04-24 | s3:rpc_client: map fault codes to NTSTATUS with dcerpc_fault_to_nt_status() | Stefan Metzmacher | 1 | -5/+5 | |
Most fault codes have a NTSTATUS representation, so use that. This brings the fault handling in common with the source4/librpc/rpc code, which make it possible to share more highlevel code, between source3 and source4 as the error checking can be the same now. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Apr 24 10:44:53 CEST 2011 on sn-devel-104 | |||||
2011-03-30 | s3-includes: only include ntdomain.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2011-03-30 | s3-auth: use auth.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2011-03-30 | s3-passdb: use passdb headers where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2011-02-28 | s3-rpc_client: Move client pipe functions to own header. | Andreas Schneider | 1 | -0/+1 | |
2011-02-04 | s3-winbindd: let winbind try to use samlogon validation level 6. (bug #7945) | Günther Deschner | 1 | -2/+57 | |
The benefit of this that it makes us more robust to secure channel resets triggered from tools outside the winbind process. Long term we need to have a shared tdb secure channel store though as well. Guenther Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Feb 4 18:11:04 CET 2011 on sn-devel-104 | |||||
2011-02-02 | s3-winbind: prefer dcerpc_samr_X functions in winbindd/winbindd_pam.c. | Günther Deschner | 1 | -13/+37 | |
Guenther | |||||
2011-01-28 | s3: inline get_uid_from_state | Volker Lendecke | 1 | -6/+1 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Jan 28 23:38:16 CET 2011 on sn-devel-104 | |||||
2011-01-28 | s3: Lift winbindd_cli_state from fillup_password_policy | Volker Lendecke | 1 | -4/+6 | |
2011-01-28 | s3: Do not use state->mem_ctx in fillup_password_policy | Volker Lendecke | 1 | -4/+8 | |
2011-01-28 | s3: Lift winbindd_cli_state from winbindd_dual_pam_auth_samlogon | Volker Lendecke | 1 | -21/+27 | |
2011-01-28 | s3: Lift winbindd_cli_state from winbindd_raw_kerberos_login | Volker Lendecke | 1 | -18/+26 | |
2011-01-26 | s3-winbind: share a common winbind_samlogon_retry_loop(). | Günther Deschner | 1 | -168/+147 | |
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 26 12:41:14 CET 2011 on sn-devel-104 | |||||
2011-01-26 | Revert "s3: These assignments are overwritten immediately" | Günther Deschner | 1 | -0/+4 | |
This reverts commit 18962ea3852d0d0fc7371e99813bebd54fae0a19. | |||||
2011-01-26 | Revert "s3-winbind: fix winbindd_dual_pam_auth_samlogon() for NT4 domains." | Günther Deschner | 1 | -1/+0 | |
This reverts commit cea36aeacf8778493463f31e6afc3f58384639e2. | |||||
2011-01-24 | s3-winbind: fix winbindd_dual_pam_auth_samlogon() for NT4 domains. | Günther Deschner | 1 | -0/+1 | |
After failing the netr_LogonSamLogonEx, we failed to retry with netr_LogonSamLogon. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Jan 24 12:35:42 CET 2011 on sn-devel-104 | |||||
2010-12-19 | s3: Use the right uid winbindd_raw_kerberos_login() | Volker Lendecke | 1 | -1/+1 | |
2010-12-19 | s3: wcache_invalidate_samlogon only needs the SID | Volker Lendecke | 1 | -4/+10 | |
2010-12-10 | s3-winbind Improve memory handling in NTLMv2-backend plaintext authentication | Andrew Bartlett | 1 | -17/+6 | |
Andrew Bartlett | |||||
2010-12-10 | s3-winbind Don't send the LM password to the server, ever | Andrew Bartlett | 1 | -11/+1 | |
This is for the case where we have the plaintext password locally, and can construct the challenge-response values here. We should never ever use the LM password in domain authentication. The last domain controller to only have LM passwords stored was NT 3.5. Andrew Bartlett | |||||
2010-11-27 | s3: Return the correct result from winbindd_dual_auth_passdb | Volker Lendecke | 1 | -2/+3 | |
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_auth_data | Volker Lendecke | 1 | -13/+14 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Nov 17 12:02:34 UTC 2010 on sn-devel-104 | |||||
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_info3_as_txt | Volker Lendecke | 1 | -28/+29 | |
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_afs_token | Volker Lendecke | 1 | -8/+6 | |
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_info3_as_ndr | Volker Lendecke | 1 | -4/+5 | |
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_unix_username | Volker Lendecke | 1 | -6/+6 | |
2010-11-17 | s3: Remove a reference to "winbindd_cli_state" from append_auth_data | Volker Lendecke | 1 | -11/+11 | |
2010-10-14 | s3-auth Use security_token_debug() from common code | Andrew Bartlett | 1 | -1/+1 | |
This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-10-12 | libcli/security Provide a common, top level libcli/security/security.h | Andrew Bartlett | 1 | -1/+1 | |
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104 | |||||
2010-09-12 | s3: Remove a nesting level in winbindd_dual_pam_chauthtok | Volker Lendecke | 1 | -18/+19 | |
2010-09-11 | s3-auth Change struct nt_user_token -> struct security_token | Andrew Bartlett | 1 | -2/+2 | |
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-auth Change type of num_sids to uint32_t | Andrew Bartlett | 1 | -1/+1 | |
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3: Simplify the logic in generate_krb5_ccache | Volker Lendecke | 1 | -51/+28 | |
gd, jra, others, please check! | |||||
2010-09-10 | s3: Simplify generate_krb5_ccache slightly | Volker Lendecke | 1 | -4/+0 | |
strequal deals with a NULL string input just fine | |||||
2010-09-09 | s3: These assignments are overwritten immediately | Volker Lendecke | 1 | -4/+0 | |
Dump them | |||||
2010-09-09 | s3: Remove "mem_ctx" from a few functions | Volker Lendecke | 1 | -5/+1 | |
2010-09-09 | s3: Remove "mem_ctx" from lookup_cached_name() | Volker Lendecke | 1 | -2/+1 | |
2010-09-09 | s3: Remove a nested if-statement | Volker Lendecke | 1 | -5/+3 | |
2010-09-09 | s3: Fill in workstation in winbindd_pam_auth_crap_send | Volker Lendecke | 1 | -6/+1 | |