summaryrefslogtreecommitdiff
path: root/source4/auth/auth.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r15298: Fix the build using a few hacks in the build system.Jelmer Vernooij1-0/+1
Recursive dependencies are now forbidden (the build system will bail out if there are any). I've split up auth_sam.c into auth_sam.c and sam.c. Andrew, please rename sam.c / move its contents to whatever/wherever you think suits best. (This used to be commit 6646384aaf3e7fa2aa798c3e564b94b0617ec4d0)
2007-10-10r14952: Make sure the auth subsystem gets initialized if a gensec module ↵Jelmer Vernooij1-2/+14
needs it. (This used to be commit ecf84248b48783fb0ccbeff4d37d930b21fb96df)
2007-10-10r14575: Move some path-related functions to libsamba-config so libsamba-utilJelmer Vernooij1-1/+1
doesn't have to depend on the lp_* functions. (This used to be commit f97df7d90a41b77a9edd2d6bdc47c27bf1b6bb07)
2007-10-10r13969: Make these names lowercase as well (just like they are now in the ↵Jelmer Vernooij1-1/+1
buildsystem) (This used to be commit 04c49e211fc4f80e03d9322b983bbde15baba640)
2007-10-10r13655: Use new name of build headerJelmer Vernooij1-1/+1
(This used to be commit bca0e8054f6d9c7adc9d92e0c30d4323f994c9e9)
2007-10-10r12499: Move smb_build.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit c92ace494f92084ddf178626cdf392d151043bc7)
2007-10-10r12494: Support loading modules from .so files for most subsystems.Jelmer Vernooij1-0/+8
We now use a different system for initializing the modules for a subsystem. Most subsystems now have an init function that looks something like this: init_module_fn static_init[] = STATIC_AUTH_MODULES; init_module_fn *shared_init = load_samba_modules(NULL, "auth"); run_init_functions(static_init); run_init_functions(shared_init); talloc_free(shared_init); I hope to eliminate the other init functions later on (the init_programname_subsystems; defines). (This used to be commit b6d2ad4ce0a91c4be790dd258820c492ff1787ea)
2007-10-10r8700: Propmted by tridge's need to do plaintext auth in ejs, rework theAndrew Bartlett1-13/+13
user_info strcture in auth/ This moves it to a pattern much like that found in ntvfs, with functions to migrate between PAIN, HASH and RESPONSE passwords. Instead of make_user_info*() functions, we simply fill in the control block in the callers, per recent dicussions on the lists. This removed a lot of data copies as well as error paths, as we can grab much of it with talloc. Andrew Bartlett (This used to be commit ecbd2235a3e2be937440fa1dc0aecc5a047eda88)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-2/+2
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r7633: this patch started as an attempt to make the dcerpc code use a givenAndrew Tridgell1-1/+14
event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-281/+122
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell1-2/+3
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r3876: fix compiler warningsStefan Metzmacher1-2/+2
metze (This used to be commit 9ad3837dbad6dbf5ee0122be2bbffac325ece9be)
2007-10-10r3737: - Get rid of the register_subsystem() and register_backend() functions.Jelmer Vernooij1-19/+1
- Re-disable tdbtool (it was building fine on my Debian box but other machines were having problems) (This used to be commit 0d7bb2c40b7a9ed59df3f8944133ea562697e814)
2007-10-10r3586: Fix some of the issues with the module init functions.Jelmer Vernooij1-14/+5
Both subsystems and modules can now have init functions, which can be specified in .mk files (INIT_FUNCTION = ...) The build system will define : - SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal - BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on This removes the hack with the "static bool Initialised = " and the "lazy_init" functions (This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-0/+1
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r3361: Allow Samba4 (I'm interested in ntlm_auth in particular) to useAndrew Bartlett1-0/+4
Samba3's winbind. This is also the start of domain membership code in Samba4, as we now (partially) parse the info3, and use it like Samba3 does. Andrew Bartlett (This used to be commit c1b7303c1c7d9fb815006c3bd2af20a0010d15a8)
2007-10-10r2648: - use a destructor on struct server_connection to simplify theAndrew Tridgell1-17/+14
connection termination cleanup, and to ensure that the event contexts are properly removed for every process model - gave auth_context the new talloc treatment, which removes another source of memory leaks. (This used to be commit 230e1cd777b0fba82dffcbd656cfa23c155d0560)
2007-10-10r1982: i is not initialised or usedAndrew Tridgell1-2/+1
(This used to be commit db4bc88f9aeaa59f08b9b447a8b2256c9c9c5fb0)
2007-10-10r1498: (merge from 3.0)Andrew Bartlett1-1/+1
Rework our random number generation system. On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). This also requires that we start the secrets subsystem, as that is where the reseed value is stored, for systems without /dev/urandom. In order to aviod identical streams in forked children, the random state is re-initialised after the fork(), at the same point were we do that to the tdbs. Andrew Bartlett (This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
2007-10-10r1486: commit the start of the generic server infastructureStefan Metzmacher1-0/+5
the idea is to have services as modules (smb, dcerpc, swat, ...) the process_model don't know about the service it self anymore. TODO: - the smbsrv should use the smbsrv_send function - the service subsystem init should be done like for other modules - we need to have a generic socket subsystem, which handle stream, datagram, and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server , or for smb or dcerpc or whatever to connect to a server wide auth service) - and other fixes... NOTE: process model pthread seems to be broken( but also before this patch!) metze (This used to be commit bbe5e00715ca4013ff0dbc345aa97adc6b5c2458)
2007-10-10r1292: Add const to the subsystem/module registration code.Andrew Bartlett1-2/+9
Add some 'multi init' code, until we get a better set of infrustructure. Andrew Bartlett (This used to be commit 982422b2d286335378531ae9523e74192340af3c)
2007-10-10r1067: fix compiler warningsStefan Metzmacher1-1/+1
metze (This used to be commit e5d338821e590c49947a18a5d5c361122571988d)
2007-10-10r1058: The start of work on the SamLogon call for NETLOGON.Andrew Bartlett1-3/+7
This starts to store information about the user in the server_info struct - like the account name, the full name etc. Also, continue to make the names of the structure elements in the logon reply more consistant with those in the SAMR pipe. Andrew Bartlett (This used to be commit 3ccd96bd945e0fd95e42c69ad8ff07055af2e62b)
2007-10-10r1019: Push the auth subsystem away from using typedef, and over to the 'allAndrew Bartlett1-6/+6
goodness and light' struct ;-) Break apart the auth subsystem's return strucutres, into the parts that a netlogon call cares about, and the parts that are for a local session. This is the 'struct session_info' and it will almost completly replace the current information stored on a vuid, but be generic to all login methods (RPC over TCP, for example). Andrew Bartlett (This used to be commit d199697014d9562f9439a30b950fda798c5ef419)
2007-10-10r961: convert 'uchar' to 'uint8_t'Stefan Metzmacher1-2/+2
metze (This used to be commit 9f914e4af99e18b469d4cf9d8b1514a2bd28ddec)
2007-10-10r890: convert samba4 to use [u]int8_t instead of [u]int8Stefan Metzmacher1-1/+1
metze (This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
2007-10-10r719: Follow the trend - remove more unused functions.Andrew Bartlett1-3/+0
Andrew Bartlett (This used to be commit 62eef851fd79b2739b93b4ed7829514a3dcbf1d0)
2007-10-10r614: Clean out the POSIX assumptions from the Samba4 auth subsystem.Andrew Bartlett1-6/+0
This removes the code that tried to lookup posix groups, as well as the code that was tied to the SAM_ACCOUNT. This should make auth_ldb much easier to write :-) Andrew Bartlett (This used to be commit e096ee2112adecaa69b6b3eb155a4e8f80dfc0f7)
2007-10-10r448: Fix 'auth' in Samba4, by making 'auth methods' a normal smb.confAndrew Bartlett1-41/+0
paramter, without special links to other variables. When we get 'server role' ideas back into Samba4, we can fix this properly. The default is: guest, sam_ignoredomain which is the expected behaviour for a stand-alone server. Andrew Bartlett (This used to be commit 56ebc4275fedc8141d43a4ae9a4f4f0e1eccaf49)
2007-10-10r443: Update Samba4 to the auth and NTLMSSP code from Samba3.Andrew Bartlett1-34/+43
Not all the auth code is merged - only those parts that are actually being used in Samba4. There is a lot more work to do in the NTLMSSP area, and I hope to develop that work here. There is a start on this here - splitting NTLMSSP into two parts that my operate in an async fashion (before and after the actual authentication) Andrew Bartlett (This used to be commit 5876c78806e6a6c44613a1354e8d564b427d0c9f)
2004-02-03- port AUTH and PASSDB subsystems to newStefan Metzmacher1-48/+126
SMB_SUBSYSTEM() scheme - some const fixes in ntvfs metze (This used to be commit af89a78123068767b1d134969c5651a0fd978b0d)
2003-12-12 * the RPC-ECHO pipe now works in smbd, as long as the data sizesAndrew Tridgell1-2/+1
don't cause fragmented pdus (I'll add fragments shortly) * change data_blob_talloc() to not zero memory when the 2nd argument is NULL. The zeroing just masks bugs, and can't even allow a DOS attack * modified pidl to ensure that [ref] arguments to the out side of functions are allocated when parsing the in side. This allows rpc backends to assume that [ref] variables are all setup. Doesn't work correctly for [ref] arrays yet * changed DLIST_ADD_END() to take the type instead of a tmp variable. This means you don't need to declare a silly tmp variable in the caller (This used to be commit 46e0a358198eeb9af1907ee2a29025d3ab23b6d1)
2003-10-30- a few portability fixes from Jim MyersAndrew Tridgell1-8/+8
- added SMBD_LISTEN_BACKLOG in local.h - added the beginnings of a ndr/rpc parsing framework for Samba4. It currently correctly parses security descriptors for the nttrans QUERY_SECDESC call, but I hope it will become a reasonable framework that an idl based generator can work to (This used to be commit 9bf904fc34f88e0581f93656e73d3c01ca96f761)
2003-08-13first public release of samba4 codeAndrew Tridgell1-0/+456
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)