summaryrefslogtreecommitdiff
path: root/source4/auth/credentials
AgeCommit message (Collapse)AuthorFilesLines
2007-12-21r26399: Use -O option for SWIG (less evil generated code).Jelmer Vernooij2-32/+53
(This used to be commit 3378b6a559272cb702b52966692bf423f67a2b41)
2007-12-21r26385: Integrate gensec-socket into gensec.Jelmer Vernooij1-0/+1
(This used to be commit 78bb444b4b73df9a84f8702814f9b30b32ffd885)
2007-12-21r26382: Remove more uses of global_loadparm.Jelmer Vernooij1-1/+1
(This used to be commit 6d4c59853481855c232e7cf97264a391f40af2b5)
2007-12-21r26323: Regenerated credentials SWIG.Jelmer Vernooij1-3/+1
(This used to be commit 0bd01aca00eab5f6801db03a5e6cd91ec0339bbb)
2007-12-21r26321: Fix python tests.Jelmer Vernooij1-2/+3
(This used to be commit f9bf02fd5ce76dfb08950dc4a016fa886f2f4dd5)
2007-12-21r26320: Clean up properly after error.Jelmer Vernooij2-3/+2
(This used to be commit 9fdfe1ad8c7b76e521a683b4afa7b324d15d55b5)
2007-12-21r26274: Some syntax fixes, remove more global_loadparm instances.Jelmer Vernooij2-3/+5
(This used to be commit 3809113d86dbd35b906356a05bb481a1e2bfe4b7)
2007-12-21r26272: Remove global_loadparm in some more places.Jelmer Vernooij1-2/+3
(This used to be commit 1ab76ecc5311fa863e5d04899b6f110899818f55)
2007-12-21r26271: Remove some more uses of global_loadparm.Jelmer Vernooij2-7/+12
(This used to be commit e9875fcd56de0748ed78d7e3c9cdb4919cd96d3c)
2007-12-21r26270: Require specifying the loadparm_context or NULL to ↵Jelmer Vernooij3-8/+27
cli_credentials_guess(). (This used to be commit e52710d6794a25ba697f8c26b43784226964f9cb)
2007-12-21r26269: Fix a couple more references to global_loadparm.Jelmer Vernooij1-1/+1
(This used to be commit 1cb849dfba21b9b5d00b20ba8201f0e142bfeb07)
2007-12-21r26248: Check in SWIG output so SWIG is not required when running out of svn.Jelmer Vernooij2-0/+4172
(This used to be commit 08501fbef38f81ce5ff4885a1696f9cb392fd631)
2007-12-21r26233: Pass loadparm context when creating krb5 contexts.Jelmer Vernooij1-7/+9
(This used to be commit 7780bf285fdfc30f89409d0436bad0d4b6de5cd4)
2007-12-21r26231: Spell check: credentails -> credentials.Jelmer Vernooij1-1/+1
(This used to be commit 4b46888bd0195ab12190f76868719fc018baafd6)
2007-12-21r26229: Set loadparm context as opaque pointer in ldb, remove more uses of ↵Jelmer Vernooij1-5/+6
global_loadparm. (This used to be commit 37d05fdc7b0e6b3211ba6ae56b1b5da30a6a392a)
2007-12-21r26205: Pass loadparm_context to secrets_db_connect() rather than using ↵Jelmer Vernooij2-2/+1
global context. (This used to be commit 5718b6cfee86ddfc9cf405c98c68ba848df4d9d7)
2007-12-21r26204: Binsings for some more functions.Jelmer Vernooij2-0/+12
(This used to be commit ab6be3086f7ad8c22e6f4805bccad5a04c0325f2)
2007-12-21r26069: Import python bindings for credentials.Jelmer Vernooij3-0/+181
(This used to be commit 97bb235cc8c2855a0903bbd9dee53f0e03c4adc0)
2007-12-21r26004: Add some simple credentials tests.Jelmer Vernooij1-0/+120
(This used to be commit e96c722cbfe30a4f9c1f843b48e8cf5b78aa13e7)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25703: Use less entropy by using the pointer value as a process-unique token.Andrew Bartlett1-10/+2
Andrew Bartlett (This used to be commit 3480dc71a9f969909b984855d546a1974593368f)
2007-10-10r25552: Convert to standard bool type.Jelmer Vernooij2-87/+87
(This used to be commit b8d6b82f1248d36a0aa91a1c58d06b4f7c66d245)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+1
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij2-7/+10
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25193: Update headers to easy use by external apps.Jelmer Vernooij1-0/+1
(This used to be commit 20b70fbb7af6b6759c3b8c8aa56e10944b32bfdf)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij2-0/+2
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r24730: Allow secrets entries to be for service principals.Andrew Bartlett1-6/+11
Andrew Bartlett (This used to be commit 7865d10a299a84ed42de4435b7e6400d56161ac5)
2007-10-10r24712: No longer expose the 'BOOL' data type in any interfaces.Jelmer Vernooij1-3/+3
(This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
2007-10-10r24282: Try to fix the occasional Samba4 crash in BASE-BENCH-READWRITE, asAndrew Bartlett1-4/+6
seen in particular on opi. This looked like a Heimdal problem, but I think it was simply that we didn't do a talloc_reference() to keep tabs on the memory we were using, and in between obtaining the pointer and using it, it was assigned to unrelated memory. Andrew Bartlett (This used to be commit a650ad8b37d58ba64458a33313714d1abfc4850b)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell6-18/+12
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23132: Resolve an issue where we would use the ccache after we free()ed it.Andrew Bartlett1-27/+34
The problem was, we would set the ccache, then invalidate it as we set details from it (like the principal name from the ccache). Instead, set the ccache onto the credentials structure after we are done processing it. Andrew Bartlett (This used to be commit d285bd927c604d930fc44cc84ef3321aa4ce9d9a)
2007-10-10r23063: Make sure to invalidate the ccache when we set aAndrew Bartlett3-6/+70
username/password/realm/etc from the command line. Also make sure it can't 'come back' from a later call to cli_credentials_guess(), buy setting a threshold. This should fix the issues with the build farm... Andrew Bartlett (This used to be commit 3b1dfb9306beb9f40d85d38cf6786ef161ec63f1)
2007-10-10r23034: Thanks to metze for providing some vital clues in the 'kerberos ccacheAndrew Bartlett1-2/+6
on credentials don't do anything' bug. The problem was simple, we didn't set the ccache as having been initialised, so we always created a new one. Andrew Bartlett (This used to be commit ec2014f08b0845bc8aa0e8e6713bc4b21f430811)
2007-10-10r22969: fix some more places where we could end up with more than one eventAndrew Tridgell3-1/+26
context. We now have an event context on the torture_context, and we can also get one from the cli_credentials structure (This used to be commit c0f65eb6562e13530337c23e3447a6aa6eb8fc17)
2007-10-10r22558: Move to a static list of enctypes to put into our keytab. In future,Andrew Bartlett1-4/+34
I'll allow this to be configured from the secrets.ldb, but it should fix some user issues. Andrew Bartlett (This used to be commit 0fd74ada220fb07d4ebe8c2d9b8ae50a387c2695)
2007-10-10r22387: see if this fixes the build on the aix1 hostsStefan Metzmacher1-1/+1
metze (This used to be commit fbf1b1bfa015e2126102d8eaf8861d779c21d969)
2007-10-10r22187: Test kerberos logins in the smbclient blackbox tests, including with aAndrew Bartlett1-0/+4
machine account. Andrew Bartlett (This used to be commit 16a2bb87a80ffb921f267492f453eb3457666315)
2007-10-10r22115: I don't like the DOMAIN environment variable. It really isn't a goodAndrew Bartlett1-4/+0
match for what we are using it for here. Andrew Bartlett (This used to be commit 305d1421efff3f01db1dce499568874965058e79)
2007-10-10r21736: Fix the smbclient test to do something more interesting with the lastAndrew Bartlett3-4/+5
few authentication tests. Now that the tests correctly 'fail', I was able to fix the credentials subsystem to honour USER and PASSWD. To get --machine-pass working, I needed ldb to always load it's static modules, so I put this in ldb_connect(). Andrew Bartlett (This used to be commit 3430d8c072407a1c33c32229095fc9db2142b6fa)
2007-10-10r21668: Add SMB_QFS_POSIX_WHOAMI to trans2.h so it's easy to find. AddJames Peach1-0/+15
convenience API to create an anonymous credential. Don't clobber cmdline_credentials in the UNIX-WHOAMI test. (This used to be commit 73cea4e0c66f57057ed12b07bbb94b4e783ba6bf)
2007-10-10r21451: if kerberos is requested ( -k yes ), we should use authentificated ↵Stefan Metzmacher1-0/+5
connections metze (This used to be commit 426238eb45f0cc41d99961ac554c2528fd8e96f5)
2007-10-10r21362: rename:Stefan Metzmacher1-2/+2
"ntPwdHash" => "unicodePwd" "lmPwdHash" => "dBCSPwd" "sambaLMPwdHistory" => "lmPwdHistory" "sambaNTPwdHistory" => "ntPwdHistory" Note: you need to reprovision after this change! metze (This used to be commit dc4242c09c0402cbfdba912f82892df3153456ad)
2007-10-10r21314: add more usefull debug outputStefan Metzmacher1-6/+6
metze (This used to be commit a246e4bbaaab6f98f50a3c28b47d2c541af7b44a)
2007-10-10r21142: fix compiler warningsStefan Metzmacher1-0/+1
metze (This used to be commit 1f8a037ac4f592d29f7d66e1f924efe1c5d8c2b0)
2007-10-10r21135: Instead of having hooks to update keytabs as an explicit thing, updateAndrew Bartlett2-75/+18
them as a hook on ldb modify, via a module. This should allow the secrets.ldb to be edited by the admin, and to have things update in the on-disk keytab just as an in-memory keytab would. This isn't really a dsdb plugin, but I don't have any other good ideas about where to put it. Andrew Bartlett (This used to be commit 6ce557a1aff4754d2622be8f1c6695d9ee788d54)
2007-10-10r20135: attach default gensec features to the cli_credentials structure,Stefan Metzmacher2-0/+14
so make it possible to force encryption or signing. metze (This used to be commit a91dc4a02a46370c52f59cbd4dea9580fa6efafa)
2007-10-10r19832: better prototypes for the linearization functions:Simo Sorce1-1/+1
- ldb_dn_get_linearized returns a const string - ldb_dn_alloc_linearized allocs astring with the linearized dn (This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
2007-10-10r19831: Big ldb_dn optimization and interfaces enhancement patchSimo Sorce1-1/+1
This patch changes a lot of the code in ldb_dn.c, and also removes and add a number of manipulation functions around. The aim is to avoid validating a dn if not necessary as the validation code is necessarily slow. This is mainly to speed up internal operations where input is not user generated and so we can assume the DNs need no validation. The code is designed to keep the data as a string if possible. The code is not yet 100% perfect, but pass all the tests so far. A memleak is certainly present, I'll work on that next. Simo. (This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
2007-10-10r19676: Fix some more dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
2007-10-10r19670: Reduce the number of unresolved symbols when building with shared ↵Jelmer Vernooij1-1/+1
libraries. (This used to be commit 4422031d1d9307539832cee165c5071ff12943e7)