summaryrefslogtreecommitdiff
path: root/source4/auth/credentials
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett1-3/+1
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett6-6/+55
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19573: Move secrets.o into param/ (subsystems haven't been integrated yet).Jelmer Vernooij1-1/+1
(This used to be commit 8143de855c0b65346b2d8e59ecdb78952927de4a)
2007-10-10r17516: Change helper function names to make more clear what they are meant ↵Simo Sorce1-10/+10
to do (This used to be commit ad75cf869550af66119d0293503024d41d834e02)
2007-10-10r16218: If a connection is forced as 'anonymous', don't treat it asAndrew Bartlett1-2/+2
'authentication requested'... Andrew Bartlett (This used to be commit d5fc88c93697dbcab13b2356ef4e5d1d2a7d59eb)
2007-10-10r15853: started the process of removing the warnings now thatAndrew Tridgell1-8/+6
talloc_set_destructor() is type safe. The end result will be lots less use of void*, and less calls to talloc_get_type() (This used to be commit 6b4c085b862c0932b80b93e316396a53b993544c)
2007-10-10r15702: Fix typoJelmer Vernooij1-1/+1
(This used to be commit 26442023d12760828acd8b6e2a1dedeaf4e96958)
2007-10-10r15498: Initialise the callback_running field, and get the flag set/clear theAndrew Bartlett1-4/+5
right way around for all the callers. Andrew Bartlett (This used to be commit f9bcfb04aa3ec93eed7076dbb1fed50cf1edb424)
2007-10-10r15422: Fix issues with functions being called recursively in the credentialsJelmer Vernooij2-6/+27
callback code. (This used to be commit edf0701e877592695bd69124e528338c27f24efd)
2007-10-10r15421: Correct function comments.Andrew Bartlett1-4/+3
Andrew Bartlett (This used to be commit f9899277898ee7ef1118cbc49f5f277623ff7444)
2007-10-10r15420: Add a new function to print a the 'unparsed' string format for ↵Andrew Bartlett1-3/+37
usernames. This is used in the password prompt, and should be reversable by the parse string function. Also, don't look at the ccache, even for the guess code, if kerberos is disabled. Andrew Bartlett (This used to be commit 4c4b8e4b396ca44270a0456c732d3b9c3c34d69d)
2007-10-10r15415: Use Jelmer's new credentials 'wrong password' code to give the user 3Andrew Bartlett1-1/+3
attempts for the password, when talking to a remote CIFS server. Andrew Bartlett (This used to be commit 3a4ddc8f5978210ab3ad79f0332cee80a0d6e6c9)
2007-10-10r15414: Support retrying different username/password combinationsJelmer Vernooij2-1/+26
(This used to be commit 5de894fb8bac8efa5bff004dbfc2e8b386d4003b)
2007-10-10r15304: Fix smbd build, more updates on getting --enable-dso to build againJelmer Vernooij1-1/+1
(This used to be commit 3ef9326386ba1c210166302cbcf02d2ed3f19944)
2007-10-10r15297: Move create_security_token() to samdb as it requires SAMDB (and the ↵Jelmer Vernooij1-1/+1
rest of LIBSECURITY doesn't) Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal Some other dependency fixes (This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
2007-10-10r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacementJelmer Vernooij1-1/+1
for REQUIRED_SUBSYSTEMS. (This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
2007-10-10r14977: more IBM checker fixesAndrew Tridgell1-0/+1
(This used to be commit cd106509b664e9ca53419a62550b256b7e5bde3c)
2007-10-10r14837: fixed build errorAndrew Tridgell1-1/+2
(This used to be commit 23724bfd24b051c4096ac49c52c2cd31389340be)
2007-10-10r14701: Allow, with non-default options, NTLMSSP to access the LM session key,Andrew Bartlett1-1/+10
even when not sending the LM response. Needed to pass the test_session_key against Win2k3. Yes, I think this is a security flaw in the use of Win2k3-compatible NTLM. Andrew Bartlett (This used to be commit cb6c27b4f29878a6a904f798e228eea05cc658e1)
2007-10-10r14484: Install more headersJelmer Vernooij2-1/+4
(This used to be commit 430c6516d383bfd7f27287394bf8eef9f174b3e6)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij3-3/+3
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij2-3/+2
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij3-0/+6
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13960: Generate makefile rules for installing/removing shared modules.Jelmer Vernooij1-2/+2
(This used to be commit 2c746980328431ab04852dc668899e3eb042da99)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij3-0/+3
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13206: This patch finally re-adds a -k option that works reasonably.Andrew Bartlett5-87/+30
From here we can add tests to Samba for kerberos, forcing it on and off. In the process, I also remove the dependency of credentials on GENSEC. This also picks up on the idea of bringing 'set_boolean' into general code from jpeach's cifsdd patch. Andrew Bartlett (This used to be commit 1ac7976ea6e3ad6184c911de5df624c44e7c5228)
2007-10-10r13107: Follow the lead of Heimdal's kpasswdd and use the HDB (hdb-ldb in ourAndrew Bartlett2-19/+24
case) as the keytab. This avoids issues in replicated setups, as we will replicate the kpasswd key correctly (including from windows, which is why I care at the moment). Andrew Bartlett (This used to be commit 849500d1aa658817052423051b1f5d0b7a1db8e0)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-1/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12670: Make a couple of dependencies stricterJelmer Vernooij1-1/+1
Re-introduce and use the OUTPUT_TYPE property for MODULEs to force specific modules to always be included (This used to be commit f9eede3d40098eddc3618ee48f9253cdddb94a6f)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij2-2/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12592: Remove some useless dependenciesJelmer Vernooij1-1/+1
(This used to be commit ca8db1a0cd77682ac2c6dc4718f5d753a4fcc4db)
2007-10-10r12542: Move some more prototypes out to seperate headersJelmer Vernooij3-0/+4
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10r12498: Eliminate INIT_OBJ_FILES and ADD_OBJ_FILES. We were not usingJelmer Vernooij1-2/+2
the difference between these at all, and in the future the fact that INIT_OBJ_FILES include smb_build.h will be sufficient to have recompiles at the right time. (This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
2007-10-10r12411: Add 'net samdump keytab <keytab>'.Andrew Bartlett2-22/+9
This extracts a remote windows domain into a keytab, suitable for use in ethereal for kerberos decryption. For the moment, like net samdump and net samsync, the 'password server' smb.conf option must be set to the binding string for the server. eg: password server = ncacn_np:mypdc Andrew Bartlett (This used to be commit 272013438f53bb168f74e09eb70fc96112b84772)
2007-10-10r12310: Link simple bind support in our internal LDAP libs to LDB and theAndrew Bartlett2-0/+25
command line processing system. This is a little ugly at the moment, but works. What I cannot manage to get to work is the extraction and propogation of command line credentials into the js interface to ldb. Andrew Bartlett (This used to be commit f34ede763e7f80507d06224d114cf6b5ac7c8f7d)
2007-10-10r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldbAndrew Bartlett2-6/+37
backend. The idea is that every time we open an LDB, we can provide a session_info and/or credentials. This would allow any ldb to be remote to LDAP. We should also support provisioning to a authenticated ldap server. (They are separate so we can say authenticate as foo for remote, but here we just want a token of SYSTEM). Andrew Bartlett (This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
2007-10-10r12179: Allow our KDC to use LDAP to get to the backend database.Andrew Bartlett1-1/+46
To avoid a circular depenency, it is not allowed to use Krb5 as an authentication mechanism, so this must be removed from the list. An extension to the credentials system allows this function. Also remove proto.h use for any of the KDC, and use NTSTATUS returns in more places. Andrew Bartlett (This used to be commit 5f9dddd02c9c821675d2ccd07561a55edcd7f5b4)
2007-10-10r12065: fix compiler warningStefan Metzmacher1-1/+1
metze (This used to be commit c60bac5baa572a597ce6e1c2e3639be4c7daeefc)
2007-10-10r12061: Add missing file to previous commit. This provides a hook on which toAndrew Bartlett1-0/+31
attach a restriction on available GENSEC mechanisms. Andrew Bartlett (This used to be commit 8154f2421f828be65ee89f21ed7ac0f5e2132ca9)
2007-10-10r12060: Work towards allowing the credentials system to allow/deny certainAndrew Bartlett3-3/+8
GENSEC mechansims. This will allow a machine join to an NT4 domain to avoid even trying kerberos, or a sensitive operation to require it. Andrew Bartlett (This used to be commit 11c7a89e523f85afd728d5e5f03bb084dc620244)
2007-10-10r11995: A big kerberos-related update.Andrew Bartlett4-22/+314
This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links. (This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
2007-10-10r11452: Update Heimdal to current lorikeet, including removing the ccache sideAndrew Bartlett3-3/+113
of the gsskrb5_acquire_cred hack. Add support for delegated credentials into the auth and credentials subsystem, and specifically into gensec_gssapi. Add the CIFS NTVFS handler as a consumer of delegated credentials, when no user/domain/password is specified. Andrew Bartlett (This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
2007-10-10r11440: Actually check the right thing for 'is this a machine account' ↵Andrew Bartlett1-1/+1
(thanks metze). Andrew Bartlett (This used to be commit 848831a1559d6569359bd6fb4993ccbef6ad86d8)
2007-10-10r11401: A simple hack to have our central credentials system deny sending LMAndrew Bartlett4-0/+19
authentication for user@realm logins and machine account logins. This should avoid various protocol downgrade attacks. Andrew Bartlett (This used to be commit 76c2d204d0a1ec66d1ef3c935688c7571b051f46)
2007-10-10r11358: Ensure domains are always upper-case as well. Helps NTLMv2.Andrew Bartlett1-1/+4
Andrew Bartlett (This used to be commit 82527491b2212d34b676be1e26cc875ae2828e42)
2007-10-10r11313: TypoAndrew Bartlett1-1/+1
(This used to be commit 204185576c6a4df5e43e5a97cb13227407c09e6e)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-4/+4
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11220: Add the ability to handle the salt prinicpal as part of theAndrew Bartlett4-4/+20
credentials. This works with the setup/secrets.ldif change from the previous patch, and pretty much just re-invents the keytab. Needed for kpasswdd work. Andrew Bartlett (This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
2007-10-10r11209: We can't read the priorSecret unless we ask for it.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit ee9a93688d31d8da91b81e9b0f6fac3fa4894c13)
2007-10-10r11204: Allow us to read credentials from secrets.ldb without aAndrew Bartlett1-6/+2
secureChannelType (non machine join records). Andrew Bartlett (This used to be commit 3dddf497ccf246af435e6e2802d8f3745f2e4fd3)