summaryrefslogtreecommitdiff
path: root/source4/auth/gensec/gensec.c
AgeCommit message (Collapse)AuthorFilesLines
2010-05-20s4:auth Change auth_generate_session_info to take flagsAndrew Bartlett1-1/+7
This allows us to control what groups should be added in what use cases, and in particular to more carefully control the introduction of the 'authenticated' group. In particular, in the 'service_named_pipe' protocol, we do not have control over the addition of the authenticated users group, so we key of 'is this user the anonymous SID'. This also takes more care to allocate the right length ptoken->sids Andrew Bartlett
2010-05-14s4:gensec expose gensec_set_target_principal for use outside GENSECAndrew Bartlett1-1/+1
This allows for the rare case where the caller knows the target principal. The check for lp_client_use_spnego_principal() is moved to the spengo code to make this work. Andrew Bartlett
2010-04-14s4:auth Change auth_generate_session_info to take an auth contextAndrew Bartlett1-1/+20
The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett
2010-02-13s4-auth: use TYPESAFE_QSORT() in gensecAndrew Tridgell1-1/+2
2009-12-24s4:gensec: change gensec_update_send/recv to tevent_reqStefan Metzmacher1-41/+76
metze
2009-12-16s4:gensec: allow clearing local and remote address by passing NULLStefan Metzmacher1-0/+10
metze
2009-12-16s4-gensec: Remove obsolete socket_address vars and fns.Andreas Schneider1-34/+0
2009-12-16s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.Andreas Schneider1-13/+0
2009-12-16s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.Andreas Schneider1-9/+0
2009-12-16s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.Andreas Schneider1-11/+0
2009-12-16s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.Andreas Schneider1-9/+0
2009-12-16s4-gensec: Added remote and local setter/getter using tsocket.Andreas Schneider1-3/+116
2009-10-20s4: ran minimal_includes.pl on source4/auth/gensecAndrew Tridgell1-2/+0
2009-09-26gensec: Avoid exposing lp_ctx on the API level.Jelmer Vernooij1-12/+10
2009-07-01gensec_start now steals the auth_contextAndrew Tridgell1-1/+3
2009-02-13Remove auth/ntlm as a dependency of GENSEC by means of function pointers.Andrew Bartlett1-13/+9
When starting GENSEC on the server, the auth subsystem context must be passed in, which now includes function pointers to the key elements. This should (when the other dependencies are fixed up) allow GENSEC to exist as a client or server library without bundling in too much of our server code. Andrew Bartlett
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher1-5/+5
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-11-02Fix the build.Jelmer Vernooij1-14/+37
2008-11-02Remove use of global_loadparm for disabled gensec backends.Jelmer Vernooij1-4/+20
2008-11-02Fix the build.Jelmer Vernooij1-2/+2
2008-11-02Add gensec_settings structure. This wraps loadparm_context for now, butJelmer Vernooij1-10/+19
should in the future only contain some settings required for gensec.
2008-10-06s4:gensec: pass down want_features to the spnego backend mechStefan Metzmacher1-1/+7
metze
2008-04-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3Jelmer Vernooij1-17/+5
Conflicts: source/Makefile source/auth/config.mk source/auth/gensec/config.mk source/build/m4/public.m4 source/build/make/python.mk source/build/make/rules.mk source/build/smb_build/header.pm source/build/smb_build/main.pl source/build/smb_build/makefile.pm source/dsdb/config.mk source/dsdb/samdb/ldb_modules/config.mk source/kdc/config.mk source/lib/events/config.mk source/lib/events/events.c source/lib/ldb/config.mk source/lib/nss_wrapper/config.mk source/lib/policy/config.mk source/lib/util/config.mk source/libcli/smb2/config.mk source/libnet/config.mk source/librpc/config.mk source/nbt_server/config.mk source/ntptr/ntptr_base.c source/ntvfs/posix/config.mk source/ntvfs/sysdep/config.mk source/param/config.mk source/rpc_server/config.mk source/rpc_server/service_rpc.c source/scripting/ejs/config.mk source/scripting/python/config.mk source/smb_server/config.mk source/smbd/server.c source/torture/config.mk source/torture/smb2/config.mk source/wrepl_server/config.mk (This used to be commit 13bbd420681519894a4036729c43273912c9b402)
2008-04-21Remove more event_context_init() uses from function calls within deep down ↵Simo Sorce1-17/+5
the code. Make sure we pass around the event_context where we need it instead. All test but a few python ones fail. Jelmer promised to fix them. (This used to be commit 3045d391626fba169aa26be52174883e18d323e9)
2008-04-14Remove prototypes from build.h in preparation of removing build.hJelmer Vernooij1-0/+6
altogether. (This used to be commit dbeab2a9cdee4e5f69afeb2603ba29cbed56debd)
2008-04-08Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3Jelmer Vernooij1-23/+24
Conflicts: source/auth/credentials/config.mk source/auth/gensec/config.mk source/build/smb_build/makefile.pm source/heimdal_build/config.mk source/lib/events/config.mk source/lib/nss_wrapper/config.mk source/lib/policy/config.mk source/lib/registry/config.mk source/lib/socket_wrapper/config.mk source/lib/tdb/config.mk source/lib/tls/config.mk source/lib/util/config.mk source/libcli/config.mk source/libcli/ldap/config.mk source/libnet/config.mk source/librpc/config.mk source/param/config.mk source/rpc_server/config.mk source/scripting/ejs/config.mk source/smbd/process_model.mk (This used to be commit 760378e0294dd0cd4523a83448328478632d7e3d)
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-23/+24
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2008-02-26Fix the build (again).Jelmer Vernooij1-0/+6
(This used to be commit ef00f6b5817107738dc44367838095896af4e77d)
2008-02-16Move responsibilities of build.h to makefile.Jelmer Vernooij1-1/+0
(This used to be commit a43f6d37bce85748e9cf2675e5beced5db26f1c3)
2007-12-24r26580: Include sentinel in build.h, in case the list is empty.Jelmer Vernooij1-1/+1
(This used to be commit f1997dabed584bdc864c4b7235c29603c312ef46)
2007-12-24r26576: Allow the static module loading code to be used for the Python modules.Jelmer Vernooij1-1/+1
Simplify the way module initialization functions are handled. (This used to be commit ba8be2dfc0de4434c798663336b81f7f95cde520)
2007-12-21r26260: Store loadparm context in gensec context.Jelmer Vernooij1-5/+10
(This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081)
2007-12-21r26258: Use loadparm context in client_start function of gensec.Jelmer Vernooij1-1/+1
(This used to be commit bad1891cae2c688b17a6a2b932e754f51291035c)
2007-12-21r26231: Spell check: credentails -> credentials.Jelmer Vernooij1-1/+1
(This used to be commit 4b46888bd0195ab12190f76868719fc018baafd6)
2007-12-21r26226: Avoid more uses of global_loadparm.Jelmer Vernooij1-2/+2
(This used to be commit 6cbce47a3eaef76a89db7cd0ab0d4f6441fc720d)
2007-10-10r25552: Convert to standard bool type.Jelmer Vernooij1-8/+8
(This used to be commit b8d6b82f1248d36a0aa91a1c58d06b4f7c66d245)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+1
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25430: Add the loadparm context to all parametric options.Jelmer Vernooij1-2/+2
(This used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)
2007-10-10r25428: forward declarations of enums are not portable,Stefan Metzmacher1-4/+7
so pass struct cli_credentials *cred instead of enum credentials_use_kerberos use_kerberos. metze (This used to be commit b945aaa9dadc4c0595340d35725b49bac8e5778e)
2007-10-10r25035: Fix some more warnings, use service pointer rather than service ↵Jelmer Vernooij1-2/+2
number in more places. (This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r24994: Fix some C++ warnings.Jelmer Vernooij1-1/+1
(This used to be commit 925abf74fa1ed5ae726bae8781ec549302786b39)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r20135: attach default gensec features to the cli_credentials structure,Stefan Metzmacher1-0/+2
so make it possible to force encryption or signing. metze (This used to be commit a91dc4a02a46370c52f59cbd4dea9580fa6efafa)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-0/+2
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19265: It is not an error to set the target hostname to NULL.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit c9c2e90e2e3937d05c58c681af187413b12d9220)
2007-10-10r18321: fixed some warnings on AIXAndrew Tridgell1-1/+1
(This used to be commit 449fab2c264aa50601f9a2d3310f1910ba97706b)
2007-10-10r18257: Order the GENSEC modules, with unknown modules last.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 8ae880b5019ab275fe0eca48120ab9e0fcca6293)
2007-10-10r18255: Remove the SMB_ASSERT(), as these are not talloc()'ed structures.Andrew Bartlett1-3/+0
Andrew Bartlett (This used to be commit 73fba185eba6b059d34790c95a30d49b296759f5)
2007-10-10r18253: Turn Cyrus-SASL DIGEST-MD5 off by default for now.Andrew Bartlett1-0/+9
Andrew Bartlett (This used to be commit 2da948cb6ecc75e2b4b97c770c8ba13b7f831d6e)