Age | Commit message (Collapse) | Author | Files | Lines |
|
starts.
Andrew Bartlett
(This used to be commit 7dba525f5598199e89badbf15e0f5f09023c6cfa)
|
|
Andrew Bartlett
(This used to be commit 32d8a23d5499ef3d913240b5693b54eb2e78cd7d)
|
|
These values are used by SASL at a later time, and must remain valid.
Make the password callback actually return the password.
Andrew Bartlett
(This used to be commit 8e12f92bbe3aa878292169f4699502e241ef6c0b)
|
|
DIGEST-MD5 implemenation in particular.
However, I can't make this work: Cyrus-SASL isn't loading the mech...
Andrew Bartlett
(This used to be commit 0b193d28c896c9d212a536da7d87634543d971a5)
|
|
backend (if it chooses to implement it), or the GENSEC socket code.
This is to allow us to handle DIGEST-MD5 across to cyrus-sasl.
Andrew Bartlett
(This used to be commit 0a098006b431f4aa48632a27ca08e9adca8d9609)
|
|
to do
(This used to be commit ad75cf869550af66119d0293503024d41d834e02)
|
|
and add a private_data for the backends.
metze
(This used to be commit 015a65e00187e684b3e4d1f4ca07edb9f022f61b)
|
|
and gensec_server_start().
calling them with NULL for event context or messaging context
is no longer allowed!
metze
(This used to be commit 679ac74e71b111344f1097ab389c0b83a9247710)
|
|
(This used to be commit a2d614147663c4f9b80d6e383819e92ca45e013b)
|
|
metze
(This used to be commit c49e27d5d0289e3525f7f6197b031e7d300df81b)
|
|
- note this is still uses the sync update() hook of the gensec modules
but it allows me to fix the callers first
Later auth_check_password() will also get an async version,
so that we can later implement an async version of auth_winbind
using async IRPC to the winbind task.
metze
(This used to be commit d5638a4fafd1d60ccc4cd76e92a1b2b0093865a7)
|
|
without the agreement of the peer. This can cause problems, because
one side things sealing is disabled, while the other thinks it is
enabled.
Andrew Bartlett
(This used to be commit 68ddc4921f43252b3fba73e9d85cc38c359d599d)
|
|
routines to return an NTSTATUS. This should help track down errors.
Use a bit of talloc_steal and talloc_unlink to get the real socket to
be a child of the GENSEC or TLS socket.
Always return a new socket, even for the 'pass-though' case.
Andrew Bartlett
(This used to be commit 003e2ab93c87267ba28cd67bd85975bad62a8ea2)
|
|
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
|
|
to work (it broke it in the previous commit).
Andrew Bartlett
(This used to be commit e96638bc74f0752ce8af6626a04c92d48b917ffe)
|
|
and the maximum amount of user data that may be fitted into that.
This is used in the new SASL code, to correctly honour SASL buffer sizes.
Andrew Bartlett
(This used to be commit cbbe99d9c1f0262e67a495fb098cacc09fd78e05)
|
|
In particular, this removes one use of the LDB_DN_NULL_FAILED macro,
which was being used on more than DNs, had an embedded goto, and
confused the IBM checker.
In the password_hash code, ensure that sambaAttr is not, before
checking the number of values.
In GENSEC, note that this switch value can't occour. This seems to be
the only way to quiet both the IBM checker and gcc, as well as cope
with possibly invalid inputs.
Andrew Bartlet
(This used to be commit 3e58350ec2ab883795b1dd03ac46a3520cac67d0)
|
|
(This used to be commit c4b3c2b18c6df43c8a4808fab72bc45439ba9421)
|
|
client.
Andrew Bartlett
(This used to be commit ae2913898c983dcba69b5d0b89c428e450e9bf5f)
|
|
talloc_set_destructor() is type safe. The end result will be lots less
use of void*, and less calls to talloc_get_type()
(This used to be commit 6b4c085b862c0932b80b93e316396a53b993544c)
|
|
don't attribute the GSSAPI SASL mech to it.
Andrew Bartlett
(This used to be commit 23a4db28ed825bc8c45e5f704137a72386394f45)
|
|
this isn't supported, fallback to NTLM.
Also, where we get a failure as 'logon failure', try and do a '3
tries' for the password, like we already do for CIFS. (Incomplete:
needs a mapping between RPC errors and the logon failure NTSTATUS).
Because we don't yet support Kerberos sign/seal to win2k3 SP1 for
DCE/RPC, disable this (causing SPNEGO to negotiate NTLM) when kerberos
isn't demanded.
Andrew Bartlett
(This used to be commit b3212d1fb91b26c1d326a289560106dffe1d2e80)
|
|
(This used to be commit f2ca71f1229f4c20296895116c09bacbd6a53b55)
|
|
Andrew Bartlett
(This used to be commit d2832a849dd570a6cc1b49d8071735270b2fb83f)
|
|
(This used to be commit 3ef9326386ba1c210166302cbcf02d2ed3f19944)
|
|
Recursive dependencies are now forbidden (the build system
will bail out if there are any).
I've split up auth_sam.c into auth_sam.c and sam.c. Andrew,
please rename sam.c / move its contents to whatever/wherever you think suits
best.
(This used to be commit 6646384aaf3e7fa2aa798c3e564b94b0617ec4d0)
|
|
rest of LIBSECURITY doesn't)
Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal
Some other dependency fixes
(This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
|
|
for REQUIRED_SUBSYSTEMS.
(This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
|
|
needs it.
(This used to be commit ecf84248b48783fb0ccbeff4d37d930b21fb96df)
|
|
(This used to be commit 594215d1176b23596549fd4e4098d42ef41f7d0d)
|
|
that differs from the hostname the connect() uses.
In particular, this helps in running Kerberos tests in 'make test'.
Andrew Bartlett
(This used to be commit 78447333b0fc9450e18cd1d1c15df62acb5f0f36)
|
|
Andrew Bartlett
(This used to be commit 8f96f524bfde99667410ec98087831b9c14c66e5)
|
|
doesn't have to depend on the lp_* functions.
(This used to be commit f97df7d90a41b77a9edd2d6bdc47c27bf1b6bb07)
|
|
subsystems in case a library doesn't make sense.
(This used to be commit ed382873fd01457a53e0a1e1f5ba6753dfbc0646)
|
|
(This used to be commit 51b4270513752d2eafbe77f9de598de16ef84a1f)
|
|
(This used to be commit c74fc55831ca24819ae7f5e0920d0351e2b46a08)
|
|
(This used to be commit 4682bc5ce047d81586447b9df82c91ed1fe677cf)
|
|
(This used to be commit 430c6516d383bfd7f27287394bf8eef9f174b3e6)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 2ec2894f72b44ba4e400961921b65b03ad8742de)
|
|
(This used to be commit f4de155c94b89e586640d11992953a0d5fc0716d)
|
|
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
- VERSION: should contain the current version. Will be made part of the filename.
- SO_VERSION: should contain the latest version that this on is compatible to. Will be used for setting the soname of the shared library.
Fix sonames and use them on platforms that support them
Remove symlinking code. ldconfig will take care of creating the symlinks now
that we set the soname.
(This used to be commit 7871b07e21c85c63d0ecac4c31b98dc112d18af5)
|
|
metze
(This used to be commit af63ed9eb3a5af3e4eeb84c66397255ea90ea764)
|
|
it's ugly, but they're used in torture tests
I hope to find a better solution for this later...
metze
(This used to be commit be8874e9d3f1a022a42ccd1262dc5ce7bd5d1a91)
|
|
metze
(This used to be commit 91a3a0b795ebe73d29b69bb40ae9e67b40f90212)
|
|
buildsystem)
(This used to be commit 04c49e211fc4f80e03d9322b983bbde15baba640)
|
|
(This used to be commit 2c746980328431ab04852dc668899e3eb042da99)
|
|
(This used to be commit 2d655f05285a86bb1bbb882e4dd843def15c9dfa)
|