summaryrefslogtreecommitdiff
path: root/source4/auth/ntlm
AgeCommit message (Collapse)AuthorFilesLines
2011-08-08build: provide tevent-util as a public libraryAndrew Bartlett1-1/+1
This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced by generated PIDL output. Andrew Bartlett
2011-07-29s4-auth Fill in the remainder of the unix info in auth_session_infoAndrew Bartlett1-5/+7
Signed-off-by: Andrew Tridgell <tridge@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Jul 29 05:33:03 CEST 2011 on sn-devel-104
2011-07-29s4-auth Move conversion of security_token to unix_token to authAndrew Bartlett2-6/+25
This allows us to honour the AUTH_SESSION_INFO_UNIX_TOKEN flag. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20auth: Split out make_user_info_SamBaseInfo and add authenticated argumentAndrew Bartlett1-2/+5
This will allow the source3 auth code to call this without needing to double-parse the SIDs Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-06-11s4:auth/ntlm/auth_unix.c - remove unused variablesMatthias Dieter Wallnöfer1-2/+0
Relicts from commit 323c7445713d17989452b99bbb541248bb2388eb Reviewed-by: Jelmer
2011-06-09s4:auth/ntlm/auth.c - fix incompatible pointer type warningMatthias Dieter Wallnöfer1-2/+2
Reviewed-by: Tridge
2011-06-07s4-auth Move default auth methods back into auth.cAndrew Bartlett1-4/+6
This changes auth_methods_from_lp to no longer use the parametric options, and to cope with ROLE_DOMAIN_BDC and ROLE_DOMAIN_PDC. This will assist in calling the source4 auth subsystem with a source3 derived lp_ctx. Andrew Bartlett
2011-05-08s4-auth Rename auth -> auth4 to avoid conflict with s3 authAndrew Bartlett10-38/+38
2011-05-05s4-auth: removed the password combinations code in auth_unixAndrew Tridgell1-39/+4
this code never did anything due to a typo, and was untested. We should not be inluding a password cracker in Samba anyway. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu May 5 07:00:14 CEST 2011 on sn-devel-104
2011-05-03s4-messaging Rename messaging -> imessagingAndrew Bartlett2-3/+3
This avoid symbol and structure conflicts between Samba3 and Samba4, and chooses a less generic name. Andrew Bartlett
2011-03-19source4/auth/ntlm: Fix prototypes for all functions.Jelmer Vernooij7-0/+13
2011-03-04s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner1-24/+0
Guenther
2011-02-24build: moved libcli/auth/ntlmssp*.c into a common libcliauth.so libraryAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-18s4-auth: rename 'auth' subsystem to 'auth4'Andrew Tridgell3-20/+20
this prevents conflicts with the s3 auth modules. The auth modules in samba3 may appear in production smb.conf files, so it is preferable to rename the s4 modules for minimal disruption. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10ldb: use #include <ldb.h> for ldbAndrew Tridgell1-1/+1
thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-09s4-auth Rework auth subsystem to remove struct auth_serversupplied_infoAndrew Bartlett8-165/+180
This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett
2011-02-08pam: share pam errors in a common location.Günther Deschner4-166/+1
Guenther
2011-01-20s4-auth Remove special case for account_sid from auth_serversupplied_infoAndrew Bartlett3-21/+12
This makes everything reference a server_info->sids list, which is now a struct dom_sid *, not a struct dom_sid **. This is in keeping with the other sid lists in the security_token etc. In the process, I also tidy up the talloc tree (move more structures under their logical parents) and check for some possible overflows in situations with a pathological number of sids. Andrew Bartlett
2011-01-19s4-auth Allow NULL methods to be specified to auth_context_create_methods()Andrew Bartlett1-14/+3
This allows us to init an auth context that isn't going to do any NTLM authentication, but is used by other subsystems. Andrew Bartlett
2011-01-18s4-auth Extend python bindings to allow ldb and message to be specifiedAndrew Bartlett1-1/+1
This will allow for some more tokenGroups tests in future. Andrew Bartlett
2011-01-15s4:auth/ntlm/auth_sam.c - fix call to "get_server_info_principal"Matthias Dieter Wallnöfer1-7/+7
This should obviously point to the wrapper not the call itself. Found out by Tru64 host build warning. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Jan 15 18:05:59 CET 2011 on sn-devel-104
2011-01-14s4-auth Add function to obtain any user's session_info from a given LDBAndrew Bartlett1-79/+8
This will be a building block for a tokenGroups test, which can compare against a remote server (in particular the rootDSE) against what we would calculate the tokenGroups to be. (this meant moving some parts out of the auth_sam code into the containing library) Andrew Bartlett
2010-12-21s4-auth rework session_info handling not to require an auth contextAndrew Bartlett1-1/+14
This reverts a previous move to have this based around the auth subsystem, which just spread auth deps all over unrelated code. Andrew Bartlett
2010-11-15auth/ntlm: Use name consistent with other service names.Jelmer Vernooij1-1/+1
2010-11-07credentials: Lowercase library name,Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
2010-11-07samdb: Lowercase library name.Jelmer Vernooij1-2/+2
2010-11-05s4/auth: Add logon_parameters to authenticate_username_pwAnatoliy Atanasov1-1/+4
We need to be able to set the logon parameters in the same way as in the ntlm server so we can handle openldap simple authentication call correctly. Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org> Autobuild-Date: Fri Nov 5 06:32:43 UTC 2010 on sn-devel-104
2010-11-03s4:waf - fix the build on Gentoo platformsPhilip M. White1-2/+4
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-11-01s4-modules: get rid of the remaining static prototypes for modulesAndrew Tridgell1-7/+2
the waf build now generates the prototype declarations for us
2010-10-31s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij1-80/+0
The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-26waf: Remove lib prefix from libraries manually.Jelmer Vernooij1-3/+3
2010-10-26s4: Drop duplicate 'lib' prefix for private libraries.Jelmer Vernooij1-1/+1
2010-10-24s4: Rename WBCLIENT to wbclient.Jelmer Vernooij1-1/+1
2010-10-24s4: Rename LIBSAMBA-* to libsamba-*Jelmer Vernooij1-3/+3
2010-10-24s4: Rename LIBSECURITY{_SESSION,} to libsecurity{_session,}Jelmer Vernooij1-5/+5
2010-10-23s4: Rename NSS_WRAPPER to nss_wrapper.Jelmer Vernooij1-1/+1
Only link to nss_wrapper when it is enabled. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
2010-10-23s4: Rename UID_WRAPPER to uid_wrapper.Jelmer Vernooij1-2/+2
Only link to uid_wrapper when it is enabled.
2010-10-21s4-auth: make auth a private libraryAndrew Tridgell1-5/+6
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-18s4:"util_ldb" - remove some really unused dependanciesMatthias Dieter Wallnöfer1-1/+0
2010-10-17Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer1-0/+1
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer1-1/+0
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-12libcli/security Use common security.hAndrew Bartlett1-1/+1
This includes dom_sid.h and security_token.h and will be moved to the top level shortly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-11samdb_common, ntlm: Add missing dependency on libsamba-hostconfig.Jelmer Vernooij1-1/+1
2010-10-11credentials: Split up into several subsystems.Jelmer Vernooij1-1/+1
2010-10-10samdb: Add flags argument to samdb_connect().Jelmer Vernooij1-1/+1
2010-09-15s4-auth: allow multiple active auth backendsAndrew Tridgell1-35/+43
when we are an RODC we need to be able to allow multiple auth backends to process a single auth request. First the sam backend will try to authenticate, using locally stored passwords. If this backend can't find local passwords then it will try the winbind backend and authenticate via a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-rodc: add a trigger message for REPL_SECRET to auth_samAndrew Tridgell1-0/+52
when an RODC tries to authenticate against an account and the account has no password information it needs to send a message to the drepl server to tell it to try and replicate the secret information from a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-03s4:auth_winbind: use irpc_binding_handle_by_name()Stefan Metzmacher2-8/+8
metze
2010-09-03s4:auth_winbind: remove unused winbind_samba3 backendStefan Metzmacher2-122/+1
This uses the winbind protocol directly, which needs to be avoided! metze
2010-09-03s4:auth_winbind: fix segfault in winbind_check_password_wbclient()Stefan Metzmacher1-1/+5
We should only look at err if WBC_ERR_AUTH_ERROR is returned. metze