summaryrefslogtreecommitdiff
path: root/source4/auth/session.h
AgeCommit message (Collapse)AuthorFilesLines
2011-02-22s4-auth Move libcli/security/session.c to the top levelAndrew Bartlett1-8/+1
This code is now useful in common, as the elements of the auth_session_info structure have now been defined in common IDL. Andrew Bartlett
2011-02-10libcli/named_pipe_auth Change from 'info3' to auth_session_info_transportAndrew Bartlett1-0/+10
This changes the structure being used to convey the current user state from the netlogon-derived 'netr_SamInfo3' structure to a purpose-built structure that matches the internals of the Samba auth subsystem and contains the final group list, as well as the final privilege set and session key. These previously had to be re-created on the server side of the pipe each time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-02-09s4-auth Rework auth subsystem to remove struct auth_serversupplied_infoAndrew Bartlett1-7/+9
This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett
2011-01-14s4-auth Add function to obtain any user's session_info from a given LDBAndrew Bartlett1-0/+14
This will be a building block for a tokenGroups test, which can compare against a remote server (in particular the rootDSE) against what we would calculate the tokenGroups to be. (this meant moving some parts out of the auth_sam code into the containing library) Andrew Bartlett
2010-12-21s4:auth/session.h - use a forward declaration for type "struct ldb_context"Matthias Dieter Wallnöfer1-1/+1
And remove the now obsolete one for "struct tevent_context" Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Dec 21 11:17:34 CET 2010 on sn-devel-104
2010-12-21s4-auth rework session_info handling not to require an auth contextAndrew Bartlett1-4/+3
This reverts a previous move to have this based around the auth subsystem, which just spread auth deps all over unrelated code. Andrew Bartlett
2010-08-18s4:auth Remove system_session_anon() from python bindingsAndrew Bartlett1-7/+0
2010-06-20Revert "Add old functionality back which was removed in commit 589a42e2."Wilco Baan Hofman1-6/+0
This reverts commit 94e3b4a0d8b714c101803886d60ae6c484740d2f. Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-20Add old functionality back which was removed in commit 589a42e2.Wilco Baan Hofman1-0/+6
Andrew, please review! Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-05-20s4:auth Change auth_generate_session_info to take flagsAndrew Bartlett1-0/+1
This allows us to control what groups should be added in what use cases, and in particular to more carefully control the introduction of the 'authenticated' group. In particular, in the 'service_named_pipe' protocol, we do not have control over the addition of the authenticated users group, so we key of 'is this user the anonymous SID'. This also takes more care to allocate the right length ptoken->sids Andrew Bartlett
2010-04-14s4:auth Change auth_generate_session_info to take an auth contextAndrew Bartlett1-5/+4
The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett
2010-04-11s4:auth Remove event context from anonymous_session()Andrew Bartlett1-2/+0
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell1-1/+1
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-09-09Added "admin_session" method.Nadezhda Ivanova1-0/+4
The purpose of admin_session is to be able to execute parts of provisioning as the user Administrator in order to have the correct group and owner in the security descriptors. To be used for provisioning and tests only.
2009-01-21s4:auth: move make_server_info_netlogon_validation() function arroundStefan Metzmacher1-5/+0
metze
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher1-4/+4
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-17s4: fix LIBEVENTS dependencies and use more forward declarationsStefan Metzmacher1-1/+2
We should only include events.h where we really need it and prefer forward declarations of 'struct event_context' metze
2008-06-16Fix buildSimo Sorce1-0/+1
(This used to be commit 220b58070239141158d796bd782d62cc36cd19db)
2008-04-24Add documentation to session token functions.Andrew Bartlett1-2/+12
(This used to be commit ec4a108d1d35cd4bb2170f1bb122546266b9b745)
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-0/+3
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-1/+23
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2007-12-24r26572: Fix warnings in the Python code.Jelmer Vernooij1-0/+1
(This used to be commit 15038d9586d0b58f301ca8c39c21ef10c4283f28)
2007-12-21r26127: Move session code out of auth_util.c. No longer making it part of ↵Jelmer Vernooij1-0/+33
auth but making it usable independently will be the next step. (This used to be commit b3fcb8e8103304fede865b02ca5169d5793a571d)