Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-04-27 | s4:gensec Use a different form of 'name' in GSSAPI import_name() | Andrew Bartlett | 1 | -3/+3 | |
The idea here is to make it not dependent on the system's default realm. Andrew Bartlett | |||||
2010-04-27 | s4:kerberos Give a better error message than "Could not allocate memory" | Andrew Bartlett | 1 | -3/+3 | |
Andrew Bartlett | |||||
2010-04-20 | pytalloc: ensure talloc_ctx is directly after PyObject_HEAD | Andrew Tridgell | 1 | -1/+1 | |
the talloc python interface for tp_alloc and tp_dealloc relies on a cast to a py_talloc_Object to find the talloc_ctx (see py_talloc_dealloc). This means we rely on the talloc_ctx for the object being directly after the PyObject_HEAD This fixes the talloc free with references bug in samba_dnsupdate The actual problem was the tp_alloc() call in PyCredentialCacheContainer_from_ccache_container() which used a cast from a py_talloc_Object to a PyCredentialCacheContainerObject. That case effectively changed the parent/child relationship between the talloc_ctx and the ccc ptr. This patch changes all the structures that follow this pattern to put the TALLOC_CTX directly after the PyObject_HEAD, to ensure that if anyone else decides to do a dangerous cast like this that it won't cause the same sort of subtle breakage. Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-04-19 | s4-python: PyErr_SetString() will crash on NULL strings | Andrew Tridgell | 1 | -1/+1 | |
use nt_errstr() when no error available | |||||
2010-04-14 | s4:auth Change auth_generate_session_info to take an auth context | Andrew Bartlett | 13 | -40/+71 | |
The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett | |||||
2010-04-14 | s4:auth Allow the simple 'struct auth_session_info' generator for all users | Andrew Bartlett | 1 | -3/+3 | |
This code isn't ideal, but it is better than needing to consult the main SamDB in things like a torture test. Andrew Bartlett | |||||
2010-04-12 | s4:auth/auth_sam_reply.c - fix counter types | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
2010-04-12 | lib/replace/wscript: inline LIBREPLACE_EXT into 'replace' as the autoconf ↵ | Stefan Metzmacher | 1 | -1/+1 | |
system does metze | |||||
2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 4 | -120/+117 | |
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
2010-04-10 | s4:credentials Add the functions needed to do S4U2Self with cli_credentials | Andrew Bartlett | 6 | -50/+208 | |
A torture test to demonstrate will be added soon. Andrew Bartlett | |||||
2010-04-10 | s4:credentials talloc_free() any previous salt_principal | Andrew Bartlett | 2 | -1/+2 | |
This isn't used often, but it is generally better not to leak it onto what may be a longer-term context. Andrew Bartlett | |||||
2010-04-08 | pynet: Create a net class. | Jelmer Vernooij | 3 | -10/+22 | |
2010-04-06 | s4:auth/ntlm/auth_developer.c - "fixed_challenge_get_challenge" - fix the ↵ | Matthias Dieter Wallnöfer | 1 | -5/+2 | |
assignment of the challenge This is a string buffer and not a DATA_BLOB. | |||||
2010-04-06 | s4-python: Move set_session_info to PySambaLdb. | Jelmer Vernooij | 2 | -2/+2 | |
2010-04-06 | s4-waf: move to a universal method of recursing into subdirs | Andrew Tridgell | 1 | -5/+5 | |
This works with both standalone lib builds and bundled builds | |||||
2010-04-06 | s4-waf: removed the AUTOGENERATED markers | Andrew Tridgell | 4 | -15/+0 | |
we won't be using the mk -> wscript generator again | |||||
2010-04-06 | s4-waf: more dependencies on talloc | Andrew Tridgell | 2 | -1/+3 | |
these are needed so we can support a system talloc without using the bundled talloc.h | |||||
2010-04-06 | s4-waf: fixed some deps now we don't auto-include tevent and replace | Andrew Tridgell | 1 | -1/+1 | |
this is preparation for being able to use system versions of these libraries | |||||
2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 7 | -0/+14 | |
them | |||||
2010-04-06 | s4-waf: enable the pc_files in the build rules | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | s4-waf: install the rest of the headers | Andrew Tridgell | 1 | -0/+1 | |
2010-04-06 | s4-waf: remove the need for some of the lib aliases | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | build: check libc first for several libraries | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | build: fixed the build without sasl libraries | Andrew Tridgell | 2 | -4/+5 | |
We need to only enable the cyrus_sasl module if we have sasl/sasl.h | |||||
2010-04-06 | build: waf quicktest nearly works | Andrew Tridgell | 4 | -12/+4 | |
Rewrote wafsamba using a new dependency handling system, and started adding the waf test code | |||||
2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 6 | -0/+223 | |
2010-04-06 | build: check for libsasl2 | Andrew Tridgell | 1 | -0/+4 | |
2010-04-06 | build: check for pam | Andrew Tridgell | 1 | -0/+2 | |
2010-04-05 | Revert "s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is ↵ | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
available" This reverts commit 3e091a82167f51b7d9abf00755bede9354932c6b. This should be fixed through the new build system when it lands in "master". | |||||
2010-04-04 | s4-python: Remove convenience macro PyErr_SetStringError. | Jelmer Vernooij | 1 | -1/+1 | |
This macro assumed that all errors were runtime errors. | |||||
2010-03-30 | s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is available | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
FreeBSD 7.2 needs this. | |||||
2010-03-29 | pytalloc: allow for using a system libtalloc-dev with pytalloc | Andrew Tridgell | 3 | -3/+3 | |
When we have a system talloc library, we still need to grab pytalloc.h from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise we'll get the in-tree talloc.h which may not be compatible with the system talloc.h So we need to give the path to pytalloc.h | |||||
2010-03-26 | s4:auth/credentials/credentials.c - initialise more content | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
Now all data should be initialised | |||||
2010-03-26 | libutil: moved the networking defines to util_net.h | Andrew Tridgell | 2 | -0/+2 | |
These were causing thousands of warnings on solaris8 | |||||
2010-03-24 | s4:ntlmssp: move sign/seal states to a private ntlmssp_crypt_state union | Stefan Metzmacher | 2 | -76/+63 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: make use of dump_arc4_state() | Stefan Metzmacher | 1 | -8/+7 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: copy dump_arc4_state() from source3 | Stefan Metzmacher | 1 | -0/+6 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: avoid usage of calc_ntlmv2_key_talloc() | Stefan Metzmacher | 2 | -29/+10 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: make use of calc_ntlmv2_key() for seal keys | Stefan Metzmacher | 1 | -15/+16 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: add calc_ntlmv2_key() from source3 | Stefan Metzmacher | 1 | -0/+11 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: rename calc_ntlmv2_key => calc_ntlmv2_key_talloc | Stefan Metzmacher | 1 | -5/+5 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: inline ntlmssp_weakend_keys() | Stefan Metzmacher | 2 | -54/+41 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: use a 'bool ok' helper variable to make the code more readable | Stefan Metzmacher | 1 | -6/+14 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: fix some formating | Stefan Metzmacher | 1 | -74/+110 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: move doing_ntlm2 to ntlmssp_server_auth_state | Stefan Metzmacher | 2 | -4/+3 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: move NTLM2 session_nonce to ntlmssp_server_auth_state | Stefan Metzmacher | 2 | -8/+7 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: move encrypted_session_key to ntlmssp_server_auth_state | Stefan Metzmacher | 2 | -29/+19 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: keep a ntlmssp_server_auth_state to transport variables from ↵ | Stefan Metzmacher | 1 | -10/+23 | |
preauth to postauth hooks metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: remove unused server_multiple_authentications feature. | Stefan Metzmacher | 2 | -14/+1 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: rename gensec_ntlmssp_state => ntlmssp_state | Stefan Metzmacher | 5 | -352/+352 | |
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> |