summaryrefslogtreecommitdiff
path: root/source4/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-02-16s4-dsdb: removed gendb_search_single_extended_dn()Andrew Tridgell1-2/+3
Use dsdb_search_one() instead, which allows for arbitrary controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()Andrew Tridgell1-4/+6
dsdb_find_dn_by_guid() now takes a struct GUID instead of a guid_string. All the callers in fact wanted a struct GUID, so we now avoid the extra conversion. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-13s4-auth: use TYPESAFE_QSORT() in gensecAndrew Tridgell1-1/+2
2010-02-12s4:auth/credentials/credentials.c - Initialise the "lm_response" and ↵Matthias Dieter Wallnöfer1-0/+5
"nt_response" structures In some cases those structures are not initialised and the whole authentication system crashes with a SIGSEGV. Bug discovered by Matthieu Patou in bug #6755.
2010-02-09s4:Remove "Py_RETURN_NONE" compatibility codeMatthias Dieter Wallnöfer2-8/+0
This was needed only by Python 2.3 which we no longer support.
2010-01-31s4:kdc streamline context initializationSimo Sorce2-37/+58
Allow other plugins to init the context without having it try to grab sockets or set samba specific logging.
2010-01-29s4:auth_sam: avoid usage of data_blob_talloc_reference() and copy the ↵Stefan Metzmacher1-4/+14
session keys metze
2010-01-28cleanup: remove trailing spaces and tabsSimo Sorce1-37/+37
2010-01-21s4: Fix a few warnings.Jelmer Vernooij1-0/+1
2010-01-16s4-kerberos: raise the general kerberos debug level to 3Andrew Tridgell1-1/+1
level 2 for every krb request is a bit much
2010-01-12Strip trailing spacesSimo Sorce2-82/+82
2009-12-29s4:ntlmssp: remove mem_ctx from check_password() callback to match s3Stefan Metzmacher2-5/+2
metze
2009-12-29s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if ↵Stefan Metzmacher1-5/+11
it's a noop metze
2009-12-29s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()Stefan Metzmacher1-13/+7
metze
2009-12-29s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()Stefan Metzmacher1-16/+8
metze
2009-12-29s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()Stefan Metzmacher1-3/+1
metze
2009-12-29s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()Stefan Metzmacher1-4/+6
metze
2009-12-29s4:ntlmssp_server: remove unused variableStefan Metzmacher1-7/+0
metze
2009-12-29s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack bufferStefan Metzmacher2-13/+13
metze
2009-12-29dsdb: Fix dependencies when building against system ldb.Jelmer Vernooij1-1/+1
2009-12-29s4:auth: add auth_get_server_info_principal() prototype to auth.hStefan Metzmacher1-0/+5
metze
2009-12-29s4:auth: make auth_challenge_may_be_modified() publicStefan Metzmacher2-2/+2
metze
2009-12-29s4:auth: remove autogenerated auth/ntlm/auth_proto.hStefan Metzmacher1-50/+0
metze
2009-12-29s4:ntlmssp: fix whitespaces in ntlmssp.hStefan Metzmacher1-16/+16
metze
2009-12-24s4:auth: change auth_check_password_send/recv to tevent_reqStefan Metzmacher3-113/+143
metze
2009-12-24s4:gensec: change gensec_update_send/recv to tevent_reqStefan Metzmacher3-58/+83
metze
2009-12-22s4:gensec Don't give a warning when Windows client connects with NTLMAndrew Bartlett1-11/+20
We have had the workaround for a long time, but at the time the log warnings remained. Andrew Bartlett
2009-12-22s4:auth Change 'get_challenge' API to be more like Samba3Andrew Bartlett7-34/+31
It is just easier to fill in the known to be 8 byte challenge than stuff about with allocated pointers. Andrew Bartlett
2009-12-22s4:auth generate the prototype file in the right placeAndrew Bartlett1-1/+1
2009-12-16s4:gensec: allow clearing local and remote address by passing NULLStefan Metzmacher1-0/+10
metze
2009-12-16s4-gensec: Remove obsolete socket_address vars and fns.Andreas Schneider2-35/+0
2009-12-16s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.Andreas Schneider8-32/+29
2009-12-16s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.Andreas Schneider2-11/+0
2009-12-16s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.Andreas Schneider3-23/+24
2009-12-16s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.Andreas Schneider2-10/+0
2009-12-16s4-gensec: Added remote and local setter/getter using tsocket.Andreas Schneider3-4/+127
2009-11-02s4:credentials Put the 'secrets.keytab' in the same directory as secrets.ldbAndrew Bartlett1-1/+3
This avoids trouble when the secrets.ldb is updated with ldbedit but an smb.conf is not specified. Andrew Bartlett
2009-10-24s4:gensec/schannel: remove unused talloc_reference() in schannel_update()Stefan Metzmacher1-1/+1
We never expose creds to the caller in schannel_update(). metze
2009-10-23s4-python: we need to include Python.h firstAndrew Tridgell2-2/+2
If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23s4:gensec Use an index on computerName in schannel.ldbAndrew Bartlett1-1/+4
2009-10-23s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()Andrew Tridgell1-1/+1
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-23s4-dsdb: create a static system_session contextAndrew Tridgell6-12/+27
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-20s4: ran minimal_includes.pl on source4/auth/gensecAndrew Tridgell6-12/+0
2009-10-20s4: ran minimal_includes.pl on source4/auth/ntlmsspAndrew Tridgell4-8/+0
2009-10-20s4: ran minimal_includes.pl on source4/auth/ntlmAndrew Tridgell6-14/+0
2009-10-16s4:auth - fixed problem reading bind DN from secrets databaseEndi S. Dewata2-0/+8
2009-10-16s4:auth_sam: Restructure tail in "authsam_get_server_info_principal" and fix ↵Matthias Dieter Wallnöfer1-3/+8
a memory leak
2009-10-15s4:ntlmssp server - use also here the new "lp_dnsdomain()" callMatthias Dieter Wallnöfer1-2/+1
2009-10-15s4:auth/credentials/credentials - fix uninitalised pointersMatthias Dieter Wallnöfer1-7/+35
This should fix bug #6755.
2009-10-14s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where neededMatthias Dieter Wallnöfer2-18/+9
For KERBEROS applications the realm should be upcase (function "lp_realm") but for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch implements the use of both in the right way.