summaryrefslogtreecommitdiff
path: root/source4/auth
AgeCommit message (Collapse)AuthorFilesLines
2009-03-01Add allow_badcharcnv argument to all conversion function, forJelmer Vernooij1-1/+1
consistency with Samba 3.
2009-02-13Push sam_get_server_info_principal into the auth subsystemAndrew Bartlett8-63/+122
This means it must be accessed via the supplied auth_context in the GENSEC server, and should remove the hard depenceny of GENSEC on the auth subsystem and ldb (allowing LDB not to rely on LDB is considered a good thing, apparently) Andrew Bartlett
2009-02-13Remove auth/ntlm as a dependency of GENSEC by means of function pointers.Andrew Bartlett10-31/+136
When starting GENSEC on the server, the auth subsystem context must be passed in, which now includes function pointers to the key elements. This should (when the other dependencies are fixed up) allow GENSEC to exist as a client or server library without bundling in too much of our server code. Andrew Bartlett
2009-02-05s4:auth/ntlm: fix c++ warningStefan Metzmacher1-1/+1
metze
2009-02-05s4:pyauth: fix compiler warningsStefan Metzmacher1-1/+1
metze
2009-02-05s4:pycredentials: fix compiler warningsStefan Metzmacher2-26/+25
metze
2009-02-02s4:auth/credentials: the python bindings don't use swig anymoreStefan Metzmacher1-4/+2
metze
2009-02-02s4:auth: the python bindings don't use swig anymoreStefan Metzmacher1-3/+2
metze
2009-02-02s4:auth/kerberos: s/private/private_dataStefan Metzmacher1-10/+10
metze
2009-02-02s4:auth/gensec: s/private/private_dataStefan Metzmacher1-10/+10
metze
2009-02-01Make schannel not depend on samdb anymore.Simo Sorce2-6/+61
2009-01-31s4:auth: try to fix the build on SolarisStefan Metzmacher1-0/+1
MAXHOSTNAMELEN comes in via system/network.h now. metze
2009-01-25Add prototypes required by samba-gtk.Jelmer Vernooij1-0/+9
2009-01-21s4:auth: move make_server_info_netlogon_validation() function arroundStefan Metzmacher5-147/+141
metze
2009-01-08Avoid using a utility header for Python replacements included in Samba,Jelmer Vernooij1-1/+5
since this will not be shipped with talloc/tdb/tevent/etc.
2009-01-07s3/s4 build: Fix Py_RETURN_NONE to work with python versions < 2.4Tim Prouty1-0/+1
2009-01-06py: Properly increase the reference counter of Py_None.Jelmer Vernooij1-6/+6
2009-01-03s4:auth/kerberos: convert to tevent_* apiStefan Metzmacher2-14/+13
metze
2009-01-03s4:socket: use a socket_wrapper aware function to auto close the fd event ↵Stefan Metzmacher1-4/+5
for sockets metze
2008-12-29s4:lib/tevent: rename structsStefan Metzmacher16-67/+67
list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-24Rename samba-socket -> samba_socket to fix a couple more compilerJelmer Vernooij2-2/+2
warnings.
2008-12-23Add missing includes, required for use of gensec by 3rd-partyMatthias Dieter Wallnöfer1-0/+3
applications.
2008-12-22s4: Always link in auth, as some of the core infrastructure depends on it.Jelmer Vernooij1-0/+1
2008-12-22Add header for pyparam.Jelmer Vernooij2-7/+2
2008-12-21Fix various Python-related bugs.Jelmer Vernooij1-1/+1
2008-12-21Include errors.i verbatim in security.i, as it's the only file still using it.Jelmer Vernooij1-4/+2
2008-12-21Convert credentials Python module to "manual" C - no SWIG used to generateJelmer Vernooij6-4719/+350
the C code.
2008-12-21Convert auth python module to "plain" C rather than using SWIG.Jelmer Vernooij6-3348/+131
2008-12-18s4:lib/socket: socket_connect_send() and socket_connect_ev() should only ↵Stefan Metzmacher1-2/+1
wrok with addresses metze
2008-12-17s4: fix LIBEVENTS dependencies and use more forward declarationsStefan Metzmacher2-1/+3
We should only include events.h where we really need it and prefer forward declarations of 'struct event_context' metze
2008-12-04s4:kdc: allow a trusted domain to get kerberos ticketsStefan Metzmacher3-7/+11
metze
2008-11-18s3/s4 build: Fix execinfo and sasl build error when the libs/headers are in ↵Tim Prouty1-1/+5
non-standard locations. These configure checks have the correct flags at configure time, so let's pass them through so they are used at compile time.
2008-11-02Fix the build.Jelmer Vernooij3-19/+43
2008-11-02Remove use of global_loadparm for disabled gensec backends.Jelmer Vernooij3-4/+25
2008-11-02Remove another use of global_loadparm.Jelmer Vernooij1-0/+1
Eventually, we should move some of these parameters into a separate struct (perhaps into smb_transport_options?), to avoid the long lists of parameters.
2008-11-02Fix the build.Jelmer Vernooij2-2/+3
2008-11-02Add gensec_settings structure. This wraps loadparm_context for now, butJelmer Vernooij9-77/+98
should in the future only contain some settings required for gensec.
2008-11-02Remove two debug parameters, not used anywhere.Jelmer Vernooij1-6/+2
Andrew, I was pretty sure these could be removed but if not, please let me know.
2008-11-02Remove another use of global_loadparm.Jelmer Vernooij1-0/+1
2008-11-01Remove unused argument iconv_convenience.Jelmer Vernooij4-8/+1
2008-11-01Remove use of lp_*() from ntlm_check.c.Jelmer Vernooij3-16/+18
2008-10-24Remove unused include param/param.h.Jelmer Vernooij3-3/+0
2008-10-24Remove iconv_convenience argument from convert_string{,talloc}() butJelmer Vernooij1-1/+1
make them wrappers around convert_string{,talloc}_convenience().
2008-10-24Eliminate another instance of global_loadparm.Jelmer Vernooij1-0/+2
2008-10-24Remove iconv_convenience parameter from simple string push/pullJelmer Vernooij5-14/+7
functions.
2008-10-20Make sure prototypes are always included, make some functions static andJelmer Vernooij14-16/+14
remove some unused functions.
2008-10-16Create a 'straight paper path' for UTF16 passwords.Andrew Bartlett1-1/+1
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
2008-10-15Remove unused variable.Jelmer Vernooij1-1/+0
2008-10-12Use common util_file code.Jelmer Vernooij1-1/+1
2008-10-12Use common strlist implementation in Samba 3 and Samba 4.Jelmer Vernooij1-1/+1