Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-05-18 | s3: Remove use of iconv_convenience. | Jelmer Vernooij | 1 | -1/+0 | |
2010-05-18 | Finish removal of iconv_convenience in public API's. | Jelmer Vernooij | 8 | -45/+15 | |
2010-05-18 | s4:credentials Add in tracking of the password last set time | Andrew Bartlett | 3 | -1/+33 | |
We perhaps need a more general API here, but for now extend the credentials API to return the password last changed time that the s3compat layer will need. Andrew Bartlett | |||||
2010-05-18 | s4:auth Make it clear to the callers the talloc lifetime. | Andrew Bartlett | 1 | -0/+2 | |
In other times, we might have used talloc_reference here, but this isn't used as much these days. Andrew Bartlett | |||||
2010-05-14 | s4:gensec expose gensec_set_target_principal for use outside GENSEC | Andrew Bartlett | 4 | -3/+8 | |
This allows for the rare case where the caller knows the target principal. The check for lp_client_use_spnego_principal() is moved to the spengo code to make this work. Andrew Bartlett | |||||
2010-05-14 | s4:credentials Allow setting of an empty Kerberos CCACHE | Andrew Bartlett | 1 | -18/+12 | |
This allows us to tell the credentials code where we want the credentials put. Andrew Bartlett | |||||
2010-05-02 | s4:credentials Make the CCACHE in credentials depend on the things that built it | Andrew Bartlett | 8 | -41/+132 | |
This means that we consider the ccache only as reliable as the least specified of the inputs we used. This means that we will regenerate the ccache if any of the inputs change. Andrew Bartlett | |||||
2010-04-27 | s4:gensec Use a different form of 'name' in GSSAPI import_name() | Andrew Bartlett | 1 | -3/+3 | |
The idea here is to make it not dependent on the system's default realm. Andrew Bartlett | |||||
2010-04-27 | s4:kerberos Give a better error message than "Could not allocate memory" | Andrew Bartlett | 1 | -3/+3 | |
Andrew Bartlett | |||||
2010-04-20 | pytalloc: ensure talloc_ctx is directly after PyObject_HEAD | Andrew Tridgell | 1 | -1/+1 | |
the talloc python interface for tp_alloc and tp_dealloc relies on a cast to a py_talloc_Object to find the talloc_ctx (see py_talloc_dealloc). This means we rely on the talloc_ctx for the object being directly after the PyObject_HEAD This fixes the talloc free with references bug in samba_dnsupdate The actual problem was the tp_alloc() call in PyCredentialCacheContainer_from_ccache_container() which used a cast from a py_talloc_Object to a PyCredentialCacheContainerObject. That case effectively changed the parent/child relationship between the talloc_ctx and the ccc ptr. This patch changes all the structures that follow this pattern to put the TALLOC_CTX directly after the PyObject_HEAD, to ensure that if anyone else decides to do a dangerous cast like this that it won't cause the same sort of subtle breakage. Pair-Programmed-With: Rusty Russell <rusty@samba.org> | |||||
2010-04-19 | s4-python: PyErr_SetString() will crash on NULL strings | Andrew Tridgell | 1 | -1/+1 | |
use nt_errstr() when no error available | |||||
2010-04-14 | s4:auth Change auth_generate_session_info to take an auth context | Andrew Bartlett | 13 | -40/+71 | |
The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett | |||||
2010-04-14 | s4:auth Allow the simple 'struct auth_session_info' generator for all users | Andrew Bartlett | 1 | -3/+3 | |
This code isn't ideal, but it is better than needing to consult the main SamDB in things like a torture test. Andrew Bartlett | |||||
2010-04-12 | s4:auth/auth_sam_reply.c - fix counter types | Matthias Dieter Wallnöfer | 1 | -3/+3 | |
2010-04-12 | lib/replace/wscript: inline LIBREPLACE_EXT into 'replace' as the autoconf ↵ | Stefan Metzmacher | 1 | -1/+1 | |
system does metze | |||||
2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 4 | -120/+117 | |
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
2010-04-10 | s4:credentials Add the functions needed to do S4U2Self with cli_credentials | Andrew Bartlett | 6 | -50/+208 | |
A torture test to demonstrate will be added soon. Andrew Bartlett | |||||
2010-04-10 | s4:credentials talloc_free() any previous salt_principal | Andrew Bartlett | 2 | -1/+2 | |
This isn't used often, but it is generally better not to leak it onto what may be a longer-term context. Andrew Bartlett | |||||
2010-04-08 | pynet: Create a net class. | Jelmer Vernooij | 3 | -10/+22 | |
2010-04-06 | s4:auth/ntlm/auth_developer.c - "fixed_challenge_get_challenge" - fix the ↵ | Matthias Dieter Wallnöfer | 1 | -5/+2 | |
assignment of the challenge This is a string buffer and not a DATA_BLOB. | |||||
2010-04-06 | s4-python: Move set_session_info to PySambaLdb. | Jelmer Vernooij | 2 | -2/+2 | |
2010-04-06 | s4-waf: move to a universal method of recursing into subdirs | Andrew Tridgell | 1 | -5/+5 | |
This works with both standalone lib builds and bundled builds | |||||
2010-04-06 | s4-waf: removed the AUTOGENERATED markers | Andrew Tridgell | 4 | -15/+0 | |
we won't be using the mk -> wscript generator again | |||||
2010-04-06 | s4-waf: more dependencies on talloc | Andrew Tridgell | 2 | -1/+3 | |
these are needed so we can support a system talloc without using the bundled talloc.h | |||||
2010-04-06 | s4-waf: fixed some deps now we don't auto-include tevent and replace | Andrew Tridgell | 1 | -1/+1 | |
this is preparation for being able to use system versions of these libraries | |||||
2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 7 | -0/+14 | |
them | |||||
2010-04-06 | s4-waf: enable the pc_files in the build rules | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | s4-waf: install the rest of the headers | Andrew Tridgell | 1 | -0/+1 | |
2010-04-06 | s4-waf: remove the need for some of the lib aliases | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | build: check libc first for several libraries | Andrew Tridgell | 1 | -1/+1 | |
2010-04-06 | build: fixed the build without sasl libraries | Andrew Tridgell | 2 | -4/+5 | |
We need to only enable the cyrus_sasl module if we have sasl/sasl.h | |||||
2010-04-06 | build: waf quicktest nearly works | Andrew Tridgell | 4 | -12/+4 | |
Rewrote wafsamba using a new dependency handling system, and started adding the waf test code | |||||
2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 6 | -0/+223 | |
2010-04-06 | build: check for libsasl2 | Andrew Tridgell | 1 | -0/+4 | |
2010-04-06 | build: check for pam | Andrew Tridgell | 1 | -0/+2 | |
2010-04-05 | Revert "s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is ↵ | Matthias Dieter Wallnöfer | 1 | -5/+0 | |
available" This reverts commit 3e091a82167f51b7d9abf00755bede9354932c6b. This should be fixed through the new build system when it lands in "master". | |||||
2010-04-04 | s4-python: Remove convenience macro PyErr_SetStringError. | Jelmer Vernooij | 1 | -1/+1 | |
This macro assumed that all errors were runtime errors. | |||||
2010-03-30 | s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is available | Matthias Dieter Wallnöfer | 1 | -0/+5 | |
FreeBSD 7.2 needs this. | |||||
2010-03-29 | pytalloc: allow for using a system libtalloc-dev with pytalloc | Andrew Tridgell | 3 | -3/+3 | |
When we have a system talloc library, we still need to grab pytalloc.h from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise we'll get the in-tree talloc.h which may not be compatible with the system talloc.h So we need to give the path to pytalloc.h | |||||
2010-03-26 | s4:auth/credentials/credentials.c - initialise more content | Matthias Dieter Wallnöfer | 1 | -0/+3 | |
Now all data should be initialised | |||||
2010-03-26 | libutil: moved the networking defines to util_net.h | Andrew Tridgell | 2 | -0/+2 | |
These were causing thousands of warnings on solaris8 | |||||
2010-03-24 | s4:ntlmssp: move sign/seal states to a private ntlmssp_crypt_state union | Stefan Metzmacher | 2 | -76/+63 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: make use of dump_arc4_state() | Stefan Metzmacher | 1 | -8/+7 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: copy dump_arc4_state() from source3 | Stefan Metzmacher | 1 | -0/+6 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: avoid usage of calc_ntlmv2_key_talloc() | Stefan Metzmacher | 2 | -29/+10 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: make use of calc_ntlmv2_key() for seal keys | Stefan Metzmacher | 1 | -15/+16 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: add calc_ntlmv2_key() from source3 | Stefan Metzmacher | 1 | -0/+11 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: rename calc_ntlmv2_key => calc_ntlmv2_key_talloc | Stefan Metzmacher | 1 | -5/+5 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: inline ntlmssp_weakend_keys() | Stefan Metzmacher | 2 | -54/+41 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s4:ntlmssp: use a 'bool ok' helper variable to make the code more readable | Stefan Metzmacher | 1 | -6/+14 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> |