summaryrefslogtreecommitdiff
path: root/source4/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-04-05Revert "s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is ↵Matthias Dieter Wallnöfer1-5/+0
available" This reverts commit 3e091a82167f51b7d9abf00755bede9354932c6b. This should be fixed through the new build system when it lands in "master".
2010-04-04s4-python: Remove convenience macro PyErr_SetStringError.Jelmer Vernooij1-1/+1
This macro assumed that all errors were runtime errors.
2010-03-30s4:gensec_gssapi.c - make sure that "GSS_C_DELEG_POLICY_FLAG" is availableMatthias Dieter Wallnöfer1-0/+5
FreeBSD 7.2 needs this.
2010-03-29pytalloc: allow for using a system libtalloc-dev with pytallocAndrew Tridgell3-3/+3
When we have a system talloc library, we still need to grab pytalloc.h from lib/talloc. We don't want to just use -Ilib/talloc, as otherwise we'll get the in-tree talloc.h which may not be compatible with the system talloc.h So we need to give the path to pytalloc.h
2010-03-26s4:auth/credentials/credentials.c - initialise more contentMatthias Dieter Wallnöfer1-0/+3
Now all data should be initialised
2010-03-26libutil: moved the networking defines to util_net.hAndrew Tridgell2-0/+2
These were causing thousands of warnings on solaris8
2010-03-24s4:ntlmssp: move sign/seal states to a private ntlmssp_crypt_state unionStefan Metzmacher2-76/+63
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: make use of dump_arc4_state()Stefan Metzmacher1-8/+7
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: copy dump_arc4_state() from source3Stefan Metzmacher1-0/+6
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: avoid usage of calc_ntlmv2_key_talloc()Stefan Metzmacher2-29/+10
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: make use of calc_ntlmv2_key() for seal keysStefan Metzmacher1-15/+16
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: add calc_ntlmv2_key() from source3Stefan Metzmacher1-0/+11
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: rename calc_ntlmv2_key => calc_ntlmv2_key_tallocStefan Metzmacher1-5/+5
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: inline ntlmssp_weakend_keys()Stefan Metzmacher2-54/+41
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: use a 'bool ok' helper variable to make the code more readableStefan Metzmacher1-6/+14
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: fix some formatingStefan Metzmacher1-74/+110
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: move doing_ntlm2 to ntlmssp_server_auth_stateStefan Metzmacher2-4/+3
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: move NTLM2 session_nonce to ntlmssp_server_auth_stateStefan Metzmacher2-8/+7
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: move encrypted_session_key to ntlmssp_server_auth_stateStefan Metzmacher2-29/+19
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: keep a ntlmssp_server_auth_state to transport variables from ↵Stefan Metzmacher1-10/+23
preauth to postauth hooks metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: remove unused server_multiple_authentications feature.Stefan Metzmacher2-14/+1
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: rename gensec_ntlmssp_state => ntlmssp_stateStefan Metzmacher5-352/+352
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: split gensec_ntlmssp_unseal_packet() and ntlmssp_unseal_packet()Stefan Metzmacher1-17/+34
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: split gensec_ntlmssp_seal_packet() and ntlmssp_seal_packet()Stefan Metzmacher1-19/+37
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: split gensec_ntlmssp_check_packet() and ntlmssp_check_packet()Stefan Metzmacher1-13/+31
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: split gensec_ntlmssp_sign_packet() and ntlmssp_sign_packet()Stefan Metzmacher1-12/+27
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: make user a 'const char *' in (gensec_)ntlmssp_stateStefan Metzmacher1-1/+1
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: remove server_name from (gensec_)ntlmssp_state and fill the ↵Stefan Metzmacher2-2/+10
server.* fields also for the client Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: calculate server names at startup and store them in ↵Stefan Metzmacher2-26/+37
(gensec_)ntlmssp_state->server.* Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: replace server_role by a server.is_standalone in ↵Stefan Metzmacher2-4/+10
(gensec_)ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: remove more whitespaces...Stefan Metzmacher1-32/+32
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: add NTLMSSP_FEATURE_* flags from s3Stefan Metzmacher1-0/+6
metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: keep struct gensec_ntlmssp_context in gensec_security->private_dataStefan Metzmacher4-23/+62
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: remove gensec_security from (gensec_)ntlmssp_stateStefan Metzmacher3-5/+5
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: remove backend specifix stuff from (gensec_)ntlmssp_stateStefan Metzmacher2-22/+46
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: create a gensec_ntlmssp_context between gensec_security and ↵Stefan Metzmacher2-9/+20
ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: add definition of gensec_ntlmssp_contextStefan Metzmacher1-0/+7
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp: add a callback_private pointer to gensec_ntlmssp_stateStefan Metzmacher1-1/+6
We'll remove any gensec specific stuff from gensec_ntlmssp_state and rename it to ntlmssp_state again. Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24s4:ntlmssp Ensure that we always negotiate signing if we negotiate sealing.Andrew Bartlett1-0/+1
Without this, a sealed LDAP connection to windows does not work. Andrew Bartlett
2010-03-16s4:auth/kerberos/kerberos.c - fix also here a memory leakMatthias Dieter Wallnöfer1-0/+1
The options need to be freed also on this error case.
2010-03-11s4: Modify auth/config.m4 to move pam tests to nsswitch.m4 so that we tests ↵Matthieu Patou1-6/+1
things in one place Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-08s4-gensec: Fixed wrong usage of error_string.Andreas Schneider1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-03-04s4:auth/sam.c - change base context for the "tmp_ctx" context in ↵Matthias Dieter Wallnöfer1-1/+1
"authsam_expand_nested_groups" Better use the "res_sids_ctx" as base context for the "tmp_ctx" and not the long-living "sam_ctx"/"ldb" context to prevent memory leaks.
2010-03-04s4:sam.c - make "authsam_expand_nested_groups" publicMatthias Dieter Wallnöfer2-1/+7
This is needed by the "tokenGroups" work in the operational LDB module.
2010-03-04s4:sam.c - cosmetic indentation fixMatthias Dieter Wallnöfer1-2/+1
2010-03-04s4:sam.c - change variable types to unsigned in "sids_contains_sid"Matthias Dieter Wallnöfer1-3/+4
Should also be unsigned - no need for a signed "i" and "num_sids" here.
2010-03-03Fix typo in comments.Karolin Seeger1-2/+2
2010-02-26s4:python Add bindings to set GENSEC flags on credentials in pythonAndrew Bartlett2-0/+32
This should allow these to be manipulated by python scripts that need encrypted connections. Andrew Bartlett
2010-02-26s4-krb5: propogate errors from a lot more kerberos functionsAndrew Tridgell10-99/+148
We need to be able to give sensible error messages when a kerberos calls fails. This propogates the kerberos error up the stack to the caller. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:auth - make some parts "signed-safe"Matthias Dieter Wallnöfer2-7/+8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>