summaryrefslogtreecommitdiff
path: root/source4/auth
AgeCommit message (Collapse)AuthorFilesLines
2010-11-25s4-tests: Modified bind.py to use samba.tests.delete_forceNadezhda Ivanova1-7/+2
2010-11-22Avoid the use of PyAPI_DATA, which is for internal Python API's.Arnaud Faucher1-2/+2
Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Mon Nov 22 00:52:56 CET 2010 on sn-devel-104
2010-11-17s4-gensec: zero the gssapi_stateAndrew Tridgell1-1/+1
this fixes a use of the target_principal before initialisation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-15s4-gensec Indicate if GENSEC is in client or server mode in the debugAndrew Bartlett1-2/+4
2010-11-15auth/ntlm: Use name consistent with other service names.Jelmer Vernooij1-1/+1
2010-11-15auth/gensec Handle incorrect username or password in Kerberos client codeAndrew Bartlett2-0/+3
Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Nov 15 02:09:40 UTC 2010 on sn-devel-104
2010-11-14s4-auth: fixed infinite loop in krb5 authAndrew Tridgell1-1/+1
we were continually trying the first address returned, instead of moving to the next address Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Nov 14 04:11:28 UTC 2010 on sn-devel-104
2010-11-14s4-auth: fixed crash in krb5 authAndrew Tridgell1-2/+1
remote_addr was used after free
2010-11-13s4-test: we need to import testtools before subunit/pythonAndrew Tridgell1-1/+1
subunit/python depends on testtools Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sat Nov 13 02:02:45 UTC 2010 on sn-devel-104
2010-11-11s4/test: Expand BindTestAnatoliy Atanasov1-20/+60
The test now binds with user@realm, domain\user, user dn, computer dn Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> Autobuild-Date: Thu Nov 11 16:15:30 UTC 2010 on sn-devel-104
2010-11-08s4-auth Supply more useful error messages on Kerberos failureAndrew Bartlett3-13/+28
The practice of returning only NT_STATUS_INVALID_PARAMETER hasn't helped our users to debug problems effectivly, and so we now return more errors and try and give a more useful debug message when then happen. Andrew Bartlett
2010-11-08s4-auth Fix typos in samba4 auth codeBrad Hards1-7/+7
2010-11-07credentials: Lowercase library name,Jelmer Vernooij5-20/+20
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
2010-11-07samdb: Lowercase library name.Jelmer Vernooij2-5/+5
2010-11-05s4-kerberos Mention the remote address we fail to contact the KDC onAndrew Bartlett1-1/+10
2010-11-05s4/auth: Add logon_parameters to authenticate_username_pwAnatoliy Atanasov2-8/+12
We need to be able to set the logon parameters in the same way as in the ntlm server so we can handle openldap simple authentication call correctly. Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org> Autobuild-Date: Fri Nov 5 06:32:43 UTC 2010 on sn-devel-104
2010-11-05s4/test: Added test for simple bind with machine accountAnatoliy Atanasov1-0/+116
Samba4 returns error on simple bind, when we do it using openldap simple_bind_s api.
2010-11-04s4-auth: unconditionally set previous_evAndrew Tridgell1-3/+1
we need the caller to know when the previous_ev was NULL Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-03s4:waf - fix the build on Gentoo platformsPhilip M. White1-2/+4
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-11-01s4-modules: get rid of the remaining static prototypes for modulesAndrew Tridgell2-18/+4
the waf build now generates the prototype declarations for us
2010-10-31s4-auth: added a dependency on com_errAndrew Tridgell1-1/+1
this helps with the gentoo build. The problem is that without the depenency, we don't add the cflags from the pkgconfig for com_err to the build of auth/gensec. That really reflects a more general problem with propogation of include dependencies, but this simple fix should be enough for now. Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Oct 31 13:13:33 UTC 2010 on sn-devel-104
2010-10-31s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij9-841/+0
The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-30s4-cmdline: make cmdline-credentials a private libraryAndrew Tridgell1-1/+1
2010-10-30s4-auth: make KERBEROS subsystem into authkrb5 private libraryAndrew Tridgell2-9/+10
this fixes some double linking. The name 'KERBEROS' was also a bit confusing, as it sounded like a base kerberos library, when it is in fact part of auth
2010-10-30s4-credentials: make a private library from CREDENTIALS subsystemAndrew Tridgell1-8/+9
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-27auth/credentials Give a sensible behaviour for resetting the krb5 contextAndrew Bartlett1-3/+8
This extra code isn't used at the moment, but I noticed the old API was rather supprising in it's behaviour, and might catch someone out at some later time. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Oct 27 05:24:22 UTC 2010 on sn-devel-104
2010-10-26talloc: change pytalloc-util to be a public library.Jelmer Vernooij3-3/+3
2010-10-26waf: Remove lib prefix from libraries manually.Jelmer Vernooij3-6/+6
2010-10-26s4: Drop duplicate 'lib' prefix for private libraries.Jelmer Vernooij4-4/+4
2010-10-24s4: Rename WBCLIENT to wbclient.Jelmer Vernooij1-1/+1
2010-10-24s4: Rename LIBSAMBA-* to libsamba-*Jelmer Vernooij3-5/+5
2010-10-24s4: Rename LIBSECURITY{_SESSION,} to libsecurity{_session,}Jelmer Vernooij3-7/+7
2010-10-23s4: Rename NSS_WRAPPER to nss_wrapper.Jelmer Vernooij1-1/+1
Only link to nss_wrapper when it is enabled. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
2010-10-23s4: Rename UID_WRAPPER to uid_wrapper.Jelmer Vernooij1-2/+2
Only link to uid_wrapper when it is enabled.
2010-10-23s4: Rename LIBEVENTS to libevents.Jelmer Vernooij1-1/+1
2010-10-21s4-waf: removed the XATTR and SASL aliasesAndrew Tridgell1-1/+1
these were hangovers from the old build system names Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-21s4-auth: make auth a private libraryAndrew Tridgell1-5/+6
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-19s4-auth Add DEBUG() for invalid DNs and errors expanding user groups.Andrew Bartlett1-0/+5
Against the OpenLDAP backend, I currently get failures. This makes it possible to debug those failures. Andrew Bartlett
2010-10-19s4-gensec Don't give more to sasl_encode() than it will permitAndrew Bartlett1-3/+10
We need to ask the library how much data to pass in at any time. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 19 08:37:45 UTC 2010 on sn-devel-104
2010-10-19s4-gensec Don't upgrade all DIGEST-MD5 connections to sealAndrew Bartlett1-12/+21
The issue here is that when props.max_ssf = UINT_MAX was always set, as was the maxbufsize, and the connection would always be upgraded, regardless of the callers wishes. Andrew Bartlett
2010-10-18s4:"util_ldb" - remove some really unused dependanciesMatthias Dieter Wallnöfer4-4/+2
2010-10-18s4-gensec: Add dependency on com_err to GENSEC_KRB5.Andreas Schneider1-1/+1
2010-10-17Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls ↵Matthias Dieter Wallnöfer5-3/+5
in "dsdb/common/util.c"" This reverts commit 8a2ce5c47cee499f90b125ebde83de5f9f1a9aa0. Jelmer pointed out that these are also in use by other LDB databases - not only SAMDB ones. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17s4:remove "util_ldb" submodule and integrate the three gendb_* calls in ↵Matthias Dieter Wallnöfer5-5/+3
"dsdb/common/util.c" They're only in use by SAMDB code. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-15s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", ↵Matthias Dieter Wallnöfer1-10/+10
"samdb_result_uint64" and "samdb_result_string" We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this reduces only code redundancies. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-12libcli/security Use common security.hAndrew Bartlett1-1/+1
This includes dom_sid.h and security_token.h and will be moved to the top level shortly. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 03:35:36 UTC 2010 on sn-devel-104
2010-10-12s4-credentials Allocate ldb result on correct memory contextAndrew Bartlett1-1/+1
2010-10-12libcli/security Add debug class to security_token_debug() et alAndrew Bartlett1-1/+1
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett
2010-10-11samdb_common, ntlm: Add missing dependency on libsamba-hostconfig.Jelmer Vernooij1-1/+1
2010-10-11s4-credentials Add explicit event context handling to Kerberos calls (only)Andrew Bartlett11-81/+183
By setting the event context to use for this operation (only) onto the krb5_context just before we call that operation, we can try and emulate the specification of an event context to the actual send_to_kdc() This eliminates the specification of an event context to many other cli_credentials calls, and the last use of event_context_find() Special care is taken to restore the event context in the event of nesting in the send_to_kdc function. Andrew Bartlett