samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-02-25	s4:auth - make some parts "signed-safe"	Matthias Dieter Wallnöfer	2	-7/+8
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-23	s4:cleanup remove unused schannel ldb code	Simo Sorce	1	-67/+0

2010-02-23	s4:schannel merge code with s3	Simo Sorce	2	-22/+5
	After looking at the s4 side of the (s)channel :) I found out that it makes more sense to simply make it use the tdb based code than redo the same changes done to s3 to simplify the interface. Ldb is slow, to the point it needs haks to pre-open the db to speed it up, yet that does not solve the lookup speed, with ldb it is always going to be slower. Looking through the history it is evident that the schannel database doesn't really need greate expanadability. And lookups are always done with a single Key. This seem a perfet fit for tdb while ldb looks unnecessarily complicated. The schannel database is not really a persistent one. It can be discared during an upgrade without causing any real issue. all it contains is temproary session data.
2010-02-22	Spelling fixes for source4/auth.	Brad Hards	2	-3/+3
	The comment for USER_INFO_INTERACTIVE_LOGON looks like a cut-n-paste from the line above. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-20	s4:credentials Add hooks to extract a named Kerberos credentials cache	Andrew Bartlett	5	-63/+162
	This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett
2010-02-16	s4-dsdb: removed gendb_search_single_extended_dn()	Andrew Tridgell	1	-2/+3
	Use dsdb_search_one() instead, which allows for arbitrary controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16	s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()	Andrew Tridgell	1	-4/+6
	dsdb_find_dn_by_guid() now takes a struct GUID instead of a guid_string. All the callers in fact wanted a struct GUID, so we now avoid the extra conversion. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-13	s4-auth: use TYPESAFE_QSORT() in gensec	Andrew Tridgell	1	-1/+2

2010-02-12	s4:auth/credentials/credentials.c - Initialise the "lm_response" and ↵	Matthias Dieter Wallnöfer	1	-0/+5
	"nt_response" structures In some cases those structures are not initialised and the whole authentication system crashes with a SIGSEGV. Bug discovered by Matthieu Patou in bug #6755.
2010-02-09	s4:Remove "Py_RETURN_NONE" compatibility code	Matthias Dieter Wallnöfer	2	-8/+0
	This was needed only by Python 2.3 which we no longer support.
2010-01-31	s4:kdc streamline context initialization	Simo Sorce	2	-37/+58
	Allow other plugins to init the context without having it try to grab sockets or set samba specific logging.
2010-01-29	s4:auth_sam: avoid usage of data_blob_talloc_reference() and copy the ↵	Stefan Metzmacher	1	-4/+14
	session keys metze
2010-01-28	cleanup: remove trailing spaces and tabs	Simo Sorce	1	-37/+37

2010-01-21	s4: Fix a few warnings.	Jelmer Vernooij	1	-0/+1

2010-01-16	s4-kerberos: raise the general kerberos debug level to 3	Andrew Tridgell	1	-1/+1
	level 2 for every krb request is a bit much
2010-01-12	Strip trailing spaces	Simo Sorce	2	-82/+82

2009-12-29	s4:ntlmssp: remove mem_ctx from check_password() callback to match s3	Stefan Metzmacher	2	-5/+2
	metze
2009-12-29	s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if ↵	Stefan Metzmacher	1	-5/+11
	it's a noop metze
2009-12-29	s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()	Stefan Metzmacher	1	-13/+7
	metze
2009-12-29	s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()	Stefan Metzmacher	1	-16/+8
	metze
2009-12-29	s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()	Stefan Metzmacher	1	-3/+1
	metze
2009-12-29	s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()	Stefan Metzmacher	1	-4/+6
	metze
2009-12-29	s4:ntlmssp_server: remove unused variable	Stefan Metzmacher	1	-7/+0
	metze
2009-12-29	s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer	Stefan Metzmacher	2	-13/+13
	metze
2009-12-29	dsdb: Fix dependencies when building against system ldb.	Jelmer Vernooij	1	-1/+1

2009-12-29	s4:auth: add auth_get_server_info_principal() prototype to auth.h	Stefan Metzmacher	1	-0/+5
	metze
2009-12-29	s4:auth: make auth_challenge_may_be_modified() public	Stefan Metzmacher	2	-2/+2
	metze
2009-12-29	s4:auth: remove autogenerated auth/ntlm/auth_proto.h	Stefan Metzmacher	1	-50/+0
	metze
2009-12-29	s4:ntlmssp: fix whitespaces in ntlmssp.h	Stefan Metzmacher	1	-16/+16
	metze
2009-12-24	s4:auth: change auth_check_password_send/recv to tevent_req	Stefan Metzmacher	3	-113/+143
	metze
2009-12-24	s4:gensec: change gensec_update_send/recv to tevent_req	Stefan Metzmacher	3	-58/+83
	metze
2009-12-22	s4:gensec Don't give a warning when Windows client connects with NTLM	Andrew Bartlett	1	-11/+20
	We have had the workaround for a long time, but at the time the log warnings remained. Andrew Bartlett
2009-12-22	s4:auth Change 'get_challenge' API to be more like Samba3	Andrew Bartlett	7	-34/+31
	It is just easier to fill in the known to be 8 byte challenge than stuff about with allocated pointers. Andrew Bartlett
2009-12-22	s4:auth generate the prototype file in the right place	Andrew Bartlett	1	-1/+1

2009-12-16	s4:gensec: allow clearing local and remote address by passing NULL	Stefan Metzmacher	1	-0/+10
	metze
2009-12-16	s4-gensec: Remove obsolete socket_address vars and fns.	Andreas Schneider	2	-35/+0

2009-12-16	s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.	Andreas Schneider	8	-32/+29

2009-12-16	s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.	Andreas Schneider	2	-11/+0

2009-12-16	s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.	Andreas Schneider	3	-23/+24

2009-12-16	s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.	Andreas Schneider	2	-10/+0

2009-12-16	s4-gensec: Added remote and local setter/getter using tsocket.	Andreas Schneider	3	-4/+127

2009-11-02	s4:credentials Put the 'secrets.keytab' in the same directory as secrets.ldb	Andrew Bartlett	1	-1/+3
	This avoids trouble when the secrets.ldb is updated with ldbedit but an smb.conf is not specified. Andrew Bartlett
2009-10-24	s4:gensec/schannel: remove unused talloc_reference() in schannel_update()	Stefan Metzmacher	1	-1/+1
	We never expose creds to the caller in schannel_update(). metze
2009-10-23	s4-python: we need to include Python.h first	Andrew Tridgell	2	-2/+2
	If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23	s4:gensec Use an index on computerName in schannel.ldb	Andrew Bartlett	1	-1/+4

2009-10-23	s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect()	Andrew Tridgell	1	-1/+1
	This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context.
2009-10-23	s4-dsdb: create a static system_session context	Andrew Tridgell	6	-12/+27
	This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap
2009-10-20	s4: ran minimal_includes.pl on source4/auth/gensec	Andrew Tridgell	6	-12/+0

2009-10-20	s4: ran minimal_includes.pl on source4/auth/ntlmssp	Andrew Tridgell	4	-8/+0

2009-10-20	s4: ran minimal_includes.pl on source4/auth/ntlm	Andrew Tridgell	6	-14/+0