summaryrefslogtreecommitdiff
path: root/source4/auth
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r10981: Pull code to decide between and implement NTLMv2, NTLM and LMAndrew Bartlett4-139/+243
authentication out of the various callers and into the kitchen sink.. err, credentials subsystem. This should ensure consistant logic, as well as get us one step closer to security=server operation in future. Andrew Bartlett (This used to be commit 09c95763301c0f7770d56462e8af4169b8c171fb)
2007-10-10r10945: Free the salt after we are done with it. May need a merge to similarAndrew Bartlett1-2/+4
code in Samba3. Andrew Bartlett (This used to be commit 36e302bac87d0a07c86cc4c841d376c778630dab)
2007-10-10r10913: This patch isn't as big as it looks ...Andrew Tridgell1-9/+9
most of the changes are fixes to make all the ldb code compile without warnings on gcc4. Unfortunately That required a lot of casts :-( I have also added the start of an 'operational' module, which will replace the timestamp module, plus add support for some other operational attributes In ldb_msg_*() I added some new utility functions to make the operational module sane, and remove the 'ldb' argument from the ldb_msg_add_*() functions. That argument was only needed back in the early days of ldb when we didn't use the hierarchical talloc and thus needed a place to get the allocation function from. Now its just a pain to pass around everywhere. Also added a ldb_debug_set() function that calls ldb_debug() plus sets the result using ldb_set_errstring(). That saves on some awkward coding in a few places. (This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
2007-10-10r10894: make the handling of dn/distinguishedName much closer to realAndrew Tridgell1-0/+1
ldap. Also ensure we put a objectclass on our private ldb's, so they have some chance of being stored in ldap if you want to (This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
2007-10-10r10812: Fix capitalisation (thanks tridge).Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit f78982a0f1079b07be6d7bfd9cc0f92c2cebcf1c)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett2-2/+117
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10796: Make getting an anonymous session info a utility function.Andrew Bartlett2-21/+27
Andrew Bartlett (This used to be commit 6021fa373405f8788dc216aae82a3f4a80df4ba7)
2007-10-10r10764: To match Win2k3 SP1, we need to set an anonymous user token forAndrew Bartlett1-10/+21
schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett (This used to be commit 1c3911374ec65e4770c2fe9109d7b7d3ecd99f6a)
2007-10-10r10670: Add notes on things that are TODO in Samba4 kerberos land.Andrew Bartlett1-0/+46
Andrew Bartlett (This used to be commit 5b2114bb9c604e8d36887e1131175da327eabc84)
2007-10-10r10669: reverted jelmers commit 10663 as it was causing lots of panics in ↵Andrew Tridgell2-8/+13
'make test' I also think the method of getting rid of pstring isn't the right one. I certainly do want to get rid of pstring/fstring, but the reason for removing them is the use of arbitrary sized fixed length strings on the stack and in structures. Changing to another fixed length stack string format isn't really a win, and moving to use strncpy() is actually worse than pstrcpy() as strncpy() has the absolutely awful semantics of always zeroing all remaining bytes, so it ends up taking a lot of cpu doing pointless memory writes. I'd rather move to more use of asprintf()/talloc_asprintf() and similar functions for dynamic string allocation. You also have to be very careful about some of these system defined string limits. One some systems PATH_MAX could be 64k or even larger, which can quickly blow the stack out when you allocate a few of them. (This used to be commit 194efd26e42d621b239052ed1fec8da916bd2144)
2007-10-10r10663: Eliminate use of pstringJelmer Vernooij2-13/+8
(This used to be commit 57cfbe51e61e27098fad3f9b1113c6f8f69f9a55)
2007-10-10r10597: And add the .mk files for the new credentials subsystem.Andrew Bartlett1-0/+11
Andrew Bartlett (This used to be commit 51a0275a0e7ffc940f2403f3c74a00b3936a07f4)
2007-10-10r10596: Move the credentials code into it's own subsystem, and push it under ↵Andrew Bartlett3-0/+1103
auth/ Andrew Bartlett (This used to be commit 2e76a4b8efd59c496d64241d654538d3222545c6)
2007-10-10r10586: Add MergedObject() builder. Default to Library() ratherJelmer Vernooij2-16/+16
then StaticLibrary() (This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
2007-10-10r10579: str_list_make() can return NULLJelmer Vernooij1-1/+1
(This used to be commit f547ab4644fd1c8ae2e44a25e874abf35e02d986)
2007-10-10r10565: Try to make Kerberos authentication a bit more friendly.Andrew Bartlett2-10/+35
This disables it for 'localhost' as well as for any host our KDC does not recognise. Andrew Bartlett (This used to be commit 49c6c36763aae23880a20a8ee50c00e8935d8548)
2007-10-10r10561: This patch takes over KDC socket routines in Heimdal, and directs themAndrew Bartlett1-2/+351
at the Samba4 socket layer. The intention here is to ensure that other events may be processed while heimdal is waiting on the KDC. The interface is designed to be sufficiently flexible, so that the plugin may choose how to time communication with the KDC (ie multiple outstanding requests, looking for a functional KDC). I've hacked the socket layer out of cldap.c to handle this very specific case of one udp packet and reply. Likewise I also handle TCP, stolen from the winbind code. This same plugin system might also be useful for a self-contained testing mode in Heimdal, in conjunction with libkdc. I would suggest using socket-wrapper instead however. Andrew Bartlett (This used to be commit 3b09f9e8f9f6f645cd03073ef833c8d0fb0d84e2)
2007-10-10r10532: Replace next_token() with str_list_make()Jelmer Vernooij1-9/+8
(This used to be commit 87bb382445292755eff1c29f12358d4509ebe714)
2007-10-10r10513: Reduce some use of pstring. The main reason some parts of the code stillJelmer Vernooij3-5/+3
use pstring is next_token() now. (This used to be commit a5b88bcd420eb7ae42283293541519e142be36e3)
2007-10-10r10509: Some more sconscript fixes. Now getting to link stage for smbclientJelmer Vernooij3-15/+20
(This used to be commit 6df956edbab7ad5e72b2f20e74ab0f0d62528932)
2007-10-10r10478: More work on proto headers; we now generate a couple of smaller onesJelmer Vernooij3-9/+16
that are then included by include/proto.h (This used to be commit 703ffbaaaca11f3d8781cfe9e7542fcaa626d991)
2007-10-10r10464: Use more consistant names.Andrew Bartlett1-3/+3
Andrew Bartlett (This used to be commit 1f726906c488355733dc1a3a89c53e194c192e68)
2007-10-10r10447: Add gensec sources to proto.hTim Potter1-1/+6
(This used to be commit 1b675a1bdfa7e50e1b418ae41479f1bebc445064)
2007-10-10r10407: the schannel database does not need to be synchronous (and thus crashAndrew Tridgell1-1/+1
safe) as it is removed on smbd restart (This used to be commit 0951db6a89d15792ee1ea6b9f37c45486958ad57)
2007-10-10r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.Andrew Bartlett2-3/+3
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own test for the moment, but I'm working on these issues :-) This required a change to the credentials API, so that the special case for NTLM logins using a principal was indeed handled as a special, not general case. Also don't set the realm from a ccache, as then it overrides --option=realm=. Andrew Bartlett (This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
2007-10-10r10398: Don't do DNS lookups on short names (no .).Andrew Bartlett1-0/+8
Andrew Bartlett (This used to be commit 77aca9619d24a8e118f53bcd1a1e54b8437812a8)
2007-10-10r10390: Remove fstring, pstring and uint32_t from winbindd_nss.h.Volker Lendecke1-6/+6
Volker (This used to be commit 3dc7e67dc5e5844523e9768081123c622e61c7e9)
2007-10-10r10383: This patch is on the road to implementing servers (such as kpasswd) thatAndrew Bartlett1-29/+140
use raw krb5, not GSSAPI. I still keep the 'fake GSSAPI' code, but under the module name 'fake_gssapi_krb5'. Andrew Bartlett (This used to be commit 99efec2758ad6c996db65dd42cb72a81077c9b2b)
2007-10-10r10377: Save configuration stuff to sconf.cache so it isn't annoyingly runTim Potter1-3/+4
at every single build. Run 'scons configure=1' or delete sconf.cache to force checks to be re-run. Jelmer, I think this stuff is cached in the .sconf_cache directory but the message is still displayed and it looks like it caches the compiled test object file not the actual result of the test. (This used to be commit 9d001dc083937bbf5642af90bc8a8b1a27825de0)
2007-10-10r10372: Having gone to all the effort to uppercase the realm, actually set theAndrew Bartlett1-1/+1
upper-case realm. Andrew Bartlett (This used to be commit 3e38456dd5c40730f3203e89393dad2b97996d56)
2007-10-10r10366: More scons fixes. Building et, asn1, lex and yacc files sort-of ↵Jelmer Vernooij1-1/+6
works now (This used to be commit 22f18a84242e5e68a2d57b6d7ff77c089ee7434a)
2007-10-10r10364: Turn gensec:gssapi on by default, except for a login of the formAndrew Bartlett2-24/+24
-Udomain\\user. This will probably break in a few configurations, so please let me know. I'll also work to have a way to inhibit kerberos/ntlmssp, as this removes -k. Andrew Bartlett (This used to be commit 3c0dc570b86e79aea5446d7c3bb9750a11bf8ca4)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij4-0/+30
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r10337: This grubby little hack is the implementation of a concept discussedAndrew Bartlett1-0/+5
on the kerberos mailing lists a couple of weeks ago: Don't use DNS at all for expanding short names into long names. Using the 'override krb5_init_context' code already in the tree, this removes the DNS lag on a kerberos session setup/connection. Andrew Bartlett (This used to be commit de3ceab3d064a286e8662a2b9b62b212f0454156)
2007-10-10r10330: Add SConscript to more subsystems. Some of the tdb tools build now.Jelmer Vernooij1-0/+1
Start on custom Samba scons tools (for handling proto generation, pidl, etc) (This used to be commit 4bffe4435944fffa3f9680b5a2fe63f2bdd98003)
2007-10-10r10292: This is set below from lp_server_role().Andrew Bartlett1-1/+0
Andrew Bartlett (This used to be commit 096c751f37172b06bb42b5c4d73b2743322d2f71)
2007-10-10r10291: The patch optionally (off by default, not available in all cases) allowsAndrew Bartlett4-22/+81
Samba to use the target principal name supplied in the mechTokenMIC of an SPNEGO negTokenInit. This isn't a great idea for security reasons, but is how Samba3 behaves, and allows kerberos to function more often in some environments. It is only available for CIFS session setups, due to the ordering of the exchange. Andrew Bartlett (This used to be commit f6a645644127ae695a9f7288e0a469f2eb7f3066)
2007-10-10r10286: This patch is ugly and disgusting, but for now it works better than ↵Andrew Bartlett5-118/+158
the other ideas I have had. When I get a full list of things I want to do to a krb5_context I'll either add gsskrb5_ wrappers, or a way of speicfying the krb5 context per gssapi context. (I want to ensure that the only krb5_context variables created while executing Samba4 are via our wrapper). Andrew Bartlett (This used to be commit 8a22d46e70e9f863831aba0c9913d195f833d625)
2007-10-10r10246: Remove unused functionJelmer Vernooij2-2/+131
Move auth-specific file to auth/ (This used to be commit 8aa9711a306b30da905f53148ebe352462852d74)
2007-10-10r10174: This patch implements generic PAC verification, without assumptionsAndrew Bartlett1-23/+98
about the size of the signature. In particular, this works with AES, which was previously broken Samba4/Samba4. Reviewed by metze (and thanks for help with the previous IDL commit). (This used to be commit 3c8be196cce3bf275a0bf8d0cf127df570b560d3)
2007-10-10r10155: Add more notes on required gsskrb5 functions.Andrew Bartlett1-2/+7
Andrew Bartlett (This used to be commit cdfcc093430c0a4ae2937dcbf29b8874e724ff29)
2007-10-10r10153: This patch adds a new parameter to gensec_sig_size(), the size of theAndrew Bartlett6-16/+53
data to be signed/sealed. We can use this to split the data from the signature portion of the resultant wrapped packet. This required merging the gsskrb5_wrap_size patch from lorikeet-heimdal, and fixes AES encrption issues on DCE/RPC (we no longer use a static 45 byte value). This fixes one of the krb5 issues in my list. Andrew Bartlett (This used to be commit e4f2afc34362953f56a026b66ae1aea81e9db104)
2007-10-10r10145: Allow a variable length signature, so we can support signing withAndrew Bartlett1-17/+7
other than arcfour-hmac-md5. Currently we still fail to verify other signatures however. Andrew Bartlett (This used to be commit 2e5884fc2472c6bcc7e6e083c28a4da6b2f72af1)
2007-10-10r10066: This is the second in my patches to work on Samba4's kerberos support,Andrew Bartlett6-317/+302
with an aim to make the code simpiler and more correct. Gone is the old (since the very early Samba 3.0 krb5 days) 'iterate over all keytypes)' code in gensec_krb5, we now follow the approach used in gensec_gssapi, and use a keytab. I have also done a lot of work in the GSSAPI code, to try and reduce the diff between us and upstream heimdal. It was becoming hard to track patches in this code, and I also want this patch (the DCE_STYLE support) to be in a 'manageable' state for when lha considers it for merging. (metze assures me it still has memory leak problems, but I've started to address some of that). This patch also includes a simple update of other code to current heimdal, as well as changes we need for better PAC verification. On the PAC side of things we now match windows member servers by checking the name and authtime on an incoming PAC. Not generating these right was the cause of the PAC pain, and so now both the main code and torture test validate this behaviour. One thing doesn't work with this patch: - the sealing of RPC pipes with kerberos, Samba -> Samba seems broken. I'm pretty sure this is related to AES, and the need to break apart the gss_wrap interface. Andrew Bartlett (This used to be commit a3aba57c00a9c5318f4706db55d03f64e8bea60c)
2007-10-10r10035: This patch removes the need for the special case hackAndrew Bartlett4-36/+84
'MEMORY_WILDCARD' keytab type. (part of this checking is in effect a merge from lorikeet-heimdal, where I removed this) This is achieved by correctly using the GSSAPI gsskrb5_acquire_cred() function, as this allows us to specify the target principal, regardless of which alias the client may use. This patch also tries to simplify some principal handling and fixes some error cases. Posted to samba-technical, reviewed by metze, and looked over by lha on IRC. Andrew Bartlett (This used to be commit 506a7b67aee949b102d8bf0d6ee9cd12def10d00)
2007-10-10r10021: More kerberos notes.Andrew Bartlett1-3/+20
(This used to be commit f36e657a416d7ec7146d84da88b28c2606ff838a)
2007-10-10r9927: Extend copyright for all the hard work I've done this year.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit b50e546eb4d5d9171d4ae5e9c9bebd8c7c878bd8)
2007-10-10r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinkingJelmer Vernooij1-1/+1
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m! (This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett5-169/+121
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r9693: Move the smb_krb5_context setup code to use the new pattern ofAndrew Bartlett1-5/+7
tmp_ctx, then steal at the last moment, on success. andrew Bartlett (This used to be commit c7a44518ad9acaf5708169e07aa03eae52262773)