summaryrefslogtreecommitdiff
path: root/source4/libcli/auth
AgeCommit message (Collapse)AuthorFilesLines
2007-12-21r26316: Use contexts for conversion functions.Jelmer Vernooij1-6/+6
(This used to be commit f6420d933b5b011d428974f3a2a57edf19e6f482)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij3-39/+39
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r23816: A little more static, but leave the dead code testjoin.c as ↵Andrew Bartlett1-1/+1
documentation. Andrew Bartlett (This used to be commit 6679003c0553804333f0090a91e1fe53837ceb47)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell6-18/+12
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r21072: fix compiler warningStefan Metzmacher1-1/+1
metze (This used to be commit e788709835fa13b512fbf38951c9d0ca9bc3df18)
2007-10-10r19676: Fix some more dependencies.Jelmer Vernooij1-2/+2
(This used to be commit 8768bec81f57131a0c9754e8121b345c0be4a5d0)
2007-10-10r19598: Ahead of a merge to current lorikeet-heimdal:Andrew Bartlett1-1/+1
Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
2007-10-10r19464: Reject passwords that cannot be converted into UCS2.Andrew Bartlett1-2/+8
Andrew Bartlett (This used to be commit c843fce7a0e9b91c4d2de44e7a9ad9599b33ec5c)
2007-10-10r18971: avoid strndup is a few places. Fixes a minor memory leak, and shouldAndrew Tridgell1-3/+8
fix RPC-LSA on AIX. (This used to be commit 6cce709d08579f4e00b44b692332a557b0ea3b86)
2007-10-10r18965: fixed the bug with RPC-NETLOGON and solaris sparc machines. This bugAndrew Tridgell1-0/+6
took a _LONG_ time to find. The problem was that when encoding/decoding password buffers we use the pull/push string functions, which by default align unicode strings. But on solaris sparc the buffer is not aligned always (its a stack variable, an array of uint8_t). That perfectly OK in C, so we just tell the pull/push functions not to auto-align. (This used to be commit bb7835eced00607eb6b1725be6d96a6dcb842049)
2007-10-10r18213: don't list LIBREPLACE depdendecies explicit andStefan Metzmacher1-1/+1
always at it as first private dependencies metze (This used to be commit 135d096776b53ae09ffc2b4f767dfbd18139570f)
2007-10-10r18130: the move to system/ in libreplace broke some things ... should beAndrew Tridgell1-1/+1
happier now (This used to be commit 18542f184f75074e56a9793a9e3b6c6d747bb9e6)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+0
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r16569: - use push_string()Stefan Metzmacher1-3/+3
metze (This used to be commit f099fcb6e3a38d6df22cb3a0c7c666333e41f11b)
2007-10-10r15834: fixed a memory leak in the session codeAndrew Tridgell1-1/+1
(This used to be commit 8a7047c102cdbcf746dcdf8a52554816b7770026)
2007-10-10r15297: Move create_security_token() to samdb as it requires SAMDB (and the ↵Jelmer Vernooij1-1/+1
rest of LIBSECURITY doesn't) Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal Some other dependency fixes (This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
2007-10-10r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacementJelmer Vernooij1-1/+1
for REQUIRED_SUBSYSTEMS. (This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
2007-10-10r14724: Rearrange some source files, install more headers.Jelmer Vernooij4-1/+385
(This used to be commit 7146c1600f29c349e5bb78f810e7e170b535dd37)
2007-10-10r14484: Install more headersJelmer Vernooij1-0/+1
(This used to be commit 430c6516d383bfd7f27287394bf8eef9f174b3e6)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-1/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14380: Reduce the size of structs.hJelmer Vernooij2-2/+26
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r14064: - split out MSRPC_PARSE into a speperate subsystemStefan Metzmacher2-1/+2
- build gensec_ntlmssp always static for now, because torture/auth/ntlmssp.c needs to access functions from it metze (This used to be commit 43733c9556c1c92336780206e3f71bdee6e43eee)
2007-10-10r13960: Generate makefile rules for installing/removing shared modules.Jelmer Vernooij1-1/+1
(This used to be commit 2c746980328431ab04852dc668899e3eb042da99)
2007-10-10r13924: Split more prototypes out of include/proto.h + initial work on headerJelmer Vernooij2-0/+2
file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
2007-10-10r13466: Make it easier to understand what this function actually does.Andrew Bartlett1-5/+5
Andrew Bartlett (This used to be commit f075497926f3b8131bf8427ee3a3d5c9e5ee77d7)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-0/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12670: Make a couple of dependencies stricterJelmer Vernooij1-1/+1
Re-introduce and use the OUTPUT_TYPE property for MODULEs to force specific modules to always be included (This used to be commit f9eede3d40098eddc3618ee48f9253cdddb94a6f)
2007-10-10r12500: Use init functions explicitly in a few more places. 'gensec' and ↵Jelmer Vernooij1-1/+1
'librpc' are the only two subsystems left to convert. (This used to be commit f6bbc72996aeee8607fc583140fd60be0e06e969)
2007-10-10r12498: Eliminate INIT_OBJ_FILES and ADD_OBJ_FILES. We were not usingJelmer Vernooij1-1/+1
the difference between these at all, and in the future the fact that INIT_OBJ_FILES include smb_build.h will be sufficient to have recompiles at the right time. (This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-3/+3
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11214: Remove scons files (see ↵Jelmer Vernooij1-0/+0
http://lists.samba.org/archive/samba-technical/2005-October/043443.html) (This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
2007-10-10r11198: The recent changes to netlogon changed this from a RID to a SID.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 24dbf3435277a51dd49c5e2189fc6655260eddf4)
2007-10-10r11052: bring samba4 uptodate with the samba4-winsrepl branch,Stefan Metzmacher1-3/+0
before the bad merge metze (This used to be commit 471c0ca4abb17fb5f73c0efed195c67628c1c06e)
2007-10-10r11037:Stefan Metzmacher1-0/+3
(This used to be commit 6913e338405a5aca5c70cf6e022532c596ed0a36)
2007-10-10r10847: Fix up new 'decrypt samlogon reply' routine to be more robust, and useAndrew Bartlett1-4/+18
it in the RPC-SAMLOGON test. Andrew Bartlett (This used to be commit 675b7df2eedbcb7ea89c0411f76429d8e2357222)
2007-10-10r10845: Add new function to decrypt the session keys in samlogon responses.Andrew Bartlett1-0/+44
Andrew Bartlett (This used to be commit 6d24d8d12cdc64b180fd6277f0775e943f26e82b)
2007-10-10r10712: Use data_blob_talloc, thanks to valgrind for finding the errors.Andrew Bartlett1-5/+5
Andrew Bartlett (This used to be commit 1f6fec8e6b0845ae6000eeda65641435fb18c9e3)
2007-10-10r10478: More work on proto headers; we now generate a couple of smaller onesJelmer Vernooij1-3/+0
that are then included by include/proto.h (This used to be commit 703ffbaaaca11f3d8781cfe9e7542fcaa626d991)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-0/+3
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r8520: fixed a pile of warnings from the build farm gcc -Wall output onAndrew Tridgell1-1/+1
S390. This is an attempt to avoid the panic we're seeing in the automatic builds. The main fixes are: - assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats - use of NULL format statements to perform dn searches. - assumption that sizeof() returns an int (This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
2007-10-10r7757: Add NTLMv2 support to the NT1 Session setup (ie, not SPNEGO/NTLMSSP)Andrew Bartlett1-13/+22
Session Setup code. Add a mem_ctx argument to a few of the NTLMv2 support functions, and add smb.conf options to control client NTLMv2 behaviour. Andrew Bartlett (This used to be commit 3f35cdb218a3dae08a05e77452ca9f73716ceb28)
2007-10-10r7731: change debug level to not spam the build-farm smbd logStefan Metzmacher1-1/+1
metze (This used to be commit 3a1ed83fd0714fa46055c8fe5b039986909f9a45)
2007-10-10r6851: Typo in comment.Tim Potter1-1/+1
(This used to be commit e1864a7ac91b6bdd49c0cee26b592dc6d963e35d)
2007-10-10r6460: Push the client credentials into NTLMSSP, allowing logins of the formAndrew Bartlett1-1/+1
user@REALM for the first time. Fix the build for smbencrypt.c Andrew Bartlett (This used to be commit 5a6a57cd93e22e612bfbb8a8f7bc29269a9a3ac6)
2007-10-10r6113: Move GENSEC and the kerberos code out of libcli/auth, and intoAndrew Bartlett24-9464/+0
auth/gensec and auth/kerberos. This also pulls the kerberos configure code out of libads (which is otherwise dead), and into auth/kerberos/kerberos.m4 Andrew Bartlett (This used to be commit e074d63f3dcf4f84239a10879112ebaf1cfa6c4f)
2007-10-10r6094: Work on the Kerberos code recently merged from Samba 3.0. This fixesAndrew Bartlett3-31/+53
up issues I introduced during the merge, that caused a segfault. I've still not got the keytab code to work for me (using Samba3 to generate the keytab) so this is still not fully tested, but it's better than it was. To add debugging, I now use the krb5_get_error_message() function from Heimdal when present, to return the custom error string, which contains far, far more information than the simple error code does. (This last point may well be worth merging back into 3.0) Andrew Bartlett (This used to be commit ed5755d9d1e48df7ae77a9410d30e10cb8b0cbd7)
2007-10-10r6030: Missing from previous commit, a small header file to linkAndrew Bartlett1-0/+35
libcli/auth/schannel.c and libcli/auth/schannel_sign.c Andrew Bartlett (This used to be commit 1e0e66d7202d3f0e7fb3c90f2ca608fa08a713a6)
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett12-308/+361
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r6027: Add copyright, and add a useful debug message.Andrew Bartlett1-2/+3
Andrew Bartlett (This used to be commit b5260cf0d4c4f2e81a310d1c94160c9fbaaa331f)