Age | Commit message (Collapse) | Author | Files | Lines |
|
Andrew Bartlett
(This used to be commit 2853ccfc8ad58c6af751e01487b8a9e7e68a01e7)
|
|
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
|
|
logon_parameters for the auth subsystem.
Andrew Bartlett
(This used to be commit 767c5ca7bec3737d1261e209cd895d1300354f25)
|
|
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own
test for the moment, but I'm working on these issues :-)
This required a change to the credentials API, so that the special
case for NTLM logins using a principal was indeed handled as a
special, not general case.
Also don't set the realm from a ccache, as then it overrides --option=realm=.
Andrew Bartlett
(This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
|
|
(This used to be commit 6e3e964fb4529260c2fcb09b41eda1a100e690eb)
|
|
Kerberos CCACHE into the system.
This again allows the use of the system ccache when no username is
specified, and brings more code in common between gensec_krb5 and
gensec_gssapi.
It also has a side-effect that may (or may not) be expected: If there
is a ccache, even if it is not used (perhaps the remote server didn't
want kerberos), it will change the default username.
Andrew Bartlett
(This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
|
|
(This used to be commit 57e6eb9c66ba539a593524d8cfd8836a840ac1ba)
|
|
but at least it now
tells us why
(This used to be commit 4afb16d7b24b1d1ed359048a89950924b363e44a)
|
|
except of popt help (-h) option (unexpected ?).
rafal
(This used to be commit 1990793b23d6198a85ce1bdf6ad43e12015db203)
|
|
user_info strcture in auth/
This moves it to a pattern much like that found in ntvfs, with
functions to migrate between PAIN, HASH and RESPONSE passwords.
Instead of make_user_info*() functions, we simply fill in the control
block in the callers, per recent dicussions on the lists. This
removed a lot of data copies as well as error paths, as we can grab
much of it with talloc.
Andrew Bartlett
(This used to be commit ecbd2235a3e2be937440fa1dc0aecc5a047eda88)
|
|
(This used to be commit 8e788ae3094220e5ea195cdf85abb6763a834abd)
|
|
libjs/auth.js
- tried to make the ejs_userAuth() call work for the sam, not just for
unix auth. I didn't get this working. Andrew, when you get a chance
can you see what I'm doing wrong? I suspect its because we aren't
supplying a challenge, but a challenge doesn't really make sense in a
'is this username/password' correct call.
(This used to be commit 9e07c08a71908e99c2f44efc40a3249facd6850f)
|
|
upstream sources. This makes it much easier to keep it up to date.
I will separate out the mpr code into lib/appweb/mpr next
(This used to be commit 52db7a052baeb0f11361ed69b71cb790039e3cc9)
|
|
- added sys_unlink()
- added sys_file_load() and sys_file_save()
- use mprString() instead of mprCreateStringVar() to cope with NULL strings
- removed smbcalls_irpc.c as its not needed any more
- allow ldbAdd() and ldbModify() to take multiple ldif records
- added a sprintf() function to ejs. Quite complex, but very useful!
(This used to be commit 625628a3f6e78349d2240ebcc79081f350672070)
|
|
have the toString() and valueOf() default attributes
this allows all our returned objects to be used in logical expressions
(This used to be commit 570f071b1544b497d5f480b8ad50df097fe4c843)
|
|
- got rid of the one line ejs_returnlist()
(This used to be commit 6961fe29058cffd8e69d9ce7e7d3902f973411c0)
|