summaryrefslogtreecommitdiff
path: root/source4/utils/ntlm_auth.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6028: A MAJOR update to intergrate the new credentails system fully withAndrew Bartlett1-54/+54
GENSEC, and to pull SCHANNEL into GENSEC, by making it less 'special'. GENSEC now no longer has it's own handling of 'set username' etc, instead it uses cli_credentials calls. In order to link the credentails code right though Samba, a lot of interfaces have changed to remove 'username, domain, password' arguments, and these have been replaced with a single 'struct cli_credentials'. In the session setup code, a new parameter 'workgroup' contains the client/server current workgroup, which seems unrelated to the authentication exchange (it was being filled in from the auth info). This allows in particular kerberos to only call back for passwords when it actually needs to perform the kinit. The kerberos code has been modified not to use the SPNEGO provided 'principal name' (in the mechListMIC), but to instead use the name the host was connected to as. This better matches Microsoft behaviour, is more secure and allows better use of standard kerberos functions. To achieve this, I made changes to our socket code so that the hostname (before name resolution) is now recorded on the socket. In schannel, most of the code from librpc/rpc/dcerpc_schannel.c is now in libcli/auth/schannel.c, and it looks much more like a standard GENSEC module. The actual sign/seal code moved to libcli/auth/schannel_sign.c in a previous commit. The schannel credentails structure is now merged with the rest of the credentails, as many of the values (username, workstation, domain) where already present there. This makes handling this in a generic manner much easier, as there is no longer a custom entry-point. The auth_domain module continues to be developed, but is now just as functional as auth_winbind. The changes here are consequential to the schannel changes. The only removed function at this point is the RPC-LOGIN test (simulating the load of a WinXP login), which needs much more work to clean it up (it contains copies of too much code from all over the torture suite, and I havn't been able to penetrate its 'structure'). Andrew Bartlett (This used to be commit 2301a4b38a21aa60917973451687063d83d18d66)
2007-10-10r5902: A rather large change...Andrew Bartlett1-1/+1
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5300: more uint32 and system/filesys.h build fixes when developer mode is ↵Andrew Tridgell1-1/+1
enabled (This used to be commit 93931b1a741a3722c311ada80c4c9d3d670f91b2)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-2/+3
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-3/+3
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-3/+3
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4419: move security_token stuff to the libcli/security/Stefan Metzmacher1-0/+1
and debug privileges metze (This used to be commit c981808ed4cfa63c7ba7c4f9190b6b14f74bab40)
2007-10-10r4358: At metze's request, the Christmas elves have removed gensec_end inAndrew Bartlett1-1/+1
favor of talloc_free(). Andrew Bartlett (This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
2007-10-10r4147: converted from NT_USER_TOKEN to struct security_tokenAndrew Tridgell1-4/+5
this is mostly just a tidyup, but also adds the privilege_mask, which I will be using shortly in ACL checking. note that I had to move the definition of struct security_token out of security.idl as pidl doesn't yet handle arrays of pointers, and the usual workaround (to use a intermediate structure) would make things too cumbersome for this structure, especially given we never encode it to NDR. (This used to be commit 7b446af09b8050746bfc2c50e9d56aa94397cc1a)
2007-10-10r4070: move some defines from asn_1.h to the places they belong toStefan Metzmacher1-3/+2
metze (This used to be commit ab2c2f27e1c61516e885f02bf26350f97209057a)
2007-10-10r3633: - moved module init functions to after smb.conf and command lineAndrew Tridgell1-2/+3
parsing, so that module init can take account of lp_ parms (thats why gensec:krb5=no wasn't working) - added a BASE-DISCONNECT torture test that tests server response to clients disconnecting with open lock and open requests pending (This used to be commit 5205f598b8c0be6985e61cc842cc5da109ba5b7e)
2007-10-10r3586: Fix some of the issues with the module init functions.Jelmer Vernooij1-0/+2
Both subsystems and modules can now have init functions, which can be specified in .mk files (INIT_FUNCTION = ...) The build system will define : - SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal - BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on This removes the hack with the "static bool Initialised = " and the "lazy_init" functions (This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
2007-10-10r3570: Export the user's group list from ntlm_auth, via a new command 'UG'Andrew Bartlett1-2/+30
(user groups). The form of this is not final, but is this should be a discussion point with the squid team. Andrew Bartlett (This used to be commit cbb0c67d06f75c2d8841a95ba8837124160ffd49)
2007-10-10r3541: Add support (to be verified with the squid team) for the Squid 3.0Andrew Bartlett1-62/+135
multiplexed helper system. This system prefixes every request with a number, and we maintian a state machine for each of these integers. This means that we can have multiple outstanding challenges, without the overhead of a whole ntlm_auth process. In future, the actual password check will also be async. Andrew Bartlett (This used to be commit 9ea34abce384214e35b1b2c5f405c5f91f27d195)
2007-10-10r3494: got rid of include/rewrite.h, and split out the dynconfig.h headerAndrew Tridgell1-0/+1
(This used to be commit 558de54ec6432a4ae90aa14a585f32c6cd03ced2)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3454: moved a few more things out if includes.h into the include/system/ ↵Andrew Tridgell1-0/+1
include files. this brings us down to about 11k lines of headers included with includes.h, while still retaining the speed of building with pch (This used to be commit 10188869ef072309ca580b8b933e172571fcdda7)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-0/+2
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r2643: convert more of the auth subsyystem to the new talloc methods. ThisAndrew Tridgell1-1/+1
also fixes a memory leak found with --leak-check. (This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
2007-10-10r2630: I missed a couple of places in the gensec talloc conversionAndrew Tridgell1-3/+3
(This used to be commit 7124949140141513193f41bb8491aa6a283efed7)
2007-10-10r2629: convert gensec to the new talloc modelAndrew Tridgell1-2/+2
by making our gensec structures a talloc child of the open connection we can be sure that it will be destroyed when the connection is dropped. (This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
2007-10-10r2612: Ensure ntlm_auth always logs to stderr.Andrew Bartlett1-2/+2
Add missing break; Andrew Bartlett (This used to be commit cdb8261775a3100e1b95b485d91ba1f94c879905)
2007-10-10r2611: Try to make Samba4's ntlm_auth more consistant with Samba 3.0.Andrew Bartlett1-8/+5
Andrew Bartlett (This used to be commit 8f4dab5d44480b40fc14afc70172861c229ba77d)
2007-10-10r2546: Remove another strupper_m() that we don't need.Andrew Bartlett1-1/+0
Andrew Bartlett (This used to be commit 5c5b45c1a870693c6201a09b508109b121ddc030)
2007-10-10r1630: - fixed the replacement timegm() function to work correctly for DST ↵Andrew Tridgell1-1/+1
changes - got rid of global_myname(), using lp_netbios_name() instead (This used to be commit e8d4b390884e487163d81f66a5a7ac1de1305d9a)
2007-10-10r1356: Fix logic bugs in ntlm_auth.Andrew Bartlett1-3/+7
Andrew Bartlett (This used to be commit 871e98ce5771bc96527f7ad4da07a7d6c1ae1c3c)
2007-10-10r1305: Grrr, fix my build breakage...Andrew Bartlett1-1/+1
Declare variables at the start of a block. Andrew Bartlett (This used to be commit 9f5394703e81db9ed93648e06e48b0364a04a696)
2007-10-10r1294: A nice, large, commit...Andrew Bartlett1-201/+215
This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10r1200: Add 'gensec', our generic security layer.Andrew Bartlett1-762/+70
This layer is used for DCERPC security, as well as ntlm_auth at this time. It expect things like SASL and the CIFS layer to use it as well. The particular purpose of this layer is to introduce SPENGO, which needs generic access to the actual implementation mechanisms. Schannel, due to it's 'interesting' setup properties is in GENSEC, but is only in the RPC code. Andrew Bartlett (This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
2007-10-10r1198: Merge the Samba 3.0 ntlm_auth, including the kerberos and SPENGO parts.Andrew Bartlett1-321/+1290
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend to refactor them into the same format as NTLMSSP. Andrew Bartlett (This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
2007-10-10r943: change samba4 to use 'uint8_t' instead of 'unsigned char'Stefan Metzmacher1-7/+7
metze (This used to be commit b5378803fdcb3b3afe7c2932a38828e83470f61a)
2003-08-13first public release of samba4 codeAndrew Tridgell1-0/+551
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)