summaryrefslogtreecommitdiff
path: root/auth
Commit message (Collapse)AuthorAgeFilesLines
* auth:creds: Check return code of cli_credentials_guess()Andreas Schneider2021-06-291-2/+5
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Return bool for cli_credentials_guess()Andreas Schneider2021-06-293-15/+39
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Add sanity check for env variablesAndreas Schneider2021-06-291-18/+45
| | | | | | | CID 710829 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Check return code of cli_credentials_set_conf()Andreas Schneider2021-06-291-2/+5
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Return a bool for cli_credentials_set_conf()Andreas Schneider2021-06-293-18/+74
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Fix parameter in creds.set_named_ccache()Joseph Sutton2021-05-191-1/+2
| | | | | | | | | Use the passed-in value for 'obtained' rather than always using CRED_SPECIFIED. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* auth:creds: Remove unused variableJoseph Sutton2021-05-191-3/+0
| | | | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* auth:creds:tests: Add test for cli_credentials_get_password_and_obtained()Andreas Schneider2021-04-281-0/+6
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Add cli_credentials_get_password_and_obtained()Andreas Schneider2021-04-282-0/+22
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds:tests: Add test for cli_credentials_get_username_and_obtained()Andreas Schneider2021-04-281-0/+6
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Add cli_credentials_get_username_and_obtained()Andreas Schneider2021-04-282-0/+22
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds:tests: Add test for cli_credentials_set_gensec_features()Andreas Schneider2021-04-281-0/+27
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Add obtained arg to cli_credentials_set_gensec_features()Andreas Schneider2021-04-284-6/+36
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Use 'client protection' option for smb sign and encrypt defaultsAndreas Schneider2021-04-281-0/+30
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib:param: Add 'client protection' config optionAndreas Schneider2021-04-281-0/+7
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds:tests: Add test for cli_credentials_set_kerberos_state()Andreas Schneider2021-04-281-0/+42
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Add obtained arg to cli_credentials_set_kerberos_state()Andreas Schneider2021-04-288-17/+44
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python: remove all 'from __future__ import print_function'Douglas Bagnall2021-04-281-1/+0
| | | | | | | | | | | | | | | | This made Python 2's print behave like Python 3's print(). In some cases, where we had: from __future__ import print_function """Intended module documentation...""" this will have the side effect of making the intended module documentation work as the actual module documentation (i.e. becoming __doc__), because it is once again the first statement in the module. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* gensec: Slightly simplify gensec_generate_session_info_pac()Volker Lendecke2021-04-271-11/+19
| | | | | | | Reduce indentation by an early error return and by introducing a helper variable. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth/credentials: Remove unneeded try/except syntaxJoseph Sutton2021-04-071-10/+4
| | | | | | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Apr 7 10:24:17 UTC 2021 on sn-devel-184
* auth/credentials: Add test for binding with an extended canonical nameJoseph Sutton2021-04-071-0/+12
| | | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* auth/credentials: Add test for binding with a canonical nameJoseph Sutton2021-04-071-0/+9
| | | | | Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* auth/credentials: Add test for binding with a domain SIDJoseph Sutton2021-04-071-1/+14
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10319 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* gensec: Remove gensec_security_all(), it was only used internallyVolker Lendecke2021-04-062-9/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* auth:creds: Free the uname pointer in cli_credentials_parse_string()Andreas Schneider2021-03-241-0/+6
| | | | | | | | | | The data is duplicated and we don't need it anymore. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Mar 24 03:13:05 UTC 2021 on sn-devel-184
* auth:creds: Don't include credentials_internal.h twiceAndreas Schneider2021-03-241-1/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth:creds: Use our own cli_credentials_set_cmdline_callbacks()Andreas Schneider2021-03-242-3/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* auth:creds: Add command line function for standard password callbackAndreas Schneider2021-03-243-0/+79
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:lib:cmdline: Rename cli_credentials_set_cmdline_callbacks()Andreas Schneider2021-03-241-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* auth:creds: Add cli_credentials_dump()Andreas Schneider2020-12-163-0/+166
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <noel.power@suse.com> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Dec 16 13:56:49 UTC 2020 on sn-devel-184
* auth: Align an integer typeVolker Lendecke2020-11-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Revert "cli_credentials: add a helper to parse user or group names"Alexander Bokovoy2020-11-053-75/+0
| | | | This reverts commit 00f4262ed0b22f6e333e5a29c5590b62c783905c.
* Revert "cli_credentials_parse_string: fix parsing of principals"Alexander Bokovoy2020-11-052-3/+4
| | | | This reverts commit eb0474d27bae4592b25ac6bf600da29c6a1cb9f8.
* cli_credentials: add a helper to parse user or group namesAlexander Bokovoy2020-11-043-0/+75
| | | | | | | | | | | | | | | | | | | | | cli_credentials_parse_string() parses a string specified for -U option in command line tools. It has a side-effect that '%' character is always considered to be a separator after which a password is specified. Active Directory does allow to create user or group objects with '%' in the name. It means cli_credentials_parse_string() will not be able to properly parse such name. Introduce cli_credentials_parse_name() for the cases when a password is not expected in the name and call to cli_credentials_parse_name() from cli_credentials_parse_string(). Test cli_credentials_parse_name() with its intended use in lookup_name() refactoring. Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* cli_credentials_parse_string: fix parsing of principalsAlexander Bokovoy2020-11-042-4/+3
| | | | | | | | | | | | | | | | | | | When parsing a principal-like name, user name was left with full principal instead of taking only the left part before '@' sign. >>> from samba import credentials >>> t = credentials.Credentials() >>> t.parse_string('admin@realm.test', credentials.SPECIFIED) >>> t.get_username() 'admin@realm.test' The issue is that cli_credentials_set_username() does a talloc_strdup() of the argument, so we need to change order of assignment to allow talloc_strdup() to copy the right part of the string. Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds:tests: Migrate test to a cmocka unit testAndreas Schneider2020-11-032-0/+227
| | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* auth:creds: Rename CRED_USE_KERBEROS valuesAndreas Schneider2020-11-039-20/+26
| | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* auth:creds: Add cli_credentials_init_server()Andreas Schneider2020-09-072-0/+27
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:gensec: If Kerberos is required, keep schannel for machine account authStefan Metzmacher2020-09-071-0/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
* auth:gensec: Pass use_kerberos and keep_schannel to gensec_use_kerberos_mechs()Stefan Metzmacher2020-09-071-12/+14
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth:gensec: Make gensec_use_kerberos_mechs() a static functionStefan Metzmacher2020-09-072-6/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth:gensec: Add gensec_security_sasl_names()Stefan Metzmacher2020-09-072-0/+89
| | | | | | | Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* lib/util: remove extra safe_string.h fileMatthew DeVore2020-08-282-0/+4
| | | | | | | | | | | | | | | | | | lib/util/safe_string.h is similar to source3/include/safe_string.h, but the former has fewer checks. It is missing bcopy, strcasecmp, and strncasecmp. Add the missing elements to lib/util/safe_string.h remove the other safe_string.h which is in the source3-specific path. To accomodate existing uses of str(n?)casecmp, add #undef lines to source files where they are used. Signed-off-by: Matthew DeVore <matvore@google.com> Reviewed-by: David Mulder <dmulder@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
* auth:creds: Bump library versionAndreas Schneider2020-08-191-1/+1
| | | | | | | We added new functions so bump the version. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add python bindings for cli_credentials_set_conf()Andreas Schneider2020-08-191-0/+41
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add python bindings for (get|set)_smb_encryptionAndreas Schneider2020-08-191-0/+62
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add cli_credentials_(get|set)_smb_encryption()Andreas Schneider2020-08-193-0/+55
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add python bindings for (get|set)_smb_ipc_signingAndreas Schneider2020-08-191-0/+56
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add cli_credentials_(get|set)_smb_ipc_signing()Andreas Schneider2020-08-193-0/+60
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth:creds: Add python bindings for (get|set)_smb_signingAndreas Schneider2020-08-191-0/+63
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
View Lorry Controller Status