summaryrefslogtreecommitdiff
path: root/nsswitch/libwbclient/wbclient.h
Commit message (Collapse)AuthorAgeFilesLines
* wbclient: Add wbcSetClientProcessName()Andreas Schneider2018-11-121-1/+15
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libwbclient: add trust routing and more trust-typesRalph Boehme2018-01-131-0/+7
| | | | | | | This adds the struct member and the defines, the implementation comes later. Signed-off-by: Ralph Boehme <slow@samba.org>
* libwbclient: add WBC_SID_NAME_LABELStefan Metzmacher2017-03-231-1/+3
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Mar 23 12:55:26 CET 2017 on sn-devel-144
* libwbclient: Add "authoritative" to wbcAuthErrorInfoVolker Lendecke2017-03-071-1/+3
| | | | | | | smbd needs to react to "authoritative" Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_authHerwin Weststrate2016-03-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | An implementation of https://lists.samba.org/archive/samba/2012-March/166497.html (which has been discussed in 2012, but was never implemented). It has been tested on a Debian Jessie system with this patch added to the Debian package (which is currently 4.1.17). Even though this is Samba 4, the ntlm_auth installed is the one from Samba 3 (yes, it surprised me too). The backend was a machine with Windows 2012R2. It was first tested with the local security policy 'Network Security: LAN Manager authentication level' setting changed to 'Send NTLMv2 Response Only' (allow ntlm v1). This way we are able to authenticate with and without the MSV1_0_ALLOW_MSVCHAPV2 flag (as expected). After the basic step has been verified, the local security policy 'Network Security: LAN Manager authentication level' setting was changed to 'Send NTLMv2 Response Only. Refuse LM & NTLM' (only allow ntlm v2). The behaviour now changed according to the MSV1_0_ALLOW_MSVCHAPV2 flag (again: as expected). $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= Logon failure (0xc000006d) $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= --allow-mschapv2 NT_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX The changes in `wbclient.h` are intended for programs that use libwinbind directly instead of authenticating via `ntlm_auth`. I intend to use that within FreeRADIUS (see https://bugzilla.samba.org/show_bug.cgi?id=11149). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11694 Signed-off-by: Herwin Weststrate <herwin@quarantainenet.nl> Reviewed-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libwbclient: Implement wbc[Ctx]UnixIdsToSidsVolker Lendecke2016-02-221-1/+8
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* Update libwbclient version to 0.12Matthew Newton2015-03-101-1/+2
| | | | | | | | | | | | | | Increment the minor version of the libwbclient library after new context functions added. (Major version increase not required as the only two functions with changed parameters are private to the library.) Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 10 03:24:45 CET 2015 on sn-devel-104
* Add context versions of wbclient functionsMatthew Newton2015-03-101-9/+641
| | | | | | | | | | | To make the libwbclient library thread-safe, all functions that call through to wb_common winbindd_request_response need to have context that they can use. This commit adds all the necessary functions. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Add wbcContext struct, create and free functionsMatthew Newton2015-03-101-0/+30
| | | | | | | | | The basic context structure and functions for libwbclient so that libwbclient can be made thread-safe. Signed-off-by: Matthew Newton <matthew-git@newtoncomputing.co.uk> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nsswitch: fix some typosChristian Ambach2013-05-171-2/+2
| | | | | | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri May 17 01:09:33 CEST 2013 on sn-devel-104
* libwbclient: bump ABI to 0.11 as wbcAuthenticateUserEx now provides PAC parsingAndrew Bartlett2012-09-211-1/+2
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Sep 21 06:37:15 CEST 2012 on sn-devel-104
* winbind: Extend wbcAuthenticateUserEx to provide PACChristof Schmitt2012-09-201-20/+22
| | | | | | | | | | | | | | With this new interface, external applications that have authenticated to an ADS can pass the PAC from the Kerberos ticket to wbcAuthenticateUserEx. winbindd decodes and extracts the info3 information for the external application. If winbindd can verify the PAC signature, the info3 from the PACis also added to the netsamlogon_cache. The info3 data can be used by the external application to get the uid and primary gid. The data in netsamlogon_cache allows to retrieve the complete group list through the NSS function getgrouplist. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libwbclient: Add wbcPingDc2Christof Schmitt2012-08-151-1/+17
| | | | | | | Add wbcPingDc2 that optionally returns the DC that was attempted to ping. wbcPing is implemented as a wrapper around wbcPingDc2. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libwbclient: bump version to 0.9, and add this version to .pc fileAndrew Bartlett2012-04-201-1/+2
|
* libwbclient: added support for WBC_ID_TYPE_BOTHAndrew Tridgell2011-09-231-1/+2
| | | | | | | | | | the Samba4 winbindd allows for a single SID to map to both a user and group id. This is used to support files with the owner_sid set to a group Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Michael Adam <obnox@samba.org>
* libwbclient: Add wbcSidsToUnixIdsVolker Lendecke2011-04-131-1/+31
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
* libwbclient: Add wbcLookupSidsVolker Lendecke2011-04-131-0/+10
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
* libwbclient: Add wbcSidToStringBufVolker Lendecke2011-03-051-1/+15
|
* libwbclient: doxygen: mark wbcSetGidHwm deprecatedMichael Adam2011-02-101-0/+3
| | | | | Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Thu Feb 10 14:42:24 CET 2011 on sn-devel-104
* libwbclient: doxygen: mark wbcSetUidHwm deprecatedMichael Adam2011-02-101-0/+3
|
* libwbclient: doxygen: mark wbcRemoveGidMapping deprecatedMichael Adam2011-02-101-0/+3
|
* libwbclient: doxygen: mark wbcRemoveUidMapping deprecatedMichael Adam2011-02-101-0/+3
|
* libwbclient: doxygen: mark wbcSetGidMapping deprecatedMichael Adam2011-02-101-0/+3
|
* libwbclient: doxygen: mark wbcSetUidMapping deprecatedMichael Adam2011-02-101-0/+3
|
* Revert "libwbclient: remove wbcSetUidMapping() - not implemented any more"Michael Adam2011-02-101-0/+10
| | | | | | This reverts commit 25a0dc44f7e180d96dcccb8701e9817ecfd54955. Undo the library version bump.
* Revert "libwbclient: remove wbcSetGidMapping() - not implemented any more"Michael Adam2011-02-101-0/+10
| | | | | | This reverts commit 52e1be2139d370bf0ce99371bc9ab73db41c6236. Undo the library version bump.
* Revert "libwbclient: remove wbcRemoveUidMapping() - not implemented any more"Michael Adam2011-02-101-0/+10
| | | | | | This reverts commit 1ed5961df2da73b61666a4565d0633e34f72d04d. Undo the library version bump.
* Revert "libwbclient: remove wbcRemoveGidMapping() - not implemented any more"Michael Adam2011-02-101-0/+10
| | | | | | This reverts commit 393c866c517636e94b48ca6030a57b712892d568. Undo the library version bump.
* Revert "libwbclient: remove wbcSetUidHwm() - not implemented any more"Michael Adam2011-02-101-0/+9
| | | | | | This reverts commit 6558323c84cdd929716c59ba66d2ae6b699931d2. Undo the library version bump.
* Revert "libwbclient: remove wbcSetGidHwm() - not implemented any more"Michael Adam2011-02-101-0/+9
| | | | | | This reverts commit 68a9b726be84aaaaa340f19e175da448409430b3. Undo the library version bump.
* Revert "libwbclient: bump version to 0.6 -> 1.0 due to ABI change (removed ↵Michael Adam2011-02-101-10/+3
| | | | | | | | symbols)" This reverts commit 128bed20c4570fa23bea4d0d49deae811a67a624. Undo the library version bump.
* libwbclient: bump version to 0.6 -> 1.0 due to ABI change (removed symbols)Michael Adam2011-01-271-3/+10
|
* libwbclient: remove wbcSetGidHwm() - not implemented any moreMichael Adam2011-01-271-9/+0
|
* libwbclient: remove wbcSetUidHwm() - not implemented any moreMichael Adam2011-01-271-9/+0
|
* libwbclient: remove wbcRemoveGidMapping() - not implemented any moreMichael Adam2011-01-271-10/+0
|
* libwbclient: remove wbcRemoveUidMapping() - not implemented any moreMichael Adam2011-01-271-10/+0
|
* libwbclient: remove wbcSetGidMapping() - not implemented any moreMichael Adam2011-01-271-10/+0
|
* libwbclient: remove wbcSetUidMapping() - not implemented any moreMichael Adam2011-01-271-10/+0
|
* s3: Add wbinfo --dc-infoVolker Lendecke2011-01-191-1/+14
| | | | | | | | | | | | | | | wbinfo --dc-info prints the current DC name and IP address. This helps diagnosing problems that might happen when a later wbinfo --ping-dc fails. This patch started out by using the SAF and NBT cache entires, but those are relatively short-lived. So I decided to invent a new gencache entry with a very long timeout. We need to go via the gencache because when for some reason a winbind child process is stuck, we can't query it for the current DC it's connected to. This must eventually go away again when we have a fully async winbind. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jan 19 08:40:28 CET 2011 on sn-devel-104
* libwbclient: Fixed doxygen errors.Andreas Schneider2010-05-051-3/+4
|
* libwbclient: Add wbcInterfaceDetails_send/recvKai Blin2010-02-111-5/+6
|
* s3: Add wbinfo --ccache-saveVolker Lendecke2010-01-241-0/+10
| | | | | With this command you can give winbind your password for later use by the automatic ntlm_auth
* s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dcVolker Lendecke2009-12-211-0/+14
| | | | | | This just does a NULL RPC call through an existing NETLOGON connection. If someone knows an operation that "just works" and does not return NOT_SUPPORTED, please tell me :-)
* nsswitch: increase libwbclient version after adding wbcChangeTrustCredentials().Günther Deschner2009-10-161-1/+2
| | | | Guenther
* libwbclient: add wbcChangeTrustCredentials.Günther Deschner2009-10-131-0/+11
| | | | Guenther
* s4:wbclient.h - add compatibility constantsMatthias Dieter Wallnöfer2009-10-121-0/+6
| | | | | | This is the result of a discussion on samba-technical on how to deal best with existing programs which don't support my changes in the interface yet. Metze pointed out this "defines" as a possibility and simo and I agreed.
* winbind: adapt the new reject constants also thereMatthias Dieter Wallnöfer2009-10-081-4/+9
| | | | | | Please note: in the past the value "0" was misinterpreted as other error. This isn't true. "0" means no error. Therefore a solution for this one has to found.
* libwbclient: implement secure channel verification for specific domains in ↵Günther Deschner2009-10-071-3/+1
| | | | | | wbcCheckTrustCredentials(). Guenther
* libwbclient: Add wbcSidTypeString function.Kai Blin2009-08-181-1/+11
|
* libwbclient: Fix undocumented arguments doxygen warnings.Günther Deschner2009-04-141-8/+8
| | | | | Guenther (cherry picked from commit f2b3fbf0c04a6f9484853da263174a472eb6bb6d)
View Lorry Controller Status