summaryrefslogtreecommitdiff
path: root/source4/auth
Commit message (Collapse)AuthorAgeFilesLines
* Use common header file for character set handling in Samba 3 and Samba 4.Jelmer Vernooij2009-03-011-16/+20
|
* s4: Use same function signature for convert_* as s3.Jelmer Vernooij2009-03-011-1/+1
|
* Add allow_badcharcnv argument to all conversion function, forJelmer Vernooij2009-03-011-1/+1
| | | | consistency with Samba 3.
* Push sam_get_server_info_principal into the auth subsystemAndrew Bartlett2009-02-138-63/+122
| | | | | | | | | This means it must be accessed via the supplied auth_context in the GENSEC server, and should remove the hard depenceny of GENSEC on the auth subsystem and ldb (allowing LDB not to rely on LDB is considered a good thing, apparently) Andrew Bartlett
* Remove auth/ntlm as a dependency of GENSEC by means of function pointers.Andrew Bartlett2009-02-1310-31/+136
| | | | | | | | | | | When starting GENSEC on the server, the auth subsystem context must be passed in, which now includes function pointers to the key elements. This should (when the other dependencies are fixed up) allow GENSEC to exist as a client or server library without bundling in too much of our server code. Andrew Bartlett
* s4:auth/ntlm: fix c++ warningStefan Metzmacher2009-02-051-1/+1
| | | | metze
* s4:pyauth: fix compiler warningsStefan Metzmacher2009-02-051-1/+1
| | | | metze
* s4:pycredentials: fix compiler warningsStefan Metzmacher2009-02-052-26/+25
| | | | metze
* s4:auth/credentials: the python bindings don't use swig anymoreStefan Metzmacher2009-02-021-4/+2
| | | | metze
* s4:auth: the python bindings don't use swig anymoreStefan Metzmacher2009-02-021-3/+2
| | | | metze
* s4:auth/kerberos: s/private/private_dataStefan Metzmacher2009-02-021-10/+10
| | | | metze
* s4:auth/gensec: s/private/private_dataStefan Metzmacher2009-02-021-10/+10
| | | | metze
* Make schannel not depend on samdb anymore.Simo Sorce2009-02-012-6/+61
|
* s4:auth: try to fix the build on SolarisStefan Metzmacher2009-01-311-0/+1
| | | | | | MAXHOSTNAMELEN comes in via system/network.h now. metze
* Add prototypes required by samba-gtk.Jelmer Vernooij2009-01-251-0/+9
|
* s4:auth: move make_server_info_netlogon_validation() function arroundStefan Metzmacher2009-01-215-147/+141
| | | | metze
* Avoid using a utility header for Python replacements included in Samba,Jelmer Vernooij2009-01-081-1/+5
| | | | since this will not be shipped with talloc/tdb/tevent/etc.
* s3/s4 build: Fix Py_RETURN_NONE to work with python versions < 2.4Tim Prouty2009-01-071-0/+1
|
* py: Properly increase the reference counter of Py_None.Jelmer Vernooij2009-01-061-6/+6
|
* s4:auth/kerberos: convert to tevent_* apiStefan Metzmacher2009-01-032-14/+13
| | | | metze
* s4:socket: use a socket_wrapper aware function to auto close the fd event ↵Stefan Metzmacher2009-01-031-4/+5
| | | | | | for sockets metze
* s4:lib/tevent: rename structsStefan Metzmacher2008-12-2916-67/+67
| | | | | | | | | | | | | | | | | | | | list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
* Rename samba-socket -> samba_socket to fix a couple more compilerJelmer Vernooij2008-12-242-2/+2
| | | | warnings.
* Add missing includes, required for use of gensec by 3rd-partyMatthias Dieter Wallnöfer2008-12-231-0/+3
| | | | applications.
* s4: Always link in auth, as some of the core infrastructure depends on it.Jelmer Vernooij2008-12-221-0/+1
|
* Add header for pyparam.Jelmer Vernooij2008-12-222-7/+2
|
* Fix various Python-related bugs.Jelmer Vernooij2008-12-211-1/+1
|
* Include errors.i verbatim in security.i, as it's the only file still using it.Jelmer Vernooij2008-12-211-4/+2
|
* Convert credentials Python module to "manual" C - no SWIG used to generateJelmer Vernooij2008-12-216-4719/+350
| | | | the C code.
* Convert auth python module to "plain" C rather than using SWIG.Jelmer Vernooij2008-12-216-3348/+131
|
* s4:lib/socket: socket_connect_send() and socket_connect_ev() should only ↵Stefan Metzmacher2008-12-181-2/+1
| | | | | | wrok with addresses metze
* s4: fix LIBEVENTS dependencies and use more forward declarationsStefan Metzmacher2008-12-172-1/+3
| | | | | | | We should only include events.h where we really need it and prefer forward declarations of 'struct event_context' metze
* s4:kdc: allow a trusted domain to get kerberos ticketsStefan Metzmacher2008-12-043-7/+11
| | | | metze
* s3/s4 build: Fix execinfo and sasl build error when the libs/headers are in ↵Tim Prouty2008-11-181-1/+5
| | | | | | | non-standard locations. These configure checks have the correct flags at configure time, so let's pass them through so they are used at compile time.
* Fix the build.Jelmer Vernooij2008-11-023-19/+43
|
* Remove use of global_loadparm for disabled gensec backends.Jelmer Vernooij2008-11-023-4/+25
|
* Remove another use of global_loadparm.Jelmer Vernooij2008-11-021-0/+1
| | | | | | Eventually, we should move some of these parameters into a separate struct (perhaps into smb_transport_options?), to avoid the long lists of parameters.
* Fix the build.Jelmer Vernooij2008-11-022-2/+3
|
* Add gensec_settings structure. This wraps loadparm_context for now, butJelmer Vernooij2008-11-029-77/+98
| | | | should in the future only contain some settings required for gensec.
* Remove two debug parameters, not used anywhere.Jelmer Vernooij2008-11-021-6/+2
| | | | | Andrew, I was pretty sure these could be removed but if not, please let me know.
* Remove another use of global_loadparm.Jelmer Vernooij2008-11-021-0/+1
|
* Remove unused argument iconv_convenience.Jelmer Vernooij2008-11-014-8/+1
|
* Remove use of lp_*() from ntlm_check.c.Jelmer Vernooij2008-11-013-16/+18
|
* Remove unused include param/param.h.Jelmer Vernooij2008-10-243-3/+0
|
* Remove iconv_convenience argument from convert_string{,talloc}() butJelmer Vernooij2008-10-241-1/+1
| | | | make them wrappers around convert_string{,talloc}_convenience().
* Eliminate another instance of global_loadparm.Jelmer Vernooij2008-10-241-0/+2
|
* Remove iconv_convenience parameter from simple string push/pullJelmer Vernooij2008-10-245-14/+7
| | | | functions.
* Make sure prototypes are always included, make some functions static andJelmer Vernooij2008-10-2014-16/+14
| | | | remove some unused functions.
* Create a 'straight paper path' for UTF16 passwords.Andrew Bartlett2008-10-161-1/+1
| | | | | | | | | | | | | | | | | | | | | This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
* Remove unused variable.Jelmer Vernooij2008-10-151-1/+0
|
View Lorry Controller Status