summaryrefslogtreecommitdiff
path: root/source4/utils
Commit message (Collapse)AuthorAgeFilesLines
* man pages: change http://samba.org to https://www.samba.orgBjörn Jacke2016-12-092-3/+3
| | | | | Signed-off-by: Bjoern Jacke <bj@sernet.de> Reviewed-by: Karolin Seeger <kseeger@samba.org>
* ntlm_auth4: Remove itVolker Lendecke2016-11-293-1459/+0
| | | | | | | | | | | | | This had install=False for rather exactly 4 years now. If someone wants to start working on it again, we can always dig it up from the git history. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Nov 29 02:18:37 CET 2016 on sn-devel-144
* lib: Remove global xfile.h includesVolker Lendecke2016-11-201-0/+1
| | | | | | | | | | This makes it more obvious where this legacy code is used Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Nov 20 06:23:19 CET 2016 on sn-devel-144
* lib: Give base64.c its own .hVolker Lendecke2016-05-041-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Make callers of base64_encode_data_blob check for successVolker Lendecke2016-05-041-0/+2
| | | | | | | | | Quite a few callers already did check for !=NULL. With the current code this is pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the callers consistently check, so that we can remove SMB_ASSERT from base64.c. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_authHerwin Weststrate2016-03-111-0/+8
| | | | | | | | | | | | | | | | | | | | | | An implementation of https://lists.samba.org/archive/samba/2012-March/166497.html (which has been discussed in 2012, but was never implemented). It has been tested on a Debian Jessie system with this patch added to the Debian package (which is currently 4.1.17). Even though this is Samba 4, the ntlm_auth installed is the one from Samba 3 (yes, it surprised me too). The backend was a machine with Windows 2012R2. It was first tested with the local security policy 'Network Security: LAN Manager authentication level' setting changed to 'Send NTLMv2 Response Only' (allow ntlm v1). This way we are able to authenticate with and without the MSV1_0_ALLOW_MSVCHAPV2 flag (as expected). After the basic step has been verified, the local security policy 'Network Security: LAN Manager authentication level' setting was changed to 'Send NTLMv2 Response Only. Refuse LM & NTLM' (only allow ntlm v2). The behaviour now changed according to the MSV1_0_ALLOW_MSVCHAPV2 flag (again: as expected). $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= Logon failure (0xc000006d) $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= --allow-mschapv2 NT_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX The changes in `wbclient.h` are intended for programs that use libwinbind directly instead of authenticating via `ntlm_auth`. I intend to use that within FreeRADIUS (see https://bugzilla.samba.org/show_bug.cgi?id=11149). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11694 Signed-off-by: Herwin Weststrate <herwin@quarantainenet.nl> Reviewed-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix various spelling errorsMathieu Parent2015-11-061-1/+1
| | | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104
* ntlm_auth: Remove two uses of hex_encode()Volker Lendecke2015-05-131-10/+8
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Typo: s/preceeded/preceded/Jelmer Vernooij2014-04-141-1/+1
| | | | | | | | | | | Caught by lintian, the Debian package linter :) Change-Id: Ia7162ea8c2b1845155345526b66d71ae64f15227 Reviewed-on: https://gerrit.samba.org/216 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Mon Apr 14 03:51:15 CEST 2014 on sn-devel-104
* s4:ntlm_auth: make use of gensec_update_ev()Stefan Metzmacher2014-03-271-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* oLschema2ldif: Add some NULL checksVolker Lendecke2013-11-111-0/+6
| | | | | | | This should fix Coverity ID 1034812 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org>
* ldb: Do not build libldb-cmdline when using system ldb.Jeroen Dekkers2013-09-102-2/+1
| | | | | | | | | | | | | | Cleanup leftover include and linking of libldb-cmdline in oLschema2ldif. Do not build libldb-cmdline anymore when using the system ldb, oLschema2ldif was the only reason for building libldb-cmdline. Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
* auth/gensec: introduce gensec_internal.hStefan Metzmacher2013-08-101-0/+1
| | | | | | | | | | We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ntlm_auth: make use of cli_credentials_[set_]callback_data*Stefan Metzmacher2013-08-051-4/+6
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ntlm_auth4: Use new samba_getpass() function.Andreas Schneider2012-12-031-1/+7
| | | | Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* docs: man oLschema2ldif: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 29 15:27:45 CET 2012 on sn-devel-104
* docs: man ntlm_auth4: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: Rename man ntlm_auth.Karolin Seeger2012-11-282-38/+38
| | | | | | | | | | | Rename man ntlm_auth to ntlm_auth4. Karolin Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Nov 28 20:41:48 CET 2012 on sn-devel-104
* build: Use ntlm_auth from source3 as the only ntlm_auth installed on the systemAndrew Bartlett2012-11-221-6/+8
| | | | | | | | | | The ntlm_auth4 binary is untested, and is missing major features compared with the source3 binary. The two are being slowly merged, but I have not finished that. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Add test of smbclient --machine-pass against and using both s3 and s4Andrew Bartlett2012-08-281-0/+34
| | | | | | This uses both smbclient binaries to ensure that both work in both environments. Andrew Bartlett
* s4:selftest: change the blackbox.samba_tool_demote test to use a binary ↵Michael Adam2012-05-311-2/+2
| | | | mapping for smbclient
* s4:selftest: change the blackbox.samba_tool test to use a binary mapping for ↵Michael Adam2012-05-311-2/+2
| | | | smbclient
* s4:selftest: determine nmblookup via binary mapping for blackbox test in ↵Michael Adam2012-05-311-4/+2
| | | | tests.py
* olschema2ldif: be more strict where checking for open/closed bracesMatthieu Patou2012-05-051-3/+15
|
* s4:samba-tool fsmo * - fix missing "takes_optiongroups"Matthias Dieter Wallnöfer2012-02-171-0/+2
| | | | | | This has been reported in bug #8755. Reviewed-by: Jelmer
* selftest: Remove unused support for --exeextAndrew Bartlett2012-02-013-5/+5
|
* s4: add blackbox test for the demote functionMatthieu Patou2011-12-051-0/+38
|
* s4:selftest/test_samba_tool.sh - add a basic unit test for the new "domain ↵Matthias Dieter Wallnöfer2011-11-271-5/+8
| | | | | | info" command Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett2011-10-181-3/+3
| | | | | | | | | | | | This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-messaging: Pass the loadparm context, not just the messaging pathAndrew Bartlett2011-10-131-1/+1
| | | | | | This will allow the TDB layer to get at the lp_ctx for tdb options. Andrew Bartlett
* gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett2011-08-031-3/+3
| | | | | | | | | | | | | | | gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
* samba-tool: updated test suite to reflect the move from domainlevel to ↵Giampaolo Lauria2011-07-211-1/+1
| | | | | | | | domain level The test suite needs to reflect the change from domailevel to "domain level" to fit the object-action model Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-modules Remove lp_ctx from init functions that no longer need itAndrew Bartlett2011-06-061-1/+1
| | | | | | | | Now that we don't allow the smb.conf to change the modules dir, many functions that simply load modules or initialise a subsytem that may load modules no longer need an lp_ctx. Andrew Bartlett
* s4-auth Rename auth -> auth4 to avoid conflict with s3 authAndrew Bartlett2011-05-081-1/+1
|
* s4-messaging Rename messaging -> imessagingAndrew Bartlett2011-05-031-2/+2
| | | | | | | This avoid symbol and structure conflicts between Samba3 and Samba4, and chooses a less generic name. Andrew Bartlett
* selftest: Remove duplication between BUILDIR and BINDIRAndrew Bartlett2011-04-162-2/+2
| | | | | | Just have BINDIR, and have it default to ./bin Andrew Bartlett
* lib/crypto: rename the SHA256_ functions to samba_SHA256_Andrew Tridgell2011-04-061-3/+3
| | | | | | | this prevents a symbol duplication with the openssl library, which may be linked in via a secondary library dependency Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* lib/util Move base64 functions into lib/util/base64.cAndrew Bartlett2011-03-301-29/+2
| | | | Andrew Bartlett
* s4-nterr: move auth_nt_status_squash to nt_status_squash and move to nterr.cGünther Deschner2011-03-041-1/+1
| | | | Guenther
* build: moved libcli/auth/ntlmssp*.c into a common libcliauth.so libraryAndrew Tridgell2011-02-241-1/+2
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-auth: rename 'auth' subsystem to 'auth4'Andrew Tridgell2011-02-181-1/+1
| | | | | | | | this prevents conflicts with the s3 auth modules. The auth modules in samba3 may appear in production smb.conf files, so it is preferable to rename the s4 modules for minimal disruption. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* ldb: use #include <ldb.h> for ldbAndrew Tridgell2011-02-101-1/+1
| | | | | | | | thi ensures we are using the header corresponding to the version of ldb we're linking against. Otherwise we could use the system ldb for link and the in-tree one for include Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4-auth Rework auth subsystem to remove struct auth_serversupplied_infoAndrew Bartlett2011-02-091-2/+2
| | | | | | | | | | | | | This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett
* samdb: Lowercase library name.Jelmer Vernooij2010-11-071-1/+1
|
* s4-ldb: fixed build of oLschema2ldifAndrew Tridgell2010-11-011-1/+1
|
* s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2010-10-311-68/+0
| | | | | | | | The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
* s4-ldb: create a private library ldb-cmdlineAndrew Tridgell2010-10-301-1/+1
| | | | this prevents duplicate linking of the cmdline support code
* s4 net: rename to samba-tool in order to not clash with s3 netKai Blin2010-10-2814-3028/+4
| | | | | Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Oct 28 07:25:16 UTC 2010 on sn-devel-104
* waf: Remove lib prefix from libraries manually.Jelmer Vernooij2010-10-262-2/+2
|
* s4: Drop duplicate 'lib' prefix for private libraries.Jelmer Vernooij2010-10-262-2/+2
|
View Lorry Controller Status