1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

109 Commits

Author SHA1 Message Date
Andrew Bartlett
70211ea6a3 s3:auth Change winbindd -> auth interface to more standard structures
This removes conversions to and from the source3 varient of the
server_info structure when replaced in s3compat, and presents a tidier
interface to winbindd in any case.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-14 11:58:13 +10:00
Andrew Bartlett
23994e1b53 s3:auth Make Samba3 use the new common struct auth_usersupplied_info
This common structure will make it much easier to produce an auth
module for s3compat that calls Samba4's auth subsystem.

In order the make the link work properly (and not map twice), we mark
both that we did try and map the user, as well as if we changed the
user during the mapping.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-14 11:58:13 +10:00
Günther Deschner
257a1f1097 s3-krb5: include krb5pac.h where needed.
Guenther
2010-08-06 15:43:37 +02:00
Günther Deschner
e7a6a3ec0d s3: avoid global include of ads.h.
Guenther
2010-08-05 00:32:02 +02:00
Jeremy Allison
b7f029016a We should be using the winbindd separator in this case, not hardcoding a \\ value.
Jeremy.
2010-07-29 13:54:22 -07:00
Günther Deschner
0da5e15378 s3-winbindd: route samr chgpwd ops for own domain over internal samr pipe as well.
Guenther
2010-07-07 16:49:26 +02:00
Günther Deschner
bcd4077be6 s3: remove unused librpc/ndr/sid.c.
Guenther
2010-06-03 01:07:17 +02:00
Günther Deschner
2807ab358e s3-samr: move chgpasswd.c out of smbd and into the samr server.
Guenther
2010-05-26 22:17:02 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21 10:39:59 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h
Guenther
2010-05-18 21:42:37 +02:00
Günther Deschner
3f2719c202 s3-rpc_client: move protos to cli_samr.h
Guenther
2010-05-18 21:42:32 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
1d2dd47d31 s3-crypto: only include crypto headers when crypto is done.
Guenther
2010-05-18 00:44:27 +02:00
Günther Deschner
3b529d50be s3-rpc_misc: clean out include/rpc_misc.h.
Well known rids don't really belong into an rpc header, just use the ones
defined in security.idl.

Guenther
2010-05-18 00:44:26 +02:00
Andrew Bartlett
454b0b3f20 s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.

This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-11 22:52:37 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed.
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
2010-05-06 00:22:59 +02:00
Volker Lendecke
685b4625bc s3: Fix the code order in append_auth_data
This is to comply with the comment

"currently, anything from here on potentially overwrites extra_data."

Günther, please check!
2010-05-02 15:15:56 +02:00
Volker Lendecke
7099a3c446 s3: Allow pdb password change using WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP 2010-04-23 23:41:05 +02:00
Volker Lendecke
6eec46ec44 s3: replace some data_blob_talloc by data_blob_const 2010-04-23 23:41:04 +02:00
Volker Lendecke
f2f0fed8aa s3: Convert WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP to the new async API 2010-04-23 23:41:04 +02:00
Volker Lendecke
56b4aa3266 s3: Move the in-memory ccache to the parent
None of this blocks, so there is no reason to keep this in
a winbind child process
2010-04-19 14:27:24 +02:00
Volker Lendecke
9d0629d155 s3-winbind: Allow changing the password for pdb 2010-04-19 14:27:20 +02:00
Volker Lendecke
45eeed2893 s3: Convert WINBINDD_PAM_LOGOFF to the new async API 2010-04-19 14:27:20 +02:00
Volker Lendecke
518a4f5423 s3: Convert WINBINDD_PAM_CHAUTHTOK to the new async API 2010-04-19 14:27:20 +02:00
Volker Lendecke
d869e7a0d8 s3: Convert WINBINDD_PAM_AUTH_CRAP to the new async API 2010-04-19 14:27:19 +02:00
Volker Lendecke
61ec0f571a s3: Convert WINBINDD_PAM_AUTH to the new async API 2010-04-19 14:27:19 +02:00
Volker Lendecke
577bceb19b s3-winbind: Authenticate SAM users 2010-04-13 21:21:34 +02:00
Volker Lendecke
59d68899c4 s3: Use sizeof(chal) instead of a constant 2010-04-11 15:28:39 +02:00
Volker Lendecke
b91484a1a0 s3: Cosmetics -- I could not spot where "chal" was initialized 2010-04-11 11:15:44 +02:00
Volker Lendecke
f73e480e19 s3: Remove domain selection from dual_pam_auth
We're in a child, the parent already has chosen the domain by
picking the right child to connect to.

Metze, you've done work on winbind lately, so it goes to you:

Please check :-)
2010-04-10 22:42:25 +02:00
Volker Lendecke
3475c61179 s3: Ensure NULL termination before printing in winbindd_pam_logoff 2010-04-01 16:34:01 +02:00
Volker Lendecke
64c564291d s3: Fix a typo in winbindd_pam_logoff 2010-04-01 15:14:09 +02:00
Volker Lendecke
0e3f031e59 s3: Fix an error message in winbindd_pam_chauthtok() 2010-03-31 22:07:39 +02:00
Volker Lendecke
15d58f688f s3: Ensure null termination in winbindd_pam_chauthtok() 2010-03-31 22:07:38 +02:00
Volker Lendecke
6d9b2e62cb s3: Make check_info3_in_group static 2010-03-31 21:03:07 +02:00
Volker Lendecke
cf4a8f7639 s3-winbind: Make append_auth_data() static 2010-03-31 21:03:06 +02:00
Stefan Metzmacher
4c6cde99c0 s3:winbindd: correctly retry if the netlogon pipe gets disconnected during a logon call
This fixes hopefully the last part of bug #7295.

metze
2010-03-29 22:15:13 +02:00
Lars Müller
94074eb2e6 s3: go straight to winbindd_dual_pam_auth() in case of !NT_STATUS_OK
At the formerly used process_result statement we have alone one
NT_STATUS_IS_OK() which never could be hit in our case as we only go here
if NT_STATUS_EQUAL is not ok.
2010-02-17 19:00:01 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Günther Deschner
04f8c229de s3-kerberos: only use krb5 headers where required.
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.

Guenther
2009-11-27 16:36:00 +01:00
Günther Deschner
3d679a3b5f s3-rpc: Avoid including every pipe's client and server stubs everywhere in samba.
Guenther
2009-11-26 20:03:17 +01:00
Günther Deschner
5e26622510 s3-kerberos: add impersonate_principal for kerberos_return_pac_X calls.
Guenther
2009-11-06 12:44:15 +01:00
Bo Yang
dde1c42003 s3: Fix kerberos refresh chain.
Signed-off-by: Bo Yang <boyang@samba.org>
2009-11-06 08:24:51 +08:00
Jeremy Allison
1c1a883bd0 Fix the build, missing ->.
Jeremy.
2009-10-14 12:36:02 -07:00
Jeremy Allison
ce4542fbde Final part of fix for bug 6793 - winbindd crash with "INTERNAL ERROR: Signal 6"
Don't use mapped_user uninitialized.
Jeremy.
2009-10-14 11:16:03 -07:00
Volker Lendecke
db29d3eb40 s3:winbind: Fix bug 6793 -- segfault in winbindd_pam_auth 2009-10-14 11:14:57 -07:00
Matthias Dieter Wallnöfer
607ceff234 s3/s4 - Adapt the IDL changes on various locations 2009-10-08 09:50:19 +02:00
Volker Lendecke
80ef513e90 s3:winbind: remove a pointless initialization 2009-09-28 19:50:51 +02:00
Volker Lendecke
dc8538b405 s3:winbind: Make check_info3_in_group, sanitize its memory handling 2009-09-28 17:54:20 +02:00
Volker Lendecke
f18d0b036c s3:winbind: Make "check_request_flags" publically available 2009-09-28 17:54:20 +02:00