7ff7eb0b52
s3-build: only include nsswitch header where needed.
...
Guenther
2010-08-26 00:20:28 +02:00
ce2a086119
s3-popt: Only include popt-common.h when needed.
2010-08-05 12:08:31 +02:00
e7a6a3ec0d
s3: avoid global include of ads.h.
...
Guenther
2010-08-05 00:32:02 +02:00
26f1218a36
s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys
2010-07-20 20:02:09 -04:00
cdcdaaa6dd
s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.
...
All the members are children of ntlmssp_state anyway.
Signed-off-by: Andrew Bartlett <abartlet@samba.org >
2010-07-19 14:19:47 +10:00
ebae21f023
ntlmssp: Make the ntlmssp.h from source3/ a common header
...
The code is not yet in common, but I hope to fix that soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org >
Signed-off-by: Günther Deschner <gd@samba.org >
2010-05-31 15:10:56 +02:00
1d2dd47d31
s3-crypto: only include crypto headers when crypto is done.
...
Guenther
2010-05-18 00:44:27 +02:00
454b0b3f20
s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA
...
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.
This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org >
2010-05-11 22:52:37 +02:00
e968db6739
s3 ntlm_auth: Don't malloc data that will be talloc_free()d
...
This fixes bug #7290
Thanks to Mohan <mohann@silver-peak.com > for the bug report.
2010-03-26 13:43:21 -07:00
dee63fe4ca
s3:ntlmssp: use client.netbios_name instead of workstation
...
metze
Signed-off-by: Günther Deschner <gd@samba.org >
2010-03-24 17:34:56 +01:00
ca2a5693bf
s3:ntlmssp: rename void *auth_context; into void *callback_private;
...
metze
Signed-off-by: Günther Deschner <gd@samba.org >
2010-03-24 17:34:55 +01:00
7c0ea293f9
s3:ntlmssp: remove unused get_global_myname() and get_domain() from ntlmssp_state
...
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org >
2010-03-24 17:34:55 +01:00
7d977da925
s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them
...
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org >
2010-03-24 17:34:55 +01:00
eb17809812
s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state
...
Inspired by the NTLMSSP merge work by Andrew Bartlett.
metze
Signed-off-by: Günther Deschner <gd@samba.org >
2010-03-24 17:34:54 +01:00
fd1b6bdef9
s3: Fix some nonempty blank lines
2010-01-10 20:56:16 +01:00
802e9328ed
s3:ntlmssp: only include ntlmssp.h where actually needed
...
Andrew Bartlett
2009-12-22 21:07:53 +01:00
5b37cd23bf
s3:ntlmssp: remove the typedef NTLMSSP_STATE
...
Andrew Bartlett
2009-12-22 21:07:53 +01:00
04f8c229de
s3-kerberos: only use krb5 headers where required.
...
This seems to be the only way to deal with mixed heimdal/MIT setups during
merged build.
Guenther
2009-11-27 16:36:00 +01:00
43ed7a413d
ntlm_auth: use data_blob_talloc() to allocate session key
...
Thanks to Shibu Piriyath <shibunair80@ymail.com > for spotting the issue.
2009-11-21 07:29:33 +01:00
60bf0eb607
s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg.
...
Guenther
2009-11-06 13:31:17 +01:00
f8dae40fc8
spnego: Support ASN.1 BIT STRING and use it in SPNEGO.
...
Signed-off-by: Günther Deschner <gd@samba.org >
2009-09-17 20:10:54 +02:00
503d035814
spnego: share spnego_parse.
...
Guenther
2009-09-17 01:12:20 +02:00
8c7a579bdc
s3: set winbindd request flags in ntlm_auth to make it contact trusted domain when krb5 auth is enabled
...
Signed-off-by: Bo Yang <boyang@samba.org >
2009-05-22 02:03:32 +08:00
32062013c3
s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIs
2009-04-14 19:33:04 +10:00
baf7274fed
Make Samba3 use the new common libcli/auth code
...
This is particuarly in the netlogon client (but not server at this
stage)
2009-04-14 16:23:44 +10:00
f28f113d8e
Rework Samba3 to use new libcli/auth code (partial)
...
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
2009-04-14 16:23:35 +10:00
97af7f1ed1
Add some harmless use of talloc_tos() in ntlm_auth
2009-04-14 12:54:12 +10:00
574a6a8c35
s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context
...
Signed-off-by: Günther Deschner <gd@samba.org >
2009-04-07 13:25:36 +02:00
5b6c428763
Fix an uninitialized variable, introdued with 4d100f2f
2009-02-13 12:15:04 +01:00
6e19b22c5a
Fix Coverity ID 744
...
This was marked as a resource leak. This change makes the code a bit clearer
that we always free error_string.
2009-02-13 10:20:51 +01:00
4d100f2f6a
Fix Coverity ID 745 (RESOURCE_LEAK)
2009-02-13 10:20:45 +01:00
9d4d2f70cb
S3: Fixes for coverity issues.
2009-02-10 14:43:14 -08:00
8fc15ab96d
remove the explicit mem_ctx from ntlmssp_state, use the state itself
2008-11-30 17:15:19 +01:00
7d8787c915
ntlm_auth: Put huge NTLMv2 blobs into extra_data on CRAP auth.
...
This fixes bug #5865
2008-11-10 12:50:02 +01:00
f3f9446ec1
Rename hex_encode to hex_encode_talloc,for consistency with samba 4 and heimdal.
2008-10-18 16:16:57 +02:00
abe1431ad3
Remove external refs to winbindd_fd
...
(This used to be commit 18bf2b2028
2008-04-06 12:27:08 +02:00
b6ab1c4061
ntlm_auth: Improve compliance to the Squid helper protocol
...
This fixes bug #4235 .
Patch from Pawel Worach <pawel.worach@gmail.com > with some linebreaks
added by me.
Also fix one BH message that the original patch didn't fix.
(This used to be commit 098380760d
2008-03-19 23:49:43 +01:00
76de025c72
winbind: use a struct element for WBFLAG_PAM_UNIX_NAME
...
To not conflict with WBFLAG_PAM_INFO3_TEXT.
This should fix pam_winbind.
metze
(This used to be commit 1b8ed6c0ff
2008-02-28 23:00:42 +01:00
965774fa8f
Fix some more callers of PAC_DATA.
...
Guenther
(This used to be commit ea609d1b0e
2008-02-17 02:12:00 +01:00
a8209904a5
ntlm_auth: Parse configfile after parsing it's location, not before.
...
(This used to be commit cf671ca35b
2008-01-31 09:42:18 +01:00
b133f5ac0a
ntlm_auth: Get rid of statics in manage_squid_ntlmssp_request
...
(This used to be commit 97768628f5
2008-01-19 13:16:24 +01:00
4b05fd29e6
ntlm_auth: Rewrite manage_client_ntlmssp_request without statics.
...
(This used to be commit af43842622
2008-01-19 13:16:24 +01:00
40db1a1625
nltm_auth: Use struct ntlm_auth_state in helper functions.
...
Now rewriting the helpers one after the other can start.
(This used to be commit 2479a0c3ad
2008-01-19 13:16:24 +01:00
83f30d72e0
ntlm_auth: Prepare for a deeper rewrite of the helper functions
...
(This used to be commit f8243d1913
2008-01-19 13:16:24 +01:00
f22a29e1bd
ntlm_auth: Dynamically allocate the read buffer.
...
This ports over my changes from Samba4
(This used to be commit 4a475baf26
2008-01-19 13:16:23 +01:00
805caafd44
util_str: Don't return memory from talloc_tos(), use mem_ctx instead.
...
(This used to be commit ab0ee6e9a6
2008-01-19 02:20:16 +01:00
43717a16e2
Fix CID 476. Ensure a valid pac_data pointer is always passed to
...
ads_verify_ticket as it's always derefed.
Jeremy.
(This used to be commit 0599d57eff
2008-01-11 23:53:27 -08:00
7faee02d0d
Remove the char[1024] strings from dynconfig. Replace
...
them with malloc'ing accessor functions. Should save a
lot of static space :-).
Jeremy.
(This used to be commit 52dc5eaef2
2007-12-10 11:30:37 -08:00
adf6d848de
Getting to the home stretch for elimination of pstrings...
...
Jeremy.
(This used to be commit 0411635511
2007-12-03 18:48:41 -08:00
90b8a7c8fe
Add talloc stackframe for ntlm_auth.c
...
Jeremy.
(This used to be commit 6f9c2910bd
2007-11-20 19:17:47 -08:00
