1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00

66 Commits

Author SHA1 Message Date
Andrew Bartlett
d7ce127de9 auth: Remove support for HAVE_TRUNCATED_SALT from pass_check.c
The comments indicate that this was needed for HP-UX at one point, but
the configure code was never ported to WAF.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Apr 15 12:32:09 CEST 2014 on sn-devel-104
2014-04-15 12:32:09 +02:00
Andrew Bartlett
634cc8fdff auth: Remove USE_BOTH_CRYPT_CALLS block from pass_check.c
This code is dead since the move to the WAF build system, but was set
for HP-UX 9, 10 and 11 in the autoconf build system.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
6e8eb60545 auth: Remove linux_bigcrypt support from pass_check.c
This is dead code, and probably has been for quite some time.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
e731655f09 auth: Remove support for plaintext auth on systems that use getprpwnam()
The WAF build does not have the code to detect getprpwnam, so this is
dead code.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
cec833063e auth: Remove plaintext OSF1 password support
The WAF build does not have the code to detect getprpwnam on which
this is based, and so this is dead code.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
3fa67e6346 auth: Remove afs_auth() from pass_check.c and s4's auth_unix
The waf build does not have code to detect support for AFS plaintext
authentication, so this is dead code.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
94f0716fff auth: Remove dfs_auth() from pass_check.c and s4's auth_unix
The waf build has no logic to detect DCE/DFS, so this plaintext
authentication mechanism is dead code.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
f5cff44713 auth: Remove unused PASSWORD_LENTH macro from pass_check.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
6478b6f669 auth: Remove static variable ths_user from password_check() code
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-15 10:13:12 +02:00
Andrew Bartlett
26279a9698 auth: Remove "password level"
We now only lowercase the password, we do not attempt to find another case
combination that the password might be in.

This option is already depricated, so it is now time to remove it.

Andrew Bartlett

Reviewed-by: Simo Sorce <idra@samba.org>
2013-06-11 08:35:21 -04:00
Jeremy Allison
b70f23c2b5 Correctly check for errors in strlower_m() returns. 2012-08-09 12:08:18 -07:00
Jelmer Vernooij
c0288e0612 lib/util: Remove obsolete sys_getpid() and sys_fork().
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
2012-03-24 21:55:40 +01:00
Jeremy Allison
ee34c25c8a First part of fix for bug 8310 - toupper_ascii() is broken on big-endian systems
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);

and replace with their _m equivalents, as they are identical.
2011-07-19 13:19:29 -07:00
Jeremy Allison
02af307585 More simple const fixes. 2011-05-05 23:56:07 +02:00
Günther Deschner
fbd0ff69ec s3: try to fix the build on some non-linux buildfarm machines.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Mar 30 11:39:31 CEST 2011 on sn-devel-104
2011-03-30 11:39:31 +02:00
Günther Deschner
7e73214ebf s3-auth: use auth.h where needed.
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
28b4b05938 s3-includes: move some chgpasswd related defines to the locations where they are used.
Guenther
2011-02-22 21:52:19 +01:00
Volker Lendecke
92fd03c5f0 s3: Lift smbd_server_fd() from pass_check() 2010-08-28 11:12:13 +02:00
Volker Lendecke
a3995ef31c s3: Lift smbd_server_fd() from password_check() 2010-08-28 11:12:13 +02:00
Volker Lendecke
2257a0cd86 s3: Fix some nonempty blank lines 2010-08-28 11:12:13 +02:00
Volker Lendecke
9322fa4077 s3: Lift smbd_server_fd() from smb_pam_passcheck 2010-08-27 21:59:09 +02:00
Volker Lendecke
619c348ba3 s3: Pass "private_data" through string_combinations() 2010-08-27 21:10:14 +02:00
Andreas Schneider
66b6a8cf62 s3-auth: Remove obsolete 'update encrypted' option. 2010-08-16 12:48:27 +02:00
Andrew Bartlett
23994e1b53 s3:auth Make Samba3 use the new common struct auth_usersupplied_info
This common structure will make it much easier to produce an auth
module for s3compat that calls Samba4's auth subsystem.

In order the make the link work properly (and not map twice), we mark
both that we did try and map the user, as well as if we changed the
user during the mapping.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-14 11:58:13 +10:00
Jeremy Allison
5bfe3c49a1 Correctly define prototypes for accessor functions.
Jeremy.
(This used to be commit 299ea5d122e173adf6edb6399fc90798747b0c97)
2007-12-17 17:13:31 -08:00
Jeremy Allison
2b0a570c77 More static fstring removal.
Jeremy.
(This used to be commit dcf624aa02cf7415a4a55e6d45606e813ae6b91f)
2007-12-17 17:02:48 -08:00
Jeremy Allison
d07eabcb44 Remove pstring from auth/*
Jeremy.
(This used to be commit 72c19d114b40ee307bbe45d9828667165a26d7a3)
2007-11-14 10:37:18 -08:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-18 17:40:25 -07:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10 12:28:20 -05:00
Jeremy Allison
a1e0a0e928 r16230: Fix Klocwork and others. localtime and asctime
can return NULL. Ensure we check all returns correctly.
Jeremy.
(This used to be commit 6c61dc8ed6d84f310ef391fb7700e93ef42c4afc)
2007-10-10 11:17:26 -05:00
Jeremy Allison
5a4881bf39 r12522: Try and fix bug by removing setlocale(LC_ALL, "C")
and replace calls to isupper/islower/toupper/tolower with
ASCII equivalents (mapping into _w variants).
Jeremy.
(This used to be commit c2752347eb2deeb2798c580ec7fc751a847717e9)
2007-10-10 11:05:58 -05:00
Tim Potter
8f49721fef r2899: Change some #if DEBUG_PASSWORD's to #ifdef DEBUG_PASSWORD.
Bugzilla .
(This used to be commit 1327d83d902b6a39096d387d734e73d85ed53f85)
2007-10-10 10:52:56 -05:00
Jeremy Allison
ce72beb2b5 Removed strupper/strlower macros that automatically map to strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 19:11:31 +00:00
Andrew Bartlett
8a20407442 Cleanups: (merge from HEAD)
- use safe_strcpy() instead of pstrcpy() for malloc()ed strings

 - CUPS: a failure in an attempt to automaticly add a printer is not level 0 stuff.

 - Fix up a possible Realloc() failure segfault

Andrew Bartlett
(This used to be commit c1cfc296c2efdb2b5972202146e80f0e3b6a3da4)
2003-02-10 11:47:21 +00:00
Andrew Bartlett
ad8a22e570 Updates from Samba HEAD:
- Fix segfaults in the 'net ads' commands when no password is provided
 - Readd --with-ldapsam for 2.2 compatability.  This conditionally compiles the
   old options, but the actual code is available on all ldap systems.
 - Fix shadow passwords (as per work with vl)
 - Fix sending plaintext passwords to unicode servers (again vl)
 - Add a bit of const to secrets.c functions
 - Fix some spelling and grammer by vance.
 - Document the -r option in smbgroupedit.

There are more changes in HEAD, I'm only merging the changes I've been involved
with.

Andrew Bartlett
(This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
2002-10-01 13:10:57 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 10:35:28 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-30 06:08:46 +00:00
Andrew Bartlett
c311d24ce3 A nice *big* change to the fundemental way we do things.
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps
them around for a long time - often past the next call...

This adds a getpwnam_alloc and a getpwuid_alloc to the collection.

These function as expected, returning a malloced structure that can be
free()ed with passwd_free(&passwd).

This patch also cuts down on the number of calls to getpwnam - mostly by
taking advantage of the fact that the passdb interface is already
case-insensiteve.

With this patch most of the recursive cases have been removed (that I know
of) and the problems are reduced further by not using the sys_ interface
in the new code.  This means that pointers to the cache won't be affected.
(This is a tempoary HACK, I intend to kill the password cache entirly).

The only change I'm a little worried about is the change to
rpc_server/srv_samr_nt.c for private groups.  In this case we are getting
groups from the new group mapping DB.  Do we still need to check for private
groups?  I've toned down the check to a case sensitve match with the new code,
but we might be able to kill it entirly.

I've also added a make_modifyable_passwd() function, that copies a passwd
struct into the form that the old sys_getpw* code provided.  As far as I can
tell this is only actually used in the pass_check.c crazies, where I moved
the final 'special case' for shadow passwords (out of _Get_Pwnam()).

The matching case for getpwent() is dealt with already, in lib/util_getent.c

Also included in here is a small change to register the [homes] share at vuid
creation rather than just in one varient of the session setup.  (This picks
up the SPNEGO cases).  The home directory is now stored on the vuid, and I
am hoping this might provide a saner way to do %H substitions.

TODO:  Kill off remaining Get_Pwnam_Modify calls (they are not needed), change
the remaining sys_getpwnam() callers to use getpwnam_alloc() and move
Get_Pwnam to return an allocated struct.

Andrew Bartlett
(This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-17 08:45:58 +00:00
Andrew Bartlett
7de42a4faf Remove built-in support for clear-text kerberos authentication.
This should remove some confusion from the ./configure, but does not affect the
'real' kerberos support currently residing in smbd/sesssetup.c.

This code is vunerable to a spoofed KDC, and is best replaced by --with-pam and
the pam_krb5 module.  This module includes measures to prevent such spoofing.

Andrew Bartlett
(This used to be commit 3235880b41ee5dd5ef171195489fb9254f5d89b0)
2001-11-11 10:42:07 +00:00
Jeremy Allison
c416ff851b Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-18 20:15:12 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-10-02 04:29:50 +00:00
Andrew Bartlett
fa6713bf8b Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire!
Add the ability for swat to run in non-root-mode (ie non-root from inetd).
 - we still need some of the am_root() calls fixed however.
(This used to be commit 2c2317c56ee13abdbdbc866363c3b52dab826e3c)
2001-09-20 13:15:35 +00:00
Andrew Bartlett
6adafe50d4 Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c by
simply not doing Get_Pwnam() calls in pass_check.c

We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter
what it returns.  We also no longer run the password cracker for these logins.

The truly parinod will note the slight difference in call paths, in that we only
call crypt for valid password structs (if not --with-pam).  The truly parinoid
don't run SWAT either, so I don't think this is an issue.

Andrew Bartlett
(This used to be commit 9020d884935243f28c19cedc88f076f0709e12cb)
2001-09-19 05:26:11 +00:00
Andrew Tridgell
19fea3242c the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-09-04 07:13:01 +00:00
Jeremy Allison
58ed70f378 Fixed silly typo.
Jeremy.
(This used to be commit 6ee2b41429e43f6a9a58eba3cb01b952be3d5ca5)
2001-08-30 20:09:49 +00:00
Jeremy Allison
8debe5b629 Fix from Paul Green to set correct lengths.
Jeremy.
(This used to be commit 52b9b6d519c38b2a3e524d098a09fb996e8a2047)
2001-08-30 19:16:56 +00:00
Andrew Tridgell
b031af348c converted another bunch of stuff to NTSTATUS
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-27 19:46:22 +00:00
Andrew Bartlett
5b8d230e39 This removes unused paramaters from various authtication functions, and should
not change behaviour.

This should make my later diffs smaller, where I actualy start cleaning up this
mess...

Andrew Bartlett
(This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c)
2001-07-08 14:10:30 +00:00
Jeremy Allison
5197ccfef4 Added Andrew Bartlett's fixes to my changes to his original patch (at the
court of king caractacus, was just passing by... :-).
Jeremy.
(This used to be commit acc3e7a057ad7fb0c2fb1cafff0c623ec0524d04)
2001-05-01 17:19:42 +00:00