sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code
62,630 Commits 60 Branches 1,146 Tags
Commit Graph

746 Commits

Author SHA1 Message Date
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed. 
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
 2010-05-06 00:22:59 +02:00
Volker Lendecke
b1a27e81d7 s3: Apply some const 2010-04-12 21:42:54 +02:00
Matthias Dieter Wallnöfer
1a27343366 s3/s4:netlogon IDL - fix up "struct netr_SamInfo6" regarding the "forest" attribute 
According to MS-NRPC 2.2.1.4.13 this should be the DNS domainname, not the
forest one.
 2010-04-12 18:49:01 +02:00
Volker Lendecke
8e95db9eea s3: Move serverinfo_to_SamInfoX to auth/server_info.c 2010-04-11 22:59:47 +02:00
Volker Lendecke
b8829e74fd s3: Move [make|free]_user_info to auth/user_info.c 2010-04-11 22:59:47 +02:00
Volker Lendecke
18909879cc s3: Move make_server_info_sam to auth/server_info_sam.c 2010-04-11 22:59:47 +02:00
Volker Lendecke
2b1a50c2e5 s3: Move sanitize_username to lib/util_str.c 2010-04-11 22:59:47 +02:00
Volker Lendecke
80708b75f8 s3: Move make_server_info to auth/server_info.c 2010-04-11 22:59:46 +02:00
Volker Lendecke
5792ccc7c8 s3: Move check_sam_security to auth/check_sam.c 2010-04-11 22:59:46 +02:00
Volker Lendecke
04f9e33de1 s3: Make check_sam_security public 2010-04-11 22:59:46 +02:00
Volker Lendecke
a0c175eca9 s3: Replace "auth_context" by "challenge" in need_to_increment_bad_pw_count args 2010-04-11 22:59:45 +02:00
Volker Lendecke
19c0086553 s3: Replace "auth_context" by "challenge" in sam_password_ok args 2010-04-11 22:59:45 +02:00
Volker Lendecke
7ba21a339c s3: Move user_in_group() and create_token_from_username() to token_utils.c 
Goal is to be able to call check_sam_security from winbind
 2010-04-11 22:59:45 +02:00
Volker Lendecke
b0d65f827e s3: Use talloc_stackframe() in user_in_group 2010-04-11 13:53:21 +02:00
Volker Lendecke
9655f63642 s3: Use talloc_stackframe() in user_in_group_sid 2010-04-11 13:53:21 +02:00
Volker Lendecke
9cf448a30e s3: Use talloc_stackframe() in create_token_from_username 2010-04-11 13:53:21 +02:00
Volker Lendecke
3c169c0475 s3: Fix a memleak in user_in_group_sid 2010-04-11 13:53:20 +02:00
Volker Lendecke
a2d1e5e0f7 s3: Remove the make_auth_methods routine 
This was just TALLOC_ZERO_P
 2010-04-11 13:53:19 +02:00
Volker Lendecke
bc619586f2 s3: Fix a typo 2010-04-11 13:53:19 +02:00
Volker Lendecke
c5c40f2648 s3: Make "auth_context" its own talloc parent 
Remove "mem_ctx" from "struct auth_context"
 2010-04-11 13:53:19 +02:00
Volker Lendecke
e35a2f89b2 s3: Fix some nonempty lines 2010-04-11 13:53:18 +02:00
Volker Lendecke
bfeab64ebf s3: Fix a typo 2010-04-09 16:49:49 +02:00
Stefan Metzmacher
dee63fe4ca s3:ntlmssp: use client.netbios_name instead of workstation 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:56 +01:00
Stefan Metzmacher
ca2a5693bf s3:ntlmssp: rename void *auth_context; into void *callback_private; 
metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:55 +01:00
Stefan Metzmacher
eb17809812 s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:54 +01:00
Stefan Metzmacher
eca118614c s3:ntlmssp: replace server_role by a server.is_standalone in ntlmssp_state 
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-03-24 17:34:54 +01:00
Jeremy Allison
12f97c0576 Fix valgrind error when running under share level security. plaintext_password 
is a data blob with a data pointer pointing to an allocation of length zero.

Jeremy.
 2010-03-22 13:05:29 -07:00
Volker Lendecke
48d6ed7cac s3: Fix some nonempty blank lines 2010-02-20 18:59:30 +01:00
Volker Lendecke
185815a647 s3: Remove some calls to memset -- reduces text size by some bytes for me 2010-01-24 14:52:33 +01:00
Michael Adam
8573471154 s3:auth: fix account unlock regression introduced with fix for bug #4347 
By an oversight, the patchset for #4347 made the unlocking of a locked
account after the lockout duration ineffective.
Thanks to Björn for finding this!

Michael
 2010-01-14 15:48:09 +01:00
Michael Adam
444ecac2d2 s3:auth: add comment to nulling out stolen sampass 
Adding this comment makes me think, I could also
have changed make_server_info_sam() talloc_move
instead of talloc_steal, but that would have
changed the signature... Well the comment is a
first step. :-)

Michael
 2010-01-12 16:19:56 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Volker Lendecke
081573091b s3: Remove the typedef for "auth_serversupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
9bb4766bba s3: Remove the typedef for "auth_usersupplied_info" 2010-01-10 20:56:16 +01:00
Michael Adam
dc68982711 s3:auth: don't update the bad pw count if pw is among last 2 history entries 
This conforms to the behaviour of Windows 2003:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx

This is supposed to fixes Bug #4347 .

Michael
 2010-01-07 16:51:18 +01:00
Michael Adam
46111dc4e4 s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation 
This is a preparatory patch for the last part in fixing bug #4347 .

Michael
 2010-01-07 16:51:18 +01:00
Michael Adam
7248873b48 s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account 
Log what went wrongl, and also call pdb_update_sam_account inside
become_root/unbecome_root: do the logging outside.

Michael
 2010-01-07 11:07:57 +01:00
Michael Adam
5ad1b7e0c5 s3:auth:check_sam_security: fix a leading tab/ws mixup 
Michael
 2010-01-07 11:07:57 +01:00
Michael Adam
970317c413 s3:auth:check_sam_security: create (and use) a common exit point 
for use after sam_password_ok() has been called.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
de4fb80bee s3:auth:check_sam_security: null out sampass after it has been stolen. 
So that a later talloc_free would not harm. I could have used
talloc_move instead of talloc steal in make_server_info_sam(),
but this would have required a change of the signature.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
3634859450 s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass 
This is in preparation to extending check_sam_security to also check
against the password history before updating the bad password count.
This way, sam_password_ok can more easily be reused for that purpose.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
c0f404a2e4 s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok() 
This way it is more explicit that there is no allocated data here
that may leak.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
0172587d8d s3:auth:sam_password_ok: fix allocation of a data blob. 
data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but
copies 16 bytes from mem_ctx into the newly allocated data blob.
This can not have been intentional. A blank uint8_t array of
length 16 is allocated by passing NULL instead of mem_ctx.
And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated
blank 16 byte array to mem_ctx - so this is what must have been
intended.

Michael
 2010-01-07 11:07:56 +01:00
Michael Adam
7ac18c743b s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers 
and removing bool variables and several checks.

Michael
 2010-01-07 11:07:55 +01:00
Michael Adam
b5fcb34d6c s3:check_sam_security: untangle assignment from statement 
Michael
 2010-01-07 11:07:55 +01:00
Stefan Metzmacher
c9b6ad2500 s3:ntlmssp: change get_challange() to return NTSTATUS 
metze
 2009-12-29 17:06:22 +01:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Karolin Seeger
71018ebe53 s3:auth: Fix typo in debug message. 
Karolin
 2009-12-07 14:38:18 +01:00
Michael Adam
0ac3c1693c s3:fix a comment typo 
Michael
 2009-11-14 01:28:58 +01:00
Michael Adam
2e3d9abeaf s3:is_trusted_domain: shortcut if domain name == global_sam_name 
A domain can't have a trust with itself.
This saves some roundtrips to the ldap server for ldapsam.

Michael
 2009-11-14 01:28:57 +01:00