samba.git/source3/include/auth.h, branch master Unnamed repository; edit this file 'description' to name the repository. s3:auth: remember make_auth3_context_for_netlogon() was used 2025-04-03T09:36:31+00:00 Stefan Metzmacher metze@samba.org 2025-03-21T16:04:05+00:00 0733cfc636f59328592fd581f33834ad0f41c215 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 auth: Remove the "typedef auth_methods" 2020-01-06T01:47:30+00:00 Volker Lendecke vl@samba.org 2020-01-03T12:47:14+00:00 59cb155a27f21a55bdc588d38c8080cd29562a7e Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
auth: For NTLM and KDC authentication, log the authentication duration 2018-06-25T06:32:14+00:00 Andrew Bartlett abartlet@samba.org 2018-06-10T11:00:34+00:00 1bb2a1c6b3eaccf114ac3f3b5b51f57828a04996 This is not a general purpose profiling solution, but these JSON logs are already being generated and stored, so this is worth adding. Some administrators are very keen to know how long authentication takes, particularly due to long replication transactions in other processes. This complements a similar patch set to log the transaction duration. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
This is not a general purpose profiling solution, but these JSON logs are already being
generated and stored, so this is worth adding.

Some administrators are very keen to know how long authentication
takes, particularly due to long replication transactions in other
processes.

This complements a similar patch set to log the transaction duration.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token() 2018-03-15T20:54:17+00:00 Stefan Metzmacher metze@samba.org 2018-03-02T16:07:11+00:00 a2a289d0446fedb4ea40834b5b5b190fdca30906 We only need to adjust sanitized_username in order to keep the same behaviour. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
We only need to adjust sanitized_username in order to keep the same behaviour.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
s3:auth: remove unused auth_serversupplied_info->system 2018-03-15T20:54:16+00:00 Stefan Metzmacher metze@samba.org 2018-03-01T17:05:28+00:00 28ad1306b880a44824ee956a19656ac29581a1b9 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *) 2017-04-21T23:17:00+00:00 Jeremy Allison jra@samba.org 2017-04-20T19:24:43+00:00 306783d6f5d577a0b8bd31d659d8c802f22f0333 Not currently used - no logic changes inside. This will make it possible to pass down a long-lived talloc context from the loading function for modules to use instead of having them internally all use talloc_autofree_context() which is a hidden global. Updated all known module interface numbers, and added a WHATSNEW. Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144 
Not currently used - no logic changes inside.

This will make it possible to pass down a long-lived talloc
context from the loading function for modules to use instead
of having them internally all use talloc_autofree_context()
which is a hidden global.

Updated all known module interface numbers, and added a
WHATSNEW.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Böhme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
s3-auth: Clarify the role and purpose of the auth_serversupplied_info->security_token 2017-03-29T00:37:26+00:00 Andrew Bartlett abartlet@samba.org 2017-02-28T22:23:28+00:00 dc43000c0e15638cb4bc56ef8bbf6a50e681bb5a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
auth: Provide a way to use the auth stack for winbindd authentication 2014-06-11T08:18:26+00:00 Andrew Bartlett abartlet@samba.org 2014-03-26T23:58:05+00:00 597d2a7a29f768f51cbcbc13de56a4dc349e20e4 This adds in flags that allow winbindd to request authentication without directly calling into the auth_sam module. That in turn will allow winbindd to call auth_samba4 and so permit winbindd operation in the AD DC. Andrew Bartlett Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
This adds in flags that allow winbindd to request authentication
without directly calling into the auth_sam module.

That in turn will allow winbindd to call auth_samba4 and so permit
winbindd operation in the AD DC.

Andrew Bartlett

Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
auth: Allow auth_samba4 to be forced to run a specific auth module 2014-05-16T08:23:26+00:00 Andrew Bartlett abartlet@samba.org 2014-05-16T02:29:43+00:00 6c37cd65445f3acf4f41f375017ae7f5f1e34bde This will allow new tests to be written to validate winbindd authentication results Andrew Bartlett Change-Id: I008eba1de349b17ee4eb9f11be08338557dffecc Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
This will allow new tests to be written to validate winbindd authentication results

Andrew Bartlett

Change-Id: I008eba1de349b17ee4eb9f11be08338557dffecc
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
auth: Remove .get_challenge (only used for security=server) 2012-07-02T22:13:01+00:00 Andrew Bartlett abartlet@samba.org 2012-06-30T08:30:57+00:00 eba87995145b0e14672c1f6993f7aa3422d62541 With NTLMSSP, for NTLM2 we need to be able to set the effective challenge, so if we ever did use a module that needed this functionlity, we would downgrade to just NTLM. Now that security=server has been removed, we have no such module. This will make it easier to make the auth subsystem async, as we will not need to consider making .get_challenge async. Andrew Bartlett 
With NTLMSSP, for NTLM2 we need to be able to set the effective challenge,
so if we ever did use a module that needed this functionlity, we would
downgrade to just NTLM.

Now that security=server has been removed, we have no such module.

This will make it easier to make the auth subsystem async, as we will
not need to consider making .get_challenge async.

Andrew Bartlett