summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r1418: Merge Samba 3.0's recent kerberos changes into Samba4. None of thisAndrew Bartlett4-134/+291
is used yet. Andrew Bartlett (This used to be commit 7596f311c9a18314716f64476030ce3dfcdd98bb)
2007-10-10r1409: if we have no user name don't use extended securityStefan Metzmacher2-1/+2
the capabilities in the union smb_sesssetup should be used to decide if we can use extented security metze (This used to be commit e3760fcc17cc645d942f0fc7f7325976391309ea)
2007-10-10r1406: I got spnego in the smb client workingStefan Metzmacher2-1/+4
so I set 'use spnego = True' metze (This used to be commit e06898f88c82c286574f9d73de1a9de829b1ded8)
2007-10-10r1403: commit volkers initial RAP torture testStefan Metzmacher4-1/+651
we'll try to autogenerate the specific calls in future by pidl and create a new subsystem for the rap lib after that the server side will be added metze (This used to be commit f1bbde6bb4790f915c1fdbb53f6452c5ea454936)
2007-10-10r1402: we should prompt for a password if it's not given by -UStefan Metzmacher1-1/+0
metze (This used to be commit acde1358c940ed159a67e433e662c255103a1a02)
2007-10-10r1377: add examples for config.mk sectionsStefan Metzmacher1-0/+49
so you want/need to use the new build system just look at the top of build/smb_build/public.m4 and look at the examples in the rest of the tree metze (This used to be commit afe2efd1437a7951d2ed6fcf7b4e06fdd4b95beb)
2007-10-10r1374: Fix signed/unsigned warnings (actually found by g++) after unsigned intTim Potter10-46/+56
changes in r1018. (This used to be commit 45b4016530fc0bfa13146f73a503866b5dbed517)
2007-10-10r1372: Remove the 'default' case from the SPENGO state machine, and fix upAndrew Bartlett1-6/+6
some compiler warnings that allowed us to see. Andrew Bartlett (This used to be commit 1a6c2018dd49519e6fccdd5a7f35d70b67d45275)
2007-10-10r1367: SPNEGO know uses gensec_subcontext_start() in all placesStefan Metzmacher1-1/+2
metze (This used to be commit f7379324025c599cd201ce6d0905f0ca2c24ce73)
2007-10-10r1366: handle the case where the client need to send the negTokenInit beforeStefan Metzmacher1-1/+88
getting something from the server. (this is needed by SPNEGO in dcerpc) metze (This used to be commit ec978555f0bd612b80dfa49ccc880a3858285879)
2007-10-10r1365: in SPNEGO_SERVER_TARG we should not check the spnego_negResultStefan Metzmacher1-9/+0
because the client don't send this metze (This used to be commit b1217a4ef6592082bb02fd0596a0563bacdf1d8e)
2007-10-10r1364: the SPNEGO_SERVER_TARG state is different from the SPNEGO_CLIENT_TARGStefan Metzmacher1-4/+72
the client checks but not send spnego_negResult metze (This used to be commit 49e4d375e9504f595aaa64ac62ddb421f082c424)
2007-10-10r1363: add SPNEGO_NONE_RESULT as spnego_negResult valueStefan Metzmacher2-4/+7
this should indicate that we don't send a spnego_negResult t all over the wire metze (This used to be commit 69d685d81784e5fb33e41d3244498ac620a2f5f0)
2007-10-10r1360: - remove unused state SPNEGO_CLIENT_SEND_MECHSStefan Metzmacher1-5/+0
- remove unsed gensec_user forward, it's done by the gensec layer know metze (This used to be commit e19e5a91f2fd988546f42473bf241dff3c2fe198)
2007-10-10r1359: fix uninit var - found by valgrindStefan Metzmacher1-3/+1
metze (This used to be commit 264afea9ec3ada4df51e5f5de4c0b977024af40b)
2007-10-10r1358: Re-indent the SPENGO implementation, and work on the basis of aAndrew Bartlett1-146/+201
switch, rather than a series of if statements. Also start to use the GENSEC subcontexts, and add some comments explaining some of the 'odd' logic in parts. I'll probably break these out into subfunctions soon. Thanks to metze for getting me to do this :-) Andrew Bartlett (This used to be commit 73e03596d3b2ad5927e8154d0fbfbdae9ec3f717)
2007-10-10r1357: Work on GENSEC:Andrew Bartlett2-5/+51
- Add the concept of a 'subcontext' into gensec, so that the spengo code doesn't have to figure out how to make one. (A subcontext inherits the username, domain, password (or callback) from the main context). - Add comments to some other routines, and explain a bit about what the various 'start' functions are for. Andrew Bartlett (This used to be commit 7aedbfbdd92b4ca93cbd0babff16e7526201ee88)
2007-10-10r1356: Fix logic bugs in ntlm_auth.Andrew Bartlett1-3/+7
Andrew Bartlett (This used to be commit 871e98ce5771bc96527f7ad4da07a7d6c1ae1c3c)
2007-10-10r1355: Add const (I missed this when I changed the function prototype earlier)Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit dbe484a0c2c1ef99b71621208fb3fec68fe4fada)
2007-10-10r1354: Make it clear that the first gensec_update takes a NULL data_blob.Andrew Bartlett1-2/+3
Andrew Bartlett (This used to be commit 842a5dfc1f313b771fef14a484be6eea8c6eedf8)
2007-10-10r1353: Fix compile with new ASN1 peek code.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 9039a2a1128d8af278cae76c0aa6d5362b3671e4)
2007-10-10r1352: Add a 'peek' function to our ASN1 code, so we can safely perform theAndrew Bartlett2-18/+63
various switches without looking one byte past te end of the buffer. (This used to be commit 5bce188d429b4166f3d0314922ae40204de182a7)
2007-10-10r1351: add derpc spengo wrapperStefan Metzmacher2-0/+80
not yet used and not working because of bugs in the gensec spnego code metze (This used to be commit b9795ed5735ad88a2ba9608d3d8804edf77e4cd4)
2007-10-10r1350: - init nt_status- found by valgrindStefan Metzmacher1-1/+2
- set auth_type = DCERPC_AUTH_TYPE_SPNEGO metze (This used to be commit 7354521f3cfaa2ead8fac38a68b7704d43731f72)
2007-10-10r1349: don't segfault with empty data_blobStefan Metzmacher1-0/+5
metze (This used to be commit a826accd55e90cb0628f198886ba1ae6c845e68b)
2007-10-10r1348: get gensec backend by OID instead of nameStefan Metzmacher2-12/+1
metze (This used to be commit 38e00f87191b86901b603e66aec1e7e71f74c29f)
2007-10-10r1347: - remove typedefStefan Metzmacher2-6/+15
- pass down gensec_user to the sub context - if segfault when mechType is NULL metze (This used to be commit 3f84263c27add3bf01eea88618f707da925bed5c)
2007-10-10r1346: revert my last spnego changesStefan Metzmacher2-126/+116
metze (This used to be commit 7b8237bfb3c302a448a7db0236c0a953603dcd89)
2007-10-10r1345: add extended security spnego support to the smb clientStefan Metzmacher7-33/+210
code set lp_use_spnego = False, because I can't get it working yet but I commit it so others can help me metze (This used to be commit 2445cceba9ab9bd928c8bc50927a39509e4526b0)
2007-10-10r1344: add gensec_start_mech_by_name()Stefan Metzmacher3-116/+137
some gensec spnego fixes (NULL pointer and length checks) metze (This used to be commit 41ff6d0cd47f6295fe7fe1d31fec7306416ce199)
2007-10-10r1343: formatingStefan Metzmacher1-16/+16
metze (This used to be commit 442905394b5e2f74baa4d83b2f4ba5159f321dd2)
2007-10-10r1342: When fixing _lsa_lookupsids in samba3 I wanted to find out the number ↵Volker Lendecke2-1/+55
of SIDs w2k3 can handle in a single request. With the samba3 client rpc libs I can do about 21000 SIDs in a single request. test_many_LookupSIDs with 10000 SIDs fails on the subsequent request with a NET_WRITE_FAULT. Maybe the Samba4 DCE people want to take a look at this -- I don't see the problem. Bug fix: SID components should be treated as unsigned when parsing Volker (This used to be commit 8c997a2ad2e89a640f854b556ef76a3d52c15963)
2007-10-10r1337: use sess->nt1. in sesssetup_nt1 :-)Stefan Metzmacher1-1/+1
metze (This used to be commit ee711c71fedd9d24b5a78b51d9dc3e166645260f)
2007-10-10r1336: check the vuid in old style sessionsetup tooStefan Metzmacher1-0/+3
metze (This used to be commit 32e307857ccc99b446e7574d46b610c63ee03583)
2007-10-10r1335: NT_STATUS_INTERNAL_DB_CORRUPTIONStefan Metzmacher4-20/+20
should cause DEBUG(0,(...)); metze (This used to be commit 80851e67783a9c3c8bdd7f2b52e0b46dd7b18d05)
2007-10-10r1334: remove unused stuffStefan Metzmacher1-11/+0
metze (This used to be commit 7a8786269b4f9e4962b51dd734171adf04021c15)
2007-10-10r1323: allow '-' in IDENTIFIERSStefan Metzmacher1-12/+40
accept '--' comments implement the <name> DEFINITIONS ::= BEGIN ... END syntax metze (This used to be commit 4422547711b9d653999433f36d48dccebc006bce)
2007-10-10r1321: find the '::=' directly by th lexerStefan Metzmacher1-1/+8
metze (This used to be commit 52674db28203b3a7f35c36379670813f9297b5ed)
2007-10-10r1313: Split up OpenPrinterEx into functions to handle opening printers and ↵Tim Potter1-12/+44
print servers. (This used to be commit 0edf17ac38b43cadb07dc0840730cd9b4e381713)
2007-10-10r1310: one more #line statementStefan Metzmacher1-0/+1
metze (This used to be commit d752eb660fd974fe3a14ed04974e54b3c385527c)
2007-10-10r1309: use #line 1 "filename.pl"Stefan Metzmacher1-0/+8
(for better bug tracking) when generating config.smb_build.pl metze (This used to be commit 390c03b9297f2105c0c5277fca049fe653e8b012)
2007-10-10r1308: move smb_panic() to lib/fault.cStefan Metzmacher3-25/+106
merge the backtrace stuff from 3.0 metze (This used to be commit 4daf1bafc71cc8f13188aeb85d81aa7513d57d95)
2007-10-10r1307: remove unused stuff from pasn1Stefan Metzmacher1-39/+18
metze (This used to be commit 1727ef2bb9377ace00700f3c3e32ea6a4d267f60)
2007-10-10r1306: commit the first steps of my ASN.1 compilerStefan Metzmacher4-0/+769
called 'pasn1', it works like 'pidl' and we may can autogenerate ASN.1 code out of it. (NOTE: the complete LDAP ASN.1 definition is in the RFC 2251, and maybe some others too :-) I'm not completly shure if we'll use it in future, but I commit it so that it won't be lost... metze (This used to be commit ddcaf7b63a0bc49ef1fc2d85d0ba81d67db48790)
2007-10-10r1305: Grrr, fix my build breakage...Andrew Bartlett1-1/+1
Declare variables at the start of a block. Andrew Bartlett (This used to be commit 9f5394703e81db9ed93648e06e48b0364a04a696)
2007-10-10r1294: A nice, large, commit...Andrew Bartlett33-1397/+1569
This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10r1293: IndentAndrew Bartlett1-3/+5
Andrew Bartlett (This used to be commit 9002584c020a48ab37cce103b4413e871aae2985)
2007-10-10r1292: Add const to the subsystem/module registration code.Andrew Bartlett4-5/+12
Add some 'multi init' code, until we get a better set of infrustructure. Andrew Bartlett (This used to be commit 982422b2d286335378531ae9523e74192340af3c)
2007-10-10r1291: rename struct smbsrv_context to smbsrv_connectionStefan Metzmacher26-393/+369
because this is the connection state per transport layer (tcp) connection I also moved the substructs directly into smbsrv_connection, because they don't need a struct name and we should allway pass the complete smbsrv_connection struct into functions metze (This used to be commit 60f823f201fcedf5473008e8453a6351e73a92c7)
2007-10-10r1286: rename struct tcon_context to smbsrv_tconStefan Metzmacher1-1/+1
metze (This used to be commit a6c0ca9de52b2395b092cb245bb94cbd55dfdd46)