Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
metze
|
|
metze
|
|
smb2cli_session_set_session_key() should not check for a valid session
key, if the connection is a guest or null session.
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Apr 16 12:21:17 CEST 2012 on sn-devel-104
|
|
Remove checks and replace with krb5_c_string_to_key().
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
The remaining gssapi_parse functions were used exclusively in
gensec_krb5. Move them there and make them static.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This is clearly a utiliy function generic to gensec. Also the 3 callers
had identical implementations. Provide a generic implementation for all
of them and avoid duplicating the code everywhere.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
|
|
|
|
|
se_access_check accepts.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 05:08:03 CET 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 02:26:34 CET 2012 on sn-devel-104
|
|
It's a bit confusing to mix low-level and high-level libraries. We had
multiple libraries in one directory, and there were have circular
dependencies with other libraries outside that directory (in this case,
samba-hostconfig).
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 10 23:13:01 CET 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 10 01:33:45 CET 2012 on sn-devel-104
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Sun Mar 4 15:10:38 CET 2012 on sn-devel-104
|
|
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
|
|
|
|
* FORCE_LEVELII_OPLOCKS
* ENABLE_HASH_V1
* ENABLE_HASH_V2
* ENCRYPT_DATA
|
|
|
|
* continuous avaliability
* cluster
* scaleout
|
|
* multi channel
* persistent handles
* directory leasing
* encryption
|
|
These are the tags for the SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2
and SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2, the second version
of the SMB2_CREATE_DURABLE_HANDLE_REQUEST (DHnQ) and
SMB2_CREATE_DURABLE_HANDLE_RECONNECT (DHnC), which are only
available for SMB 2.2 (and newer).
|
|
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Sat Mar 3 09:04:40 CET 2012 on sn-devel-104
|
|
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Feb 29 09:01:54 CET 2012 on sn-devel-104
|
|
This uses the key diveration function from "NIST Special Publication 800-108"
in counter mode (section 5.1).
Thanks to Jeremy, Michael and Volker for the debugging!
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Feb 29 04:54:48 CET 2012 on sn-devel-104
|
|
metze
|
|
This implements a simplified version of "NIST Special Publication 800-108" section 5.1
using hmac-sha256.
Thanks to Jeremy, Michael and Volker for the debugging!
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Feb 27 14:26:32 CET 2012 on sn-devel-104
|
|
metze
|
|
smb2cli_conn_dispatch_incoming()
metze
|
|
metze
|
|
signing_key
The signing_key is fix across all channels and is used for session setups
on a channel binding.
Note:
- the last session setup response is signed with the new channel signing key.
- the reauth session setups are signed with the channel signing key.
It's also not needed to remember the main session key.
metze
|
|
metze
|
|
"n" is size_t, so it is always >=0.
|
|
has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
|
|
The ntlmssp_server code will be in common shortly, and aside from a
symbol name or two, moving the client code causes no harm and makes
less mess. We will also get the client code in common very soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
gensec_gssapi
Thie ensures that both code bases use the same logic to determine the use
of NEW_SPNEGO.
Andrew Bartlett
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jan 29 14:11:12 CET 2012 on sn-devel-104
|
|
The SMB1 negprot request already consumed the SMB2 sequence '0'.
This also happens for the SMB 2.02 case.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jan 27 15:27:41 CET 2012 on sn-devel-104
|
|
This allows the compiler to catch uses of incorrectly typed arguments
for [NT_STATUS|W_ERROR]_IS_OK() and [NT_STATUS|W_ERROR]_EQUAL(). I.e.
WERROR werr;
werr = my_fn(); /* XXX returns WERROR type */
if (NT_STATUS_EQUAL(werr, NT_STATUS_OBJECT_NAME_COLLISION)) {
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Jan 21 01:28:54 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This is rather than via a now one-element union.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This also fixes the support for smb sealing with krb5 in make test, as
this now relies on secrets.tdb rather than /etc/krb5.keytab.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|