samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2003-03-03	Add const	Andrew Bartlett	1	-1/+1
	(This used to be commit 251b91f46988053eccc53f814a23ed5ca787c852)
2003-02-24	Patch from Luke Howard to add mutual kerberos authentication, and SMB session	Andrew Bartlett	1	-13/+16
	keys for kerberos authentication. Andrew Bartlett (This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
2003-02-15	Move our NTLMSSP client code into ntlmssp.c. The intention is to provide a	Andrew Bartlett	1	-3/+53
	relitivly useful external lib from this code, and to remove the dupicate NTLMSSP code elsewhere in samba (RPC pipes, LDAP client). The code I've replaced this with in cliconnect.c is relitivly ugly, and I hope to replace it with a more general SPENGO layer at some later date. Andrew Bartlett (This used to be commit b2b66909ac2e251f8189e0696b6075dbf748521a)
2003-02-15	Move our NTLMSSP code into easily seperated peices, not relying on the whole	Andrew Bartlett	1	-322/+0
	of libsmb. Andrew Bartlett (This used to be commit b5ec7efa80478187124c1cfa8c7fcc4036506a37)
2003-02-14	NTLMSSP parinoia - we really don't want to run over the end of our blob,	Andrew Bartlett	1	-8/+33
	and make sure we can never get an 'authenticate' packet without a challenge. Andrew Bartlett (This used to be commit 4d94f8e6912c1339515cd1f68d1b698e7c699626)
2003-02-13	A few typo fixes Andrew eventually let off to me.	Rafal Szczesniak	1	-4/+4
	Rafal (This used to be commit 16a66cf17a544a214b7c5b483c81c7568a18a779)
2003-02-09	(only for HEAD at the moment).	Andrew Bartlett	1	-1/+2
	Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 = yes') and only when 'client use spengo = no'. (A new option to allow the client and server ends to chose spnego seperatly). NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet. Also some parinoia checks in our input parsing. Andrew Bartlett (This used to be commit 85e9c060eab59c7692198f14a447ad59f05af437)
2003-01-28	Factor out common code in the NTLMSSP/SPNEGO code.	Andrew Bartlett	1	-49/+18
	The idea here is to seperate, as much as possible, the SPNEGO layer from the NTLMSSP layer. This not only helps us with protocol correctness, but also should allow further mechinisms to be added with relitive ease. I indend to make the kerberos code use this shortly. I've never seen the 'zero length blob' form of the anonymous login, so I've removed that case. Andrew Bartlett (This used to be commit a8773c9f825539c5bc17e4200b16d7ebbe0b7620)
2003-01-16	(missed in last commit)	Andrew Bartlett	1	-1/+1
	Change the 'cookie' to be the ntlmssp_context, and use the 'auth_context' on that to store the cookie. Ensures that simple callbacks can 'just work'. Also make it clear that we are doing a pull_string into a pstring, not just any sized buffer. Andrew Bartlett (This used to be commit c7793f27188e658b7fc6336aa51d367eab36fc17)
2003-01-13	Updates to our NTLMSSP code:	Andrew Bartlett	1	-13/+48
	This tries to extract our server-side code out of sessetup.c, and into a more general lib. I hope this is only a temporay resting place - I indend to refactor it again into an auth-subsystem independent lib, using callbacks. Move some of our our NTLMSSP #defines into a new file, and add two that I found in the COMsource docs - we seem to have a double-up, but I've verified from traces that the NTLMSSP_TARGET_TYPE_{DOMAIN,SERVER} is real. This code also copes with ASCII clients - not that we will ever see any here, but I hope to use this for HTTP, were we can get them. Win2k authenticates fine under forced ASCII, btw. Tested with Win2k, NTLMv2 and Samba's smbclient. Andrew Bartlett (This used to be commit b6641badcbb2fb3bfec9d00a6466318203ea33e1)
2002-09-17	Add clock skew handling to our kerberos code. This allows us to cope with	Andrew Tridgell	1	-2/+2
	the DC being out of sync with the local machine. (This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
2002-09-03	Fix the struct_blob.	Richard Sharpe	1	-0/+1
	(This used to be commit ce152b33c8b08905ea863d47a620c90ca47c8566)
2002-09-03	Fix the client side NTLMSSP. It now works between smbclient and smbd!	Richard Sharpe	1	-1/+46
	However, it does not work with Win2K over 445 with raw NTLMSSP! (This used to be commit 53e4975337be2cab3ee89f2f62e5659855365b73)
2002-09-03	Add type A to the small MSRPC generator ...	Richard Sharpe	1	-0/+2
	(This used to be commit 7f8fd5f270af74dcb3fd18af74233f7db4d8f9a7)
2002-08-31	Add a bit of 'const' and move a lot of our 'repeditive' DEBUG() statements to	Andrew Bartlett	1	-16/+18
	'DEBUGADD', so we don't repeat headers. (Makes them much easier to read). (Based on patch by kai) Andrew Bartlett (This used to be commit 9deada345c5f89f338530c4de62835cc1eeb3d0e)
2002-08-30	convert the LDAP/SASL code to use GSS-SPNEGO if possible	Andrew Tridgell	1	-3/+1
	we now do this: - look for suported SASL mechanisms on the LDAP server - choose GSS-SPNEGO if possible - within GSS-SPNEGO choose KRB5 if we can do a kinit - otherwise use NTLMSSP This change also means that we no longer rely on having a gssapi library to do ADS. todo: - add TLS/SSL support over LDAP - change to using LDAP/SSL for password change in ADS (This used to be commit b04e91f660d3b26d23044075d4a7e707eb41462d)
2002-08-25	Fix from kai to correctly decode ntlmssp flags.	Andrew Bartlett	1	-1/+1
	Andrew Bartlett (This used to be commit 2e74473551f0fce0384eacd31bc1a53ff3967464)
2002-08-15	Fix NTLMSSP challenge command and auth response. We can now service joins	Jim McDonough	1	-0/+61
	from win2k AND still use SPNEGO (provided you don't build with kerberos...I still have to fix that, as we are not properly falling back). (This used to be commit 1f9b3d46c7c99e84b2983220f79613b7420c5ced)
2002-05-26	Add support for NTLMv2 (tested!) with NTLMSSP.	Andrew Bartlett	1	-1/+42
	The problem was the NTLMv2 uses extra data in order to make reply/lookup more difficult. That extra data includes the hostname, and the domain. This matches Win2k (sort of) by sending this information. Win2k connects with LMCompatibilityLevel=5 without a problem. We can change the negotiation bits if we want, this should allow us to make NTLMv2 the default for other clients as well. Some of the extra #defines were found in the squid source. Andrew Bartlett (This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
2002-02-15	Try not to malloc -1 bytes (apx 4GB) when the data is already in error.	Andrew Bartlett	1	-2/+12
	Andrew Bartlett (This used to be commit ad1faf8fa4019cb57fbb7f311f6d4943359bcd45)
2002-01-30	Removed version number from file header.	Tim Potter	1	-2/+1
	Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-05	simple fix for creating blank data blobs	Andrew Tridgell	1	-3/+1
	(This used to be commit 08bb2dfec2ca0282e9268d09da2b966d3bdf493a)
2001-12-08	added internal sasl/gssapi code. This means we are no longer dependent on ↵	Andrew Tridgell	1	-1/+1
	cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm (This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
2001-10-21	Ok, I know it's a language thing and it shouldn't matter.... but a kerberos	Jeremy Allison	1	-8/+8
	name is a "principal", not a principle. English majors will complain :-). Jeremy. (This used to be commit b668d7d656cdd066820fb8044f24bcd4fda29524)
2001-10-21	made smbclient cope better with arbitrary principle forms	Andrew Tridgell	1	-14/+1
	(This used to be commit d1341d74b7aa5f6b3f72e5409b245f87f1ad670b)
2001-10-18	the beginnings of kerberos support in smbd. It doesn't work yet, but	Andrew Tridgell	1	-0/+23
	it should give something for others to hack on and possibly find what I'm doing wrong. (This used to be commit 353c290f059347265b9be2aa1010c2956da06485)
2001-10-17	added basic NTLMSSP support in smbd. This is still quite rough, and	Andrew Tridgell	1	-7/+215
	loses things like username mapping. I wanted to get this in then discuss it a bit to see how we want to split up the existing session setup code (This used to be commit b74fda69bf23207c26d8b2af23910d8f2eb89875)
2001-10-14	fixed NTLMSSP with XP servers (who don't send the duplicate challenge	Andrew Tridgell	1	-3/+9
	in the asn1 spnego structures) (This used to be commit 131010e9fb842b4d5a8660c538a3313c95fadae7)
2001-10-12	moved some OIDs to the ASN.1 header	Andrew Tridgell	1	-6/+2
	(This used to be commit 7092beef9d7a68018ede569883b22c822300c7ff)
2001-10-12	added NTLMSSP authentication to libsmb. It seems to work well so I have ↵	Andrew Tridgell	1	-0/+395
	enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM (This used to be commit 076aa97bee54d182288d9e93ae160ae22a5f7757)