Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
|
|
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This should not make a difference for NTLMSSP as it still calls the
low level ntlmssp_[un]seal_packet() functions with the same input parameters.
If we convert the gss-api/krb5 based code to gensec we have to use
gensec_[un]wrap() as the wire format is different compared to
gensec_[un]seal_packet() there.
Andrew Bartlett
Split from another commit by Stefan Metzmacher <metze@samba.org>
|
|
This avoids the indirection via the auth_ntlmsssp wrapper functions.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
There's no need to do gss-api specific stuff, the buffer is always
malloc'ed.
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Oct 19 19:06:35 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Sep 15 17:52:00 CEST 2011 on sn-devel-104
|
|
This allows auth_ntlmssp_get_ntlmssp_state() to be removed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon May 23 12:15:33 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
All the members are children of ntlmssp_state anyway.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This ensures the results can't be easily left to leak.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
The code is not yet in common, but I hope to fix that soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Andrew Bartlett
|
|
Andrew Bartlett
|
|
ntlmssp_seal_packet creates its own signature data blob, which we then
have to free.
Jeremy, please check and merge appropriately (Yes, I'm asking you to do the
janitor work, I want you to *look* at this :-))
Volker
|
|
non-encrypted packet with the crypto state set.
|
|
(This used to be commit db6ae9ed2326e6cd68475375d049084cf1d5a98c)
|
|
with Volker. Mostly making sure we have data on the incoming
packet type, not stored in the smb header.
Jeremy.
(This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8)
|
|
negotiation works.
Jeremy.
(This used to be commit d78045601af787731f0737b8627450018902b104)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit a66a04e9f11f6c4462f2b56b447bae4eca7b177c)
|
|
to all callers of smb_setlen (via set_message()
calls). This will allow the server to reflect back
the correct encryption context.
Jeremy.
(This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
|
|
server. Allow server to reflect back to calling client
the encryption context that was sent.
Jeremy.
(This used to be commit b49e90335d1e589916b5ab4992e3c4a2d221ca7e)
|
|
Jeremy.
(This used to be commit 11fa0ca9e21d478a4b79b8ca1e92936b26b03fe0)
|
|
Jeremy.
(This used to be commit 29933600cff458f6599e4604f9e861cd20fc8e38)
|
|
Jeremy
(This used to be commit 22eaed76f01ea9d0184dcaf57adca23abc6330b9)
|
|
Jeremy.
(This used to be commit 6b923acfee59e39eea69e9e9a00f1f6118ed4270)
|
|
Jeremy.
(This used to be commit 9785528ddf26c4943e8bdfcf7694314a52218520)
|
|
contexts....
Jeremy.
(This used to be commit ae8f3649f773b8a8dcb55921536d038d3475322e)
|
|
Jeremy.
(This used to be commit fbc569b530104679e47fe743963eb0c4384de6ae)
|
|
Thanks Don !
Jeremy.
(This used to be commit 662344d1ec3593689de7602afa518ed98e10dc37)
|
|
Jeremy.
(This used to be commit 00f58951b4cace06e51e7eb404605c7f3d366f38)
|
|
to restructure libsmb/smb_signing.c so it isn't in
the base libs path but lives in libsmb instead (like
smb_seal.c does).
Jeremy.
(This used to be commit 1b828f051d0782201f697de15ff973bd6b097d5b)
|
|
Jeremy.
(This used to be commit a226645353a40047b72de1b96c3a7676a2bf1034)
|
|
Ensure we ignore reqests to free keepalive buffers
as we only copied these.
Jeremy.
(This used to be commit a184bdbe3c7bf0c44a8141898bfcb9971a332312)
|
|
this already has to be right. This makes the
signed+sealed area the same as it will be with
gss calls. Now to go implement them.
Jeremy.
(This used to be commit 80810af7d1137b3ddd3073581d5ec99fadaa81a5)
|
|
the 4 byte length isn't included in the length :-).
We now have working NTLMSSP transport encryption
with sign+seal. W00t!
Jeremy.
(This used to be commit d34584cb5c53c194693ce7236020ab83f60cd235)
|
|
for testing.
Jeremy.
(This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
|
|
"raw" NTLM auth (no spnego).
Jeremy.
(This used to be commit 6b5ff7bd591b4f65e2eb767928db50ddf445f09a)
|
|
functions that take a gss context handle in includes.h
Jeremy.
(This used to be commit 638b03242d4a6b1df2477dad19240ed61a14a5a3)
|