Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
metze
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Same argument as in 997a64f6fb11e19d78c: If tdb_close() was needed at exit
time, we'd have more severe problems by now.
|
|
Guenther
|
|
This is freed in this routine a few lines down
|
|
TDB_CLEAR_IF_FIRST tdb's. For tdb's like gencache where we open
without CLEAR_IF_FIRST and then with CLEAR_IF_FIRST if corrupt
this is still safe to use as if opening an existing tdb the new
hash will be ignored - it's only used on creating a new tdb not
opening an old one.
Jeremy.
|
|
Found by the CodeNomicon test suites at the SNIA plugfest.
http://www.codenomicon.com/
If an invalid NetBIOS session request is received the code in name_len() in
libsmb/nmblib.c can hit an assert.
Re-write name_len() and name_extract() to use "buf/len" pairs and
always limit reads.
Jeremy.
|
|
Both allocated blobs are freed in their routines
|
|
Found by the CodeNomicon test suites at the SNIA plugfest.
http://www.codenomicon.com/
If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server
as we indirect the first returned value OIDs[0], which is returned as NULL.
Jeremy.
|
|
squashed: add michlistMIC signature checks
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Volker, please check.
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
The too small array makes UID-REGRESSION-FIX fail on 32bit
architectures.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
|
|
messages.
Jeremy.
|
|
The idea of this patch is: Don't support a mix of different kerberos
features.
Either we should prepare a GSSAPI (8003) checksum and mark the request as
such, or we should use the old behaviour (a normal kerberos checksum of 0 data).
Sending the GSSAPI checksum data, but without marking it as GSSAPI broke
Samba4, and seems well outside the expected behaviour, even if Windows accepts it.
Andrew Bartlett
|
|
metze
|
|
Guenther
|
|
<andreas.moroder@gmx.net>".
Jeremy.
|
|
|
|
|
|
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
|
|
DOS error codes were being lost with the conversion to async
libsmbclient. If we're passing around NTSTATUS internally,
let's just convert it when we get it.
DOS ACCESS_DENIED on nautilus was not prompting for other credentials,
because it was not being mapped.
|
|
Volker, please check.
Guenther
|
|
Volker, please check.
Guenther
|
|
|
|
|
|
Guenther
|
|
|
|
|
|
Modern Kerberos implementations have either defines or enums for these
key types, which makes doing #ifdef difficult. This shows up in files
such as libnet_samsync_keytab.c, the bulk of which is not compiled on
current Fedora 12, for example.
The downside is that this makes Samba unconditionally depend on the
arcfour-hmac-md5 encryption type at build time. We will no longer
support libraries that only support the DES based encryption types.
However, the single-DES types that are supported in common with AD are
already painfully weak - so much so that they are disabled by default
in modern Kerberos libraries.
If not found, ADS support will not be compiled in.
This means that our 'net ads join' will no longer set the
ACB_USE_DES_KEY_ONLY flag, and we will always try to use
arcfour-hmac-md5.
A future improvement would be to remove the use of the DES encryption
types totally, but this would require that any ACB_USE_DES_KEY_ONLY
flag be removed from existing joins.
Andrew Bartlett
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
This means that the core logic (but not the initialisation) of the
NTLMSSP server is in common, but uses different authentication backends.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This allows for a future where the auth subsystem is async, and the
session key generation needs to happen in a callback.
This code is originally reworked into this style by metze for the
source4/ implementation.
The other change here is to introduce an 'out_mem_ctx', which makes
the API match that used in source4.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
There is no code path that sets nt_status before this point, without
a return.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This code will, I hope, soon be merged in common, and the Samba4
use case does not currently support talloc_tos() properly. Use another
context for now.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This is another 'belts and braces' check to avoid the use of the
weak 'LM_KEY' encryption when the client has chosen NTLMv2.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This ensures the client isn't confused and we don't enter this
weaker authentication scheme when we don't really, really need to.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This may help to avoid a number of possible MITM attacks where LM_KEY is
spoofed into the session. If the login wasn't with lanman
(and so the user chose to disclose their lanman response),
don't disclose back anything based on their lanman password.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This will allow this to be handled via common code in the future
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
libcli/auth Use true and false rather than True and False in common code
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|