Age | Commit message (Collapse) | Author | Files | Lines |
|
where the server just reflects our signature back
to us. Allow the upper layer to see the real error.
Jeremy.
(This used to be commit 6cf0b93b1d8cb97dc665e14ace94a259def67724)
|
|
don't need to have tdb.h.
Jeremy.
(This used to be commit 512542c90a78006bda3470eed7fb6d3f6e708eed)
|
|
the extended 7 word response for tconX rather than the
3 word one we supported previously.
Jeremy.
(This used to be commit 137953226a2d691259e7e84d6ae0dc24755e5a3a)
|
|
OID_KERBEROS_OLD one.
metze
(This used to be commit 294c69334fce1cbb74ae9eb5a06e17b397f994df)
|
|
not specific for NTLMSSP
- it's possible that the server sends a mechOID and authdata
if negResult != SPNEGO_NEG_RESULT_INCOMPLETE, but we still
force the mechOID to be present if negResult == SPNEGO_NEG_RESULT_INCOMPLETE
metze
(This used to be commit e9f2aa22f90208a5e530ef3b68664151960a0a22)
|
|
(This used to be commit a6e1e39f1dcd9ebcb5db199fd152a861b9be929b)
|
|
redundent. Remove it.
Jeremy.
(This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5)
|
|
Jeremy.
(This used to be commit 29933600cff458f6599e4604f9e861cd20fc8e38)
|
|
but I've no option.
Jeremy.
(This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74)
|
|
Jeremy
(This used to be commit 22eaed76f01ea9d0184dcaf57adca23abc6330b9)
|
|
data out that locking/locking.c does.
Jeremy.
(This used to be commit 1fec4da6d6267289bf93f930de4cb5e21c450e15)
|
|
and fix all compiler warnings in the users
metze
(This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
|
|
call as smb_krb5_locate_kdc to prevent incorrect linking
and crashes on Solaris.
Jeremy.
(This used to be commit 7d30737c8d851505e81a60443baf9a8c7e523472)
|
|
which matches what samba4 has.
also fix all the callers to prevent compiler warnings
metze
(This used to be commit fa322f0cc9c26a9537ba3f0a7d4e4a25941317e7)
|
|
No point in deleting U/DOMAIN/RID and UG/DOMAIN/RID keys if we only store U/SID
and UG/SID keys :-)
Next we need to verify the need of calling netsamlogon_clear_cached_user() at all.
Guenther
(This used to be commit 78d13f14672b65c2d4798ce94322e945334eea62)
|
|
Jeremy.
(This used to be commit 6b923acfee59e39eea69e9e9a00f1f6118ed4270)
|
|
Jeremy.
(This used to be commit 9785528ddf26c4943e8bdfcf7694314a52218520)
|
|
in the client code.
Jeremy.
(This used to be commit 3e901389feedadd64c6ba712ab09cdfb497a9e0a)
|
|
Jeremy.
(This used to be commit 8f113ad1918dcd2746ec527ceb79a2a7baa1d415)
|
|
contexts....
Jeremy.
(This used to be commit ae8f3649f773b8a8dcb55921536d038d3475322e)
|
|
we're encrypted. This will make further changes and
spec much more clear.
Jeremy.
(This used to be commit ffa3a5c508a494d22e8ee3ada424a6517ddf8923)
|
|
fetch too...
metze
(This used to be commit d105723f063d617ef9f8394e7921749b21f1d755)
|
|
Jeremy.
(This used to be commit fbc569b530104679e47fe743963eb0c4384de6ae)
|
|
Jeremy
(This used to be commit 8ba138efd097b08dcfe98f99b67c77579babf250)
|
|
by valgrind on the build farm.
Jeremy.
(This used to be commit 6eed92dfd4da1f9979831bec8e0dcdee33fb53b4)
|
|
broke the build farm. Thanks to
Metze for the heads up.
Jeremy.
(This used to be commit bb3623be3f2b0686b2b2e671e3e7bd9978f6ed9b)
|
|
maybe also for 3.0.25
metze
(This used to be commit 844dac912cb549b0524571df80fbaa7f2d9c36c2)
|
|
Thanks Don !
Jeremy.
(This used to be commit 662344d1ec3593689de7602afa518ed98e10dc37)
|
|
Jeremy.
(This used to be commit 00f58951b4cace06e51e7eb404605c7f3d366f38)
|
|
to restructure libsmb/smb_signing.c so it isn't in
the base libs path but lives in libsmb instead (like
smb_seal.c does).
Jeremy.
(This used to be commit 1b828f051d0782201f697de15ff973bd6b097d5b)
|
|
Jeremy.
(This used to be commit a226645353a40047b72de1b96c3a7676a2bf1034)
|
|
Ensure we ignore reqests to free keepalive buffers
as we only copied these.
Jeremy.
(This used to be commit a184bdbe3c7bf0c44a8141898bfcb9971a332312)
|
|
this already has to be right. This makes the
signed+sealed area the same as it will be with
gss calls. Now to go implement them.
Jeremy.
(This used to be commit 80810af7d1137b3ddd3073581d5ec99fadaa81a5)
|
|
the 4 byte length isn't included in the length :-).
We now have working NTLMSSP transport encryption
with sign+seal. W00t!
Jeremy.
(This used to be commit d34584cb5c53c194693ce7236020ab83f60cd235)
|
|
Jeremy.
(This used to be commit 1639366561bd63d7023c54f811e2f87dcbbd0a31)
|
|
exchange. Still not working but closer.
Jeremy.
(This used to be commit 2fde5c703d2390bc6685f34713dc996e69732f1a)
|
|
Now to investigate why it doesn't work :-).
Jeremy.
(This used to be commit 73f7c6cef8371ad63eb1dc3e79bfc78503dbd7a4)
|
|
for testing.
Jeremy.
(This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
|
|
"raw" NTLM auth (no spnego).
Jeremy.
(This used to be commit 6b5ff7bd591b4f65e2eb767928db50ddf445f09a)
|
|
rafal
(This used to be commit 8f313061a4cbc69d8dd17aa282d79d07a9275242)
|
|
functions that take a gss context handle in includes.h
Jeremy.
(This used to be commit 638b03242d4a6b1df2477dad19240ed61a14a5a3)
|
|
not just an NTLMSSP - grr. This complicates the re-use of
common client and server code but I think I've got it right.
Not turned on of valgrinded yet, but you can see it start
to take shape !
Jeremy.
(This used to be commit 60fc9c0aedf42dcd9df2ef9f1df07eaf3bca9bce)
|
|
depending on encryption context pointer.
Jeremy.
(This used to be commit d3f3ced6c8a03d971143baf878158d671dfcbc3b)
|
|
for the server side enc. (doesn't break anything).
I'll keep updating this until I've got NTLM seal working
on both client and server, then add in the gss level
seal.
Jeremy.
(This used to be commit 530ac29abf23e920baa549e7cec55199edd8bd74)
|
|
these out as I implement. Don't add to SAMBA_3_0_25, this
is experimental code.
NFSv4 you're now officially on notice... :-).
Jeremy.
(This used to be commit 5bfe638f2172e272741997100ee5ae8ff280494d)
|
|
Jeremy.
(This used to be commit f18e87ba6b6a3f4c16777cb5b6bf93a656800247)
|
|
Jeremy.
(This used to be commit 1e32b44bfcf7676b3a9f208054fa853e7066eafc)
|
|
to return a NT_STATUS_TIME_DIFFERENCE_AT_DC error to
a client when there's clock skew. Will help people
debug this. Prepare us for being able to return the
correct sessionsetupX "NT_STATUS_MORE_PROCESSING_REQUIRED"
error with associated krb5 clock skew error to allow
clients to re-sync time with us when we're eventually
able to be a KDC.
Jeremy.
(This used to be commit c426340fc79a6b446033433b8de599130adffe28)
|
|
Volker
(This used to be commit fd0ee6722ddfcb64b5cc9c699375524ae3d8709b)
|
|
Not used
yet, the next step will be a secrets_fetch_machine_account() function that
also pulls the account name to be used in the appropriate places.
Volker
(This used to be commit f94e5af72e282f70ca5454cdf3aed510b747eb93)
|