Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-08-10 | libcli/auth Make the source3/ implementation of the NTLMSSP server common | Andrew Bartlett | 1 | -527/+0 | |
This means that the core logic (but not the initialisation) of the NTLMSSP server is in common, but uses different authentication backends. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Split the NTLMSSP server into before and after authentication | Andrew Bartlett | 1 | -62/+148 | |
This allows for a future where the auth subsystem is async, and the session key generation needs to happen in a callback. This code is originally reworked into this style by metze for the source4/ implementation. The other change here is to introduce an 'out_mem_ctx', which makes the API match that used in source4. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Always call ntlmssp_sign_init() | Andrew Bartlett | 1 | -3/+1 | |
There is no code path that sets nt_status before this point, without a return. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Don't use talloc_tos() for NTLMSSP blobs for now | Andrew Bartlett | 1 | -2/+2 | |
This code will, I hope, soon be merged in common, and the Samba4 use case does not currently support talloc_tos() properly. Use another context for now. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Don't permit LM_KEY in combination with NTLMv2 | Andrew Bartlett | 1 | -1/+4 | |
This is another 'belts and braces' check to avoid the use of the weak 'LM_KEY' encryption when the client has chosen NTLMv2. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Don't reply with the LM_KEY negotiation flag when not available | Andrew Bartlett | 1 | -0/+15 | |
This ensures the client isn't confused and we don't enter this weaker authentication scheme when we don't really, really need to. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Don't use the lm key if the user didn't supply one. | Andrew Bartlett | 1 | -3/+3 | |
This may help to avoid a number of possible MITM attacks where LM_KEY is spoofed into the session. If the login wasn't with lanman (and so the user chose to disclose their lanman response), don't disclose back anything based on their lanman password. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Add extra DEBUG() message for auth system failures | Andrew Bartlett | 1 | -0/+2 | |
Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | s3:ntlmssp Redirect lp_lanman_auth() via 'allow_lm_key' | Andrew Bartlett | 1 | -2/+4 | |
This will allow this to be handled via common code in the future Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-10 | libcli/auth Move some source3/ NTLMSSP functions to the common code. | Andrew Bartlett | 1 | -87/+0 | |
libcli/auth Use true and false rather than True and False in common code Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-06 | s3-libsmb: include nbt.h in namequery_dc code. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-06 | s3-krb5: include krb5pac.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-06 | s3-rap: include svcctl.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-06 | s3-passdb: include samr.h where needed. | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2010-08-05 | s3: Remove some direct cli->inbuf references in interpret_long_filename | Volker Lendecke | 1 | -2/+2 | |
2010-08-05 | s3: Remove a pointless wrapper function | Volker Lendecke | 2 | -6/+1 | |
2010-08-05 | s3: Explicitly pass flags2 to clistr_pull_talloc | Volker Lendecke | 4 | -9/+22 | |
Required to eventually make cli_list async | |||||
2010-08-05 | s3: Remove some pointless wrapper functions | Volker Lendecke | 1 | -4/+7 | |
2010-08-05 | s3: Remove some pointless wrapper functions | Volker Lendecke | 4 | -16/+23 | |
2010-08-05 | s3: Save the received trans2 from the inbuf in cli_trans | Volker Lendecke | 5 | -15/+28 | |
2010-08-05 | s3-popt: Only include popt-common.h when needed. | Andreas Schneider | 2 | -0/+2 | |
2010-08-05 | s3-secrets: only include secrets.h when needed. | Günther Deschner | 2 | -0/+2 | |
Guenther | |||||
2010-08-05 | s3: avoid global include of ads.h. | Günther Deschner | 2 | -0/+2 | |
Guenther | |||||
2010-08-04 | s3: Convert cli_list() to return NTSTATUS | Volker Lendecke | 2 | -14/+25 | |
If needed, the callback functions can count themselves | |||||
2010-08-04 | s3: Use data_blob_null | Volker Lendecke | 1 | -1/+1 | |
2010-07-30 | s3: Remove "cli" from "struct finfo" | Volker Lendecke | 1 | -2/+0 | |
2010-07-28 | s3: Fix cli_qpathinfo2 | Volker Lendecke | 1 | -1/+1 | |
Does not fix the DIR_CREATETIME test, but it is definitely an error. | |||||
2010-07-27 | s3: Remove a typedef (struct file_info) | Volker Lendecke | 2 | -9/+12 | |
2010-07-26 | s3: Convert cli_qpathinfo_streams to cli_qpathinfo_send | Volker Lendecke | 1 | -42/+93 | |
2010-07-26 | s3: Factor out parse_streams_blob | Volker Lendecke | 1 | -8/+22 | |
2010-07-26 | s3: Convert cli_qpathinfo_basic to cli_qpathinfo_send | Volker Lendecke | 1 | -49/+86 | |
2010-07-26 | s3: Convert cli_qpathinfo2 to cli_qpathinfo_send | Volker Lendecke | 2 | -52/+103 | |
2010-07-26 | s3: Callers of cli_qpathinfo_recv might ignore the output | Volker Lendecke | 1 | -2/+8 | |
2010-07-26 | s3: cli_qpathinfo2 expects at least 68 bytes | Volker Lendecke | 1 | -1/+1 | |
2010-07-26 | s3: Convert cli_qpathinfo1 to cli_qpathinfo | Volker Lendecke | 1 | -61/+105 | |
2010-07-26 | s3: Fix a structure mess-up | Volker Lendecke | 1 | -1/+1 | |
I wonder why the compiler did not complain -- maybe because the structs have the same data members? No clue. | |||||
2010-07-26 | s3: Remove some unused struct members | Volker Lendecke | 1 | -6/+0 | |
2010-07-25 | s3: Convert cli_get_ea_list_path to cli_qpathinfo_send | Volker Lendecke | 1 | -20/+94 | |
2010-07-25 | s3: Factor out parse_ea_blob | Volker Lendecke | 1 | -25/+41 | |
2010-07-25 | s3: Convert cli_posix_stat to cli_qpathinfo_send | Volker Lendecke | 1 | -57/+20 | |
2010-07-25 | s3: Convert cli_posix_getfacl to cli_qpathinfo_send | Volker Lendecke | 1 | -53/+21 | |
2010-07-25 | s3: Convert cli_posix_readlink to cli_qpathinfo_send | Volker Lendecke | 1 | -67/+33 | |
2010-07-25 | s3: Add async cli_qpathinfo | Volker Lendecke | 1 | -0/+135 | |
2010-07-25 | s3: cli_qpathinfo->cli_qpathinfo1 | Volker Lendecke | 1 | -1/+1 | |
2010-07-25 | s3: Fix cli_posix_stat | Volker Lendecke | 1 | -4/+4 | |
nlink seems to be defined as 8 bytes, not 4 Jeremy, please check! | |||||
2010-07-23 | Fix bug 7583 - Smbclient fails to kerberos connect to a Alfresco JLAN CIFS ↵ | Jeremy Allison | 1 | -152/+151 | |
Server Correctly calculate the gssapi channel binding checkum. Jeremy Signed off by: simo <idra@samba.org> | |||||
2010-07-20 | s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys | Simo Sorce | 2 | -15/+23 | |
2010-07-20 | misc: cleanup get_krb5_smb_session_key() | Simo Sorce | 1 | -8/+15 | |
2010-07-20 | misc: cleanup cli_krb5_get_ticket() | Simo Sorce | 1 | -21/+20 | |
2010-07-20 | Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵ | Jeremy Allison | 3 | -21/+23 | |
contexts. Jeremy. |