samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2003-02-24	Merge from HEAD client-side authentication changes:	Andrew Bartlett	5	-517/+734
	- new kerberos code, allowing the account to change it's own password without special SD settings required - NTLMSSP client code, now seperated from cliconnect.c - NTLMv2 client code - SMB signing fixes Andrew Bartlett (This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
2003-02-21	Fix IRIX build...void fn can't return another void fn	Jim McDonough	1	-1/+2
	(This used to be commit e0c1f9ef61a0ec4f06a0b0e257497943195b5297)
2003-02-19	Sync with HEAD for verifying kerberos tickets.	Jim McDonough	1	-4/+33
	(This used to be commit 77e1178a888f0d380a5ef94911a8f07bf04a7ba3)
2003-02-19	Merge minor library fixes from HEAD to 3.0.	Andrew Bartlett	3	-13/+25
	- setenv() replacement - mimir's ASN1/SPNEGO typo fixes - (size_t)-1 fixes for push_* returns - function argument signed/unsigned correction - ASN1 error handling (ensure we don't use initiailsed data) - extra net ads join error checking - allow 'set security discriptor' to fail - escape ldap strings in libads. - getgrouplist() correctness fixes (include primary gid) Andrew Bartlett (This used to be commit e9d6e2ea9a3dc01d3849b925c50702cda6ddf225)
2003-02-18	Sync w/HEAD - add DES_CBC_CRC encryption type	Jim McDonough	1	-1/+1
	(This used to be commit c7934f5cb56d54a90c9ffdbe2f7429a3c9227abe)
2003-02-18	This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵	cvs2svn Import User	1	-0/+303
	used to be commit c31455779d7948e866fe1916425c3746134dea01)
2003-02-17	Correctly check for inet_addr fail. Patch from gregor.7@osu.edu.	Jeremy Allison	1	-2/+5
	Jeremy. (This used to be commit fb3548e5080812c037c2c134504cc9af4ecbfedd)
2003-02-17	Correctly check for inet_addr fail. Patch from gregor.7@osu.edu.	Jeremy Allison	1	-2/+5
	Jeremy. (This used to be commit 01f6b2694532749807aff1c2e6f338dade2d9b09)
2003-02-17	Don't leak a session_key worth of memory at the end of the NTLMSSP auth.	Andrew Bartlett	1	-0/+1
	(This used to be commit ae9765b84de0fd6eff790b3bff26dd3d43ec2bd6)
2003-02-16	Add the 'session key' output of the NTLMSSP exchange to the cli struct, so	Andrew Bartlett	1	-0/+11
	it can be used for 'net rpc join'. Also fix a bug in our server-side NTLMSSP code - a client without any domain trust links to us may calculate the NTLMv2 response with "" as the domain. Andrew Bartlett (This used to be commit ddaa42423bc952e59b95362f5f5aa7cca10d1ad4)
2003-02-15	Don't return NULL pointers for now.	Andrew Bartlett	1	-4/+4
	We should look into how to deal with NULL v "" strings, and the NTLMSSP code underneath properly at some stage. Andrew Bartlett (This used to be commit dc934412b0190ea75073cccddac45e74ebcd4a6b)
2003-02-15	Move our NTLMSSP client code into ntlmssp.c. The intention is to provide a	Andrew Bartlett	6	-128/+440
	relitivly useful external lib from this code, and to remove the dupicate NTLMSSP code elsewhere in samba (RPC pipes, LDAP client). The code I've replaced this with in cliconnect.c is relitivly ugly, and I hope to replace it with a more general SPENGO layer at some later date. Andrew Bartlett (This used to be commit b2b66909ac2e251f8189e0696b6075dbf748521a)
2003-02-15	Antti Andreimann <Antti.Andreimann@mail.ee> has done some changes to enable	Andrew Bartlett	2	-1/+23
	users w/o full administrative access on computer accounts to join a computer into AD domain. The patch and detailed changelog is available at: http://www.itcollege.ee/~aandreim/samba This is a list of changes in general: 1. When creating machine account do not fail if SD cannot be changed. setting SD is not mandatory and join will work perfectly without it. 2. Implement KPASSWD CHANGEPW protocol for changing trust password so machine account does not need to have reset password right for itself. 3. Command line utilities no longer interfere with user's existing kerberos ticket cache. 4. Command line utilities can do kerberos authentication even if username is specified (-U). Initial TGT will be requested in this case. I've modified the patch to share the kinit code, rather than copying it, and updated it to current CVS. The other change included in the original patch (local realms) has been left out for now. Andrew Bartlett (This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
2003-02-15	Move our NTLMSSP code into easily seperated peices, not relying on the whole	Andrew Bartlett	3	-323/+345
	of libsmb. Andrew Bartlett (This used to be commit b5ec7efa80478187124c1cfa8c7fcc4036506a37)
2003-02-14	NTLMSSP parinoia - we really don't want to run over the end of our blob,	Andrew Bartlett	2	-14/+46
	and make sure we can never get an 'authenticate' packet without a challenge. Andrew Bartlett (This used to be commit 4d94f8e6912c1339515cd1f68d1b698e7c699626)
2003-02-14	Ensure that only parse_prs.c access internal members of the prs_struct.	Jeremy Allison	1	-3/+3
	Needed to move to disk based i/o later. Jeremy. (This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
2003-02-14	Ensure that only parse_prs.c access internal members of the prs_struct.	Jeremy Allison	1	-3/+3
	Needed to move to disk based i/o later. Jeremy. (This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
2003-02-14	Further extract our NTLMv2 code into smbencrypt.c, prior to merge into our	Andrew Bartlett	2	-32/+51
	NTLMSSP client code. Andrew Bartlett (This used to be commit eaa8e7d1f82b30e7af14a0a58d7ca3eb66a06053)
2003-02-13	A few typo fixes Andrew eventually let off to me.	Rafal Szczesniak	2	-5/+5
	Rafal (This used to be commit 16a66cf17a544a214b7c5b483c81c7568a18a779)
2003-02-12	adding more descriptions for nt status codes	Gerald Carter	1	-1/+66
	(This used to be commit 2fa33fcaee288f0607db9fc72d2f1cafdd6c5959)
2003-02-12	adding more descriptions for nt status codes	Gerald Carter	1	-1/+66
	(This used to be commit dfceb0aab5d97df5b6b744143db254656398f0e9)
2003-02-10	Clean up our NTLMv2 code by moving the grunt work into a helper function.	Andrew Bartlett	2	-41/+34
	Andrew Bartlett (This used to be commit 6789e237d7b070624ba09e7ed43680b838337b74)
2003-02-09	(only for HEAD at the moment).	Andrew Bartlett	5	-110/+186
	Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 = yes') and only when 'client use spengo = no'. (A new option to allow the client and server ends to chose spnego seperatly). NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet. Also some parinoia checks in our input parsing. Andrew Bartlett (This used to be commit 85e9c060eab59c7692198f14a447ad59f05af437)
2003-02-02	Add some return values, and don't attempt signing for NTLMSSP yet (it uses a	Andrew Bartlett	2	-3/+3
	different algorithm). Andrew Bartlett (This used to be commit e6f87c7ee5c61f03f81159a8017d31f439c4454a)
2003-02-02	More signing updates - start checking that the server isn't being spoofed.	Andrew Bartlett	2	-1/+42
	Andrew Bartlett (This used to be commit b1c722e306533babeffeba9d8c7dcfa00e019423)
2003-02-01	We now have client-side SMB signing support!	Andrew Bartlett	3	-8/+15
	This checking allows us to connect to Microsoft servers the use SMB signing, within a few restrictions: - I've not get the NTLMSSP stuff going - it appears to work, but if you break the sig - say by writing a zero in it - it still passes... - We don't currently verfiy the server's reply - It works against one of my test servers, but not the other... However, it provides an excellent basis to work from. Enable it with 'client signing' in your smb.conf. Doc to come (tomorrow) and this is not for 3.0, till we get it complete. The CIFS Spec is misleading - the session key (for NTLMv1 at least) is the standard session key, ie MD4(NT#). Thanks to jra for the early work on this. Andrew Bartlett (This used to be commit 1a2738937e3d80b378bd0ed33cd8d395fba2d3c3)
2003-01-30	Stop tpot from trampling over my Heimdal fixes by moving some of them	Jeremy Allison	1	-0/+122
	to HEAD :-). Jeremy. (This used to be commit 1fec0f50ed0e750afec5cdf551fcd37ef4858e94)
2003-01-30	Revert tpot's breakage of the Heimdal fixes.	Jeremy Allison	1	-0/+122
	Jeremy. (This used to be commit 90336900ad2a6d50e1d42f7bc59fdc7c762187d3)
2003-01-30	Sync of Heimdal kerberos stuff with HEAD. If this breaks I'm blaming	Tim Potter	1	-122/+0
	the dog again. (This used to be commit 6f89ee2c9dc7f03e3dbe7aa734bf67c6a434d135)
2003-01-28	Merge from HEAD:	Andrew Bartlett	2	-63/+68
	- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor. - also consequential changes to the NTLMSSP and SPNEGO parsing functions - and the client code that uses the same functions - Add ntlm_auth, a NTLMSSP authentication interface for use by applications like Squid and Apache. - also consquential changes to use common code for base64 encode/decode. - Winbind changes to support ntlm_auth (I don't want this program to need to read smb.conf, instead getting all it's details over the pipe). - nmbd changes for fstrcat() instead of fstrcpy(). Andrew Bartlett (This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
2003-01-28	This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This ↵	cvs2svn Import User	1	-0/+281
	used to be commit b741abd496621586040081c04674ae53cb5db47c)
2003-01-28	Factor out common code in the NTLMSSP/SPNEGO code.	Andrew Bartlett	2	-53/+18
	The idea here is to seperate, as much as possible, the SPNEGO layer from the NTLMSSP layer. This not only helps us with protocol correctness, but also should allow further mechinisms to be added with relitive ease. I indend to make the kerberos code use this shortly. I've never seen the 'zero length blob' form of the anonymous login, so I've removed that case. Andrew Bartlett (This used to be commit a8773c9f825539c5bc17e4200b16d7ebbe0b7620)
2003-01-28	Finally we compile with Heimdal as well as MIT ! Wonder if it works... :-).	Jeremy Allison	1	-0/+52
	Jeremy. (This used to be commit 1b71786c161cd8ec4c3c0c6b178370ed50feeef4)
2003-01-28	Get smbd to link with Heimdal. Still missing some client progs...	Jeremy Allison	1	-0/+22
	Jeremy. (This used to be commit 85dda434763bbcea260c800599e4b6b73afcf174)
2003-01-23	Thanks Meeester Potter, for reverting all my Heimdal changes because	Jeremy Allison	1	-0/+48
	I mistyped a comma :-). Jeremy. (This used to be commit 04cc149c756c396012cfa321a74724b077302b95)
2003-01-23	Fixed typo.	Tim Potter	1	-1/+1
	(This used to be commit 09d8a8e87fbb13928b863f659381dddb09592985)
2003-01-23	Fixed typo.	Tim Potter	1	-1/+1
	(This used to be commit 9b11ede90129fab8311344ce8621556fd6cff7dc)
2003-01-22	Merge of kerberos changes to make this branch build again!	Tim Potter	1	-48/+0
	(This used to be commit 51b319f57f28e3993919d7f3db0251a724902332)
2003-01-22	fix for CR 1603; provide description of NT_STATUS_PIPE_NOT_AVAILABLE	Gerald Carter	1	-0/+1
	(This used to be commit fcf63df8bfae37680ad7af48c65af62abc4e0020)
2003-01-22	fix for CR 1603; provide description of NT_STATUS_PIPE_NOT_AVAILABLE	Gerald Carter	1	-0/+1
	(This used to be commit b063acd9062704be6352647dae2ad801ecacec75)
2003-01-21	Get closer to Heimdal compile... Damn. HEAD has different code in	Jeremy Allison	1	-0/+48
	kerberos_verify... Jeremy. (This used to be commit e8c4098da619a1429cc4c8251761333a7c0f3458)
2003-01-21	Fixup proto generation to not include krb5 specific symbols	Jeremy Allison	1	-5/+5
	if no kerberos selected. Noticed by Metze. Jeremy. (This used to be commit 1684719695acb7168115b032fc1ec672509239ea)
2003-01-21	Fixup proto generation to not include krb5 specific symbols	Jeremy Allison	1	-5/+5
	if no kerberos selected. Noticed by Metze. Jeremy. (This used to be commit 0c98f779f05431ac4d298c9f021fca85d16aebae)
2003-01-21	More fixes getting us closer to full Heimdal compile....	Jeremy Allison	1	-0/+20
	Jeremy. (This used to be commit a7ee6ed64500a0d949849da6996b7dc837518f00)
2003-01-21	More fixes getting us closer to full Heimdal compile....	Jeremy Allison	1	-0/+20
	Jeremy. (This used to be commit 193cc4f4fc876c66e97ea6b82bae431d0247c1fa)
2003-01-20	should be HAVE_KRB5_SET_REAL_TIME (HAVE_ was missing)...fix the build	Jim McDonough	1	-1/+1
	(This used to be commit 9f1f3cb8bb3d7d9b4fb414b06ad10356f775bb28)
2003-01-20	should be HAVE_KRB5_SET_REAL_TIME (HAVE_ was missing)...fix the build	Jim McDonough	1	-1/+1
	(This used to be commit aceaaad1c2efce41fe0e03655b0ca0583788d7ab)
2003-01-19	Merge in more of the SuSE patches for Heimdal. These changes show how	Jeremy Allison	1	-0/+29
	to add a function without an explicit #ifdef HEIMDAL which I'm trying to avoid. Jeremy. (This used to be commit 92ecd0bf0fe2cc4f6c86ca48e6e458e726470a50)
2003-01-19	Merge in more of the SuSE patches for Heimdal. These changes show how	Jeremy Allison	1	-0/+29
	to add a function without an explicit #ifdef HEIMDAL which I'm trying to avoid. Jeremy. (This used to be commit 77aeb262ef7c7cd3d206afe2d5445caaca943dfd)
2003-01-16	(missed in last commit)	Andrew Bartlett	2	-6/+9
	Change the 'cookie' to be the ntlmssp_context, and use the 'auth_context' on that to store the cookie. Ensures that simple callbacks can 'just work'. Also make it clear that we are doing a pull_string into a pstring, not just any sized buffer. Andrew Bartlett (This used to be commit c7793f27188e658b7fc6336aa51d367eab36fc17)