Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 858f79b362dce8aa06013533209bc982cb99d33d)
|
|
deal with linking issues in other binaries
(This used to be commit 57f95a01988fb4035b2e4448f4fd3ef0d652c106)
|
|
a problem i was having.
- added rudimentary CAP_STATUS32 support for same reason.
- added hard-coded, copy-the-same-data-from-over-the-wire version of
CAP_EXTENDED_SECURITY, which is a security-blob to encapsulate
GSSAPI which encodes
SPNEGO which is used to negotiate
Kerberos or NTLMSSP. i have implemented
NTLMSSP which negotiates
NTLMv1 or NTLMv2 and 40-bit or 128-bit etc. i have implemented
NTLMv1 / 40-bit.
*whew*.
(This used to be commit e5b80bd2f76fda70e41e4a9007eb035dab92ed8e)
|
|
(This used to be commit 25025f450531c66c0fd9f7eed886cb288d76d025)
|
|
(This used to be commit a8d4560e0064a67a234eae89a564b79d2426d9a9)
|
|
(This used to be commit 5c974cc4a4cdcb9fd3fe01e93aa577b81cf2d18b)
|
|
(This used to be commit 062b9302c1c7a21df74571ead5f89ce002820d53)
|
|
if this fails.
(This used to be commit 5f821e65015c27f5306c3a707841cd0228509974)
|
|
- ssl close from cli_reestablish_connection() not called.
- ntlmv2 fall-back to ntlmv1 failed.
(This used to be commit fdc275353de85fde0c348320e4d64ba66365b73b)
|
|
Algorithm based on previous work of Jeremy's.
(This used to be commit f0c71a804dc869a73eb6af6e0ac9f4fb64dd1f68)
|
|
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
|
|
(This used to be commit 12ee037d44a603ce50982d5b90e08c30339de750)
|
|
password and password length variables not constants.
(This used to be commit 236022071f2f6df0c583fd88d9802d9b3ea6f73e)
|
|
static cli_calc_session_pwds(). this code used to be inside cli_session_setup()
itself and worked on non-NULL local variables.
(This used to be commit 7aff19ba57fd91572da7cbe16f118d11226590e3)
|
|
(This used to be commit bc8c46bc088298d6247830b673790032e59d7f6a)
|
|
now uses improved authentication. smbclient now "broken" for "scripts"
based on DEBUG() output. cli_establish_connection() requires modification
to support old scripts.
(This used to be commit b0539d43407cb2b0bab7977908de09b21b145218)
|
|
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
|
|
(This used to be commit de9a38b0bcb5adcb6e502f2200d3e84bdcbdfc48)
|
|
(This used to be commit 250621b3cec5fc463d348432d1d0ff5fb59e7a29)
|
|
of a pstrcpy into an fstring).
(This used to be commit ac0060443de800fec9042b69b299ff2e9128a31c)
|
|
command "at" (compatible with NT's "at" command - see rpcclient commit) -
useful for remote NT administration.
(This used to be commit cf30a472f702d7b50c3a85e2cf2f55b46a2bd452)
|
|
used to add workstation to domain. unix account db not modified: only
SAM password db is used.
(This used to be commit 129a9a4d4b74897ed753a697a3aed9b194c25568)
|
|
(This used to be commit 68841eeb64df5958a90a6471fd17e6e56fba7c67)
|
|
anywhere.
(This used to be commit 71b861f7468d7950bedb61dd18a4b9d830bf8628)
|
|
(This used to be commit b51574174c5bbc554eb1c697cb22b2b73af44306)
|
|
(This used to be commit 674e4a3a73cd601c647a5069e2af943a6321ac06)
|
|
(actually, decryption only currently because I need to get some sleep).
Basically another Microsoft twist on DES; the "master key" is the user's
NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys.
(This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619)
|
|
Copyright (C) Benjamin Kuit <bj@mcs.uts.edu.au> 1999.
(This used to be commit fdf61e1dabc2c977ee5cf1e9d60e3380f19840da)
|
|
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
|
|
(This used to be commit 73db80f34183324845407b00f58462ff2d7b47ea)
|
|
(This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
|
|
(This used to be commit af83778abc5fae0df53ed1874181e33bc8de8d94)
|
|
validation checks and also added capability to send plaintext passwords.
send "ntpasslen" of zero to do this. sending same plaintext password
for pass and ntpass arguments will result in previous behaviour of
encrypting password if server supports it.
(This used to be commit 17f4c5a785cf20901bcb76510e5ea9b0a6928115)
|
|
needed this for some tests.
- removed code that said "if lm password is not encrypted then encrypt both
lm and nt passwords". actually it said "if lm password length is not 24
bytes and we're in security=user mode..."
it didn't bother to check whether the nt password was NULL or not, and
doing the encryption inside cli_session_setup is the wrong place.
- checked all instances where cli_session_setup is called with cleartext
passwords that are expected to then be encrypted (see above) with the
test "if pwlen != 24...". there was only one: all the others either
provide encrypted passwords, do null sessions or use
cli_establish_connection.
* recommendation: use cli_establish_connection() in smbwrapper/smbw.c
(This used to be commit 2a509e9606f8aefbefa6e7b49878726464dbed44)
|
|
However, it seems that the -s flag
in smbclient is also ignored :-(
(This used to be commit f6c78192664d611d4663ed7459a2789315861eec)
|
|
own smbd process, rather than complaining about a password server loop.
(This used to be commit 63d7822b9d87d085194de6895d3e271cedcd3c9a)
|
|
is not the same as
!(eclass == ERRDOS && num == ERRmoredata)
This was causing smbclient to segfault on receiving certain errors.
(This used to be commit 15bd172530af360cf16ad626330dfe2ea92100df)
|
|
idiotic *SMBSERVER connectionism added to cli_connect_serverlist().
also added check for protocol < LANMAN2.
(This used to be commit c2bcb3a286f22ed4f0f55da2a3eb2bff17906fb1)
|
|
(This used to be commit 870bccb174337dec5cc14a5e7740662de56e629c)
|
|
(This used to be commit dacf5b152bf74cc3ee9a816911384a5eb0e77afa)
|
|
(This used to be commit 9bce7340d60a49594f67cc3c6cc6119b33a5358a)
|
|
(This used to be commit 603c5f6df8c525f30d00da912d408b98378ea538)
|
|
a connection succeeds...).
(This used to be commit c0efc35b27d50c40bc04bfd9fb1d61ea5d32bde5)
|
|
Fix by Matt Chapman <m.chapman@student.unsw.edu.au>
(This used to be commit c44b418d6fd16a257af21f6b5b29b1cdf26015b7)
|
|
acconfig.h configure configure.in include/config.h.in: Fixes to DEC OSF1.
libsmb/nmblib.c: Fixes to nmbd jumps in scope names.
Jeremy.
(This used to be commit 5ad77769be85e6727319afb0f02e5d94c2f9f16f)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
(This used to be commit 67ba0b1ce335bc80e1c33fa28458ec9ebe5f446a)
|
|
lowercase share names!)
(This used to be commit dddf1d8522707b828cac466c4a9ab2807d098573)
|
|
smbwrapper not made
by default.
nmbd*: Changed all calls to namestr() to nmbd_namestr() to fix broken FreeBSD include
file problem...sigh.
Jeremy.
(This used to be commit 9ee8f39aed8772a05c203161b4ae6b7d90d67481)
|