| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Jeremy.
(This used to be commit 2e9880ef7c259b67eb75edc8098b734c3b7b22c1)
|
|
Volker
(This used to be commit 329911e43681b724cb0579aad77b4a658759d7ba)
|
|
Volker
(This used to be commit 54c99ee1fbaf4541fb3fa10a9b764da1367af6d3)
|
|
get Win2k to send a valid signiture in it's session setup reply - which it will
give to win2k clients.
So, I need to look at becoming 'more like MS', but for now I'll get this code
into the tree. It's actually based on the TNG cli_pipe_ntlmssp.c, as it was
slightly easier to understand than our own (but only the utility functions
remain in any way intact...).
This includes the mysical 'NTLM2' code - I have no idea if it actually works.
(I couldn't get TNG to use it for its pipes either).
Andrew Bartlett
(This used to be commit a034a5e381ba5612be21e2ba640d11f82cd945da)
|
|
(This used to be commit 05cffbee56f0556f550b4d14f3111bd7db972621)
|
|
The intention is to allow for NTLMSSP and kerberos signing of packets, but
for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA
spec)
Andrew Bartlett
(This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)
|
|
(This used to be commit c2a266b7b661d319e13982bfdbc3a86e8502b8a4)
|
|
Jeremy.
(This used to be commit 60b0cfc8a5b6275d3460ebc6bf17d0f08e25b67e)
|
|
Jeremy.
(This used to be commit c832e95c2f4daf175954a60f3c56420cf2f35b45)
|
|
\\server\share syntax, not just a "share" tconX syntax. This broke interop
with a vendor.
Jeremy.
(This used to be commit 3cc2ace7718ac1162494b81fa21d4cc9de021d1c)
|
|
\\server\share syntax, not just a "share" tconX syntax. This broke interop
with a vendor.
Jeremy.
(This used to be commit 9d7ea5585c873156ede4b56e43a0d4d75077283a)
|
|
(This used to be commit 1af39523cc3b2313f3e8acd4f2e5338182ec0b13)
|
|
Fix lingering large offset problems in smbtar etc.
(This used to be commit c416eec2f2a38eebfcda5868999d474628037f1e)
|
|
(This used to be commit 251b91f46988053eccc53f814a23ed5ca787c852)
|
|
broken a lot of stuff. These two macros are meant to make life easier
when fixing these bugs. I'm guessing we will see more macros like
this (eg. fstrcpy_base)
(This used to be commit 50389c0cb2504d7941ec691af21d6a20ae5c5de7)
|
|
This changes the cache format, which will simply invalidate existing entries,
leaving them dead in the cache.
Andrew Bartlett
(This used to be commit 3fc179362ea849db23490b971a9f64f943e7f7f8)
|
|
(This used to be commit 92abafa62894a125c5a09fc92f5056e4d8b51089)
|
|
Andrew Bartlett
(This used to be commit 32fd0c49009e38022523cc5c14567dd55de08206)
|
|
keys for kerberos authentication.
Andrew Bartlett
(This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
|
|
- new kerberos code, allowing the account to change it's own password
without special SD settings required
- NTLMSSP client code, now seperated from cliconnect.c
- NTLMv2 client code
- SMB signing fixes
Andrew Bartlett
(This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
|
|
(This used to be commit e0c1f9ef61a0ec4f06a0b0e257497943195b5297)
|
|
(This used to be commit df3c7c9cbb275e9c35356b4f1cab1a741de6f500)
|
|
(This used to be commit 09be123c6c1b67621eaf6c8ffb3016eccd375e5b)
|
|
(This used to be commit 77e1178a888f0d380a5ef94911a8f07bf04a7ba3)
|
|
(This used to be commit 9f1a4809b503f050189d5f87a294b7d8675b1e95)
|
|
(This used to be commit 762b072efb0d6801775a874494cb19ea3d61fa97)
|
|
- setenv() replacement
- mimir's ASN1/SPNEGO typo fixes
- (size_t)-1 fixes for push_* returns
- function argument signed/unsigned correction
- ASN1 error handling (ensure we don't use initiailsed data)
- extra net ads join error checking
- allow 'set security discriptor' to fail
- escape ldap strings in libads.
- getgrouplist() correctness fixes (include primary gid)
Andrew Bartlett
(This used to be commit e9d6e2ea9a3dc01d3849b925c50702cda6ddf225)
|
|
(This used to be commit 4fe8066394143c64c79c052c00f0d747e872103a)
|
|
Andrew Bartlett
(This used to be commit 6af9ec50e010d171cf5287f40ec774e79e4a93fe)
|
|
sucked into proto.h?
(This used to be commit 7e84497882df5bf933ab7ae7fe9af3728393202c)
|
|
- Provide generic functions for
- get valid encryption types
- free encryption types
- Add encryption type parm to generic function create_kerberos_key_from_string()
- Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c
I think this should work for both MIT and heimdal, in HEAD. If all goes smooth,
I'll move it over to 3.0 soon...
(This used to be commit 45e409fc8da9f26cf888e13d004392660d7c55d4)
|
|
(This used to be commit c7934f5cb56d54a90c9ffdbe2f7429a3c9227abe)
|
|
used to be commit c31455779d7948e866fe1916425c3746134dea01)
|
|
Jeremy.
(This used to be commit fb3548e5080812c037c2c134504cc9af4ecbfedd)
|
|
Jeremy.
(This used to be commit 01f6b2694532749807aff1c2e6f338dade2d9b09)
|
|
(This used to be commit ae9765b84de0fd6eff790b3bff26dd3d43ec2bd6)
|
|
it can be used for 'net rpc join'.
Also fix a bug in our server-side NTLMSSP code - a client without any domain
trust links to us may calculate the NTLMv2 response with "" as the domain.
Andrew Bartlett
(This used to be commit ddaa42423bc952e59b95362f5f5aa7cca10d1ad4)
|
|
We should look into how to deal with NULL v "" strings, and the NTLMSSP code
underneath properly at some stage.
Andrew Bartlett
(This used to be commit dc934412b0190ea75073cccddac45e74ebcd4a6b)
|
|
relitivly useful external lib from this code, and to remove the dupicate
NTLMSSP code elsewhere in samba (RPC pipes, LDAP client).
The code I've replaced this with in cliconnect.c is relitivly ugly, and
I hope to replace it with a more general SPENGO layer at some later date.
Andrew Bartlett
(This used to be commit b2b66909ac2e251f8189e0696b6075dbf748521a)
|
|
users w/o full administrative access on computer accounts to join a
computer into AD domain.
The patch and detailed changelog is available at:
http://www.itcollege.ee/~aandreim/samba
This is a list of changes in general:
1. When creating machine account do not fail if SD cannot be changed.
setting SD is not mandatory and join will work perfectly without it.
2. Implement KPASSWD CHANGEPW protocol for changing trust password so
machine account does not need to have reset password right for itself.
3. Command line utilities no longer interfere with user's existing
kerberos ticket cache.
4. Command line utilities can do kerberos authentication even if
username is specified (-U). Initial TGT will be requested in this case.
I've modified the patch to share the kinit code, rather than copying it,
and updated it to current CVS. The other change included in the original patch
(local realms) has been left out for now.
Andrew Bartlett
(This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
|
|
of libsmb.
Andrew Bartlett
(This used to be commit b5ec7efa80478187124c1cfa8c7fcc4036506a37)
|
|
and make sure we can never get an 'authenticate' packet without a challenge.
Andrew Bartlett
(This used to be commit 4d94f8e6912c1339515cd1f68d1b698e7c699626)
|
|
Needed to move to disk based i/o later.
Jeremy.
(This used to be commit 4c3ee228fcdb089eaeead95e79532a9cf6cb0de6)
|
|
Needed to move to disk based i/o later.
Jeremy.
(This used to be commit a823fee5b41a5b6cd4ef05aa1f85f7725bd272a5)
|
|
NTLMSSP client code.
Andrew Bartlett
(This used to be commit eaa8e7d1f82b30e7af14a0a58d7ca3eb66a06053)
|
|
Rafal
(This used to be commit 16a66cf17a544a214b7c5b483c81c7568a18a779)
|
|
(This used to be commit 2fa33fcaee288f0607db9fc72d2f1cafdd6c5959)
|
|
(This used to be commit dfceb0aab5d97df5b6b744143db254656398f0e9)
|
|
Andrew Bartlett
(This used to be commit 6789e237d7b070624ba09e7ed43680b838337b74)
|
|
Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 =
yes') and only when 'client use spengo = no'. (A new option to allow the
client and server ends to chose spnego seperatly).
NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet.
Also some parinoia checks in our input parsing.
Andrew Bartlett
(This used to be commit 85e9c060eab59c7692198f14a447ad59f05af437)
|
