Age | Commit message (Collapse) | Author | Files | Lines |
|
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This structure handles more than NTLMSSP now, at least when we are an AD DC
and so changing the name may avoid some confusion in the future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This uses the very helpful conversion functions written for the s3 lsa server
and places these in common.
Andrew Bartlett
|
|
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Oct 27 16:40:15 CEST 2011 on sn-devel-104
|
|
Change some misleading variable names to reflect the actual function.
Add missing field name/types previously marked as unkown.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Oct 24 19:19:28 CEST 2011 on sn-devel-104
|
|
We now just call the gensec_session_key() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We now just call the gensec_want_feature() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We now just call gensec_update directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.
This also simplfies the callers, by moving the lp_*() calls
into one place.
Andrew Bartlett
|
|
This can be an ordinary talloc child without causing any problem.
This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.
Andrew Bartlett
|
|
This brings in the code from both libcli/auth and
source4/auth/ntlmssp.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
|
|
We should return the same in all places
and don't mix NT_STATUS_INVALID_CONNECTION and NT_STATUS_CONNECTION_INVALID.
metze
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Sep 13 12:39:10 CEST 2011 on sn-devel-104
|
|
|
|
struct lsa_TrustDomainInfoAuthInfo and struct
trustAuthInOutBlob can store the same information for different usage. The added
routines can convert one struct into the other.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Sep 12 15:52:17 CEST 2011 on sn-devel-104
|
|
Currently the caller doesn't cope with multiple async requests anyway,
so this is just protection for the future.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Aug 5 22:31:12 CEST 2011 on sn-devel-104
|
|
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.
The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.
However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
We now just use auth_ntlmssp_want_feature to get extra flags
on the NTLMSSP context
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This clarifies the lifetime of the returned token.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
tstream_writev_queue_send()
This will be needed when tstream_writev_queue_send() changes it's behavior and
avoids using an immediate event when the queue is empty.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Aug 1 14:55:00 CEST 2011 on sn-devel-104
|
|
|
|
We reopen the hive and key so close them before reopen.
|
|
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Removed winreg_printer_delete_subkeys().
Removed winreg_printer_enumvalues().
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Wed Jul 13 12:42:02 CEST 2011 on sn-devel-104
|
|
Functions now use dcerpc_winreg_delete_subkeys_recursive() instead of the more
specific printer function winreg_printer_delete_subkeys().
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
The functions that called winreg_printer_enumvalues() function now use
dcerpc_winreg_enumvals().
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
This function is set to replace the more specific printer function
winreg_printer_delete_subkeys().
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
The function is set to replace the more specific printer function
winreg_printer_enumvalues() function.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Currently cli_winreg.c functions only set the returned server werror
status on failure, if the server request succeeds the value remains
uninitialised.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Fri Jul 8 16:32:39 CEST 2011 on sn-devel-104
|
|
cli_winreg.c functions indicate status to the caller in two ways. The
ntstatus return code indicates client side errors, the pwerr argument
carries the server response error code.
Many functions are filling the pwerr argument on client side error, this
change removes these cases.
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
|
|
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
|
|
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
These are in/out values and need to be initialized.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jun 10 16:27:24 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|