Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e)
|
|
Jeremy.
(This used to be commit 7c1688fd67c1bda1477aaf870371c825280db870)
|
|
NTLMSSP and kerberos support in smbd
(This used to be commit 38a43d75e25bbebe0f6cdfcf389129a842ede842)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
Fix the NT errror codes, this time in line with WinXP/2k.
- Return the normal error codes, expect for bad user/bad password. These map
to logon failure, as a quick security hack. We follow suit.
Simplfy some of the password extraction code, the auth subsytem has the
intelegence to sort this stuff out, no need to do it here.
Move to 'global_encrypted_passwords_negotiated' to determine the use of
unencrypted hacks, replacing the current mess.
Andrew Bartlett
(This used to be commit c04f063573c61d8ef3f43815bbb9b6b076dc23eb)
|
|
(This used to be commit b6048e28ab996ba5581cfa3b50401c0f775befdd)
|
|
(This used to be commit d417b6b5cbdbb244cc683387d73a9200eef53427)
|
|
than NT_STATUS_LOGON_FAILURE. This also brings us (almost) back in line with
their implementation.
Kill off SMBENCRYPT() macro
Kill off 'nt smb support' paramater - tridge okayed this one.
Andrew Bartlett
(This used to be commit 67947bf6e31ee9758f8a2186f83031ba21b716f2)
|
|
NTSTATUS. This gets the right error codes in SMBunlink
(This used to be commit c82f7828c05c747a5782d10c68cc2df80d4071bd)
|
|
(This used to be commit a95943fde0ad89ae3f2deca2f7ba9cb5ab612b74)
|
|
completely broken, and it's pointless to emulate their brokenness completely in this case, but at least this makes us use approximately the same packet format. The spec is complelet wrong in this case
(This used to be commit 2d507ec669def6d49304559e53d6c14af9b290a9)
|
|
they can have general effect.
Fixed up workstaion support in the rest of samba, so that we can do these
checks.
Pass through the workstation for cli_net_logon(), if supplied.
(This used to be commit 7f04a139b2ee34b4c282590509cdf21395815a7a)
|
|
Rework the 'map to guest' code, its now possible to follow what its trying
to do...
Add an NT_STATUS_EQUAL(x,y) macro to make this stuff sane to look at.
Andrew Bartlett
(This used to be commit d618880661976644a6ee713edf969ad561e82097)
|
|
This should help make much of this code simpiler.
Andrew Bartlett
(This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0)
|
|
NTLMv1 passwords (and old LM passwords) are exactly 24 in lenghth.
(This used to be commit 51baa1614d1a338f50dbf8eaa5ea31ab58c11409)
|
|
Andrew Bartlett
(This used to be commit 21baa33946a24159ebe873ac37cf30581437aa1a)
|
|
- the usersupplied_info now contains a smb_username (as it comes across on
the wire) and a unix_username (after being passed through mapping
functions)
- when doing security={server,domain} use the smb_username, otherwise use
the unix_username
(This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547)
|
|
(This used to be commit 60d297303488ed583537ca2853828fccd6da2ade)
|
|
Jeremy.
(This used to be commit fa8d626a2773569a454451e77ea56c707b33b69e)
|
|
Don. please check this out.
Jeremy.
(This used to be commit ce9f95996498f7795aaef069e1443ea1c7d524b3)
|
|
Jeremy.
(This used to be commit c05e79453655abb67fd47a2d3dba88b4c5377e35)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit 8a49b2f7df46b2c990a980758fe1f3871e8b578e)
|
|
Jeremy.
(This used to be commit a6f04d16613a06c1aafa89d7373d1e4b4a5fb45b)
|
|
to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs
(This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
|
|
major changes include:
- added NSTATUS type
- added automatic mapping between dos and nt error codes
- changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT()
these calls auto-translate to the client error code system
- got rid of the cached error code and the writebmpx code
We eventually will need to also:
- get rid of BOOL, so we don't lose error info
- replace all ERROR_DOS() calls with ERROR_NT() calls
but that is too much for one night
(This used to be commit 83d9896c1ea8be796192b51a4678c2a3b87f7518)
|
|
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
|
|
(This used to be commit ef5f4866fbbfa6be07cdc3e612a8899967d48289)
|
|
nt_smb clients. As spotted by Thursby.
(This used to be commit 22de76a920671614144babac9f589419532d8671)
|
|
drop paramaters:
status
utmp hostname
change session code to always record each vuid current on the server. The sessionid struct is no longer packed, as I couldn't get that to work ;-)
change smbstatus to show this info and less of the connections.tdb info (its not actualy that accurate).
I'll get swat doing some of this shortly.
(This used to be commit b068ad300527c44673bbee0aede7849199c89de7)
|
|
"share" instead of "\\server\share".
Fix that. Still not able to get the user list but that's something else.
Jeremy I don't think I broke anything ;-)
J.F.
(This used to be commit 59018c58e4158e9ccb51c42ca32e490f32ee0def)
|
|
(This used to be commit a25911d58c752350b62b205cfb0d6fc5b1c90cef)
|
|
smbd/password.c: We don't use globals here anymore
smbd/reply.c: Tidyness, global_myworkgroup must die!
smbd/service.c: Move some of the make_connection code into a helper
function.
(This used to be commit 15c87e404fcaff9e360a40b8b673938c6e611daf)
|
|
Andrew Bartlett
(This used to be commit 204da7ba96b0c562bab5e5536728a0378077bdc7)
|
|
Jeremy.
(This used to be commit e4a295b730b3d1ee784c896611d184c7699c74e7)
|
|
Jeremy.
(This used to be commit 3bf2419f4b7a9d46a1d48062212a6a6579c22b92)
|
|
Jeremy.
(This used to be commit 28b4ee1eba5fbfd83c000a0e485632c477b7bfa9)
|
|
samba-technical a few weeks ago.
The idea here is to standardize the checking of user names and passwords,
thereby ensuring that all authtentications pass the same standards. The
interface currently implemented in as
nt_status = check_password(user_info, server_info)
where user_info contains (mostly) the authentication data, and server_info
contains things like the user-id they got, and their resolved user name.
The current ugliness with the way the structures are created will be killed
the next revision, when they will be created and malloced by creator functions.
This patch also includes the first implementation of NTLMv2 in HEAD, but which
needs some more testing. We also add a hack to allow plaintext passwords to be
compared with smbpasswd, not the system password database.
Finally, this patch probably reintroduces the PAM accounts bug we had in
2.2.0, I'll fix that once this hits the tree. (I've just finished testing
it on a wide variety of platforms, so I want to get this patch in).
(This used to be commit b30b6202f31d339b48d51c0d38174cafd1cfcd42)
|
|
(This used to be commit 9a87d6f58fc005ddf2daf6fceb12a54fdc48f3b7)
|
|
on username we already know are perfectly valid, and in their final form. In
particular we don't want to do a lookup for DOMAIN\nobody, it just does not
make sense, nor should we do map_username and the like if the username is as
specified in the vuid - we have done it already.
Andrew Bartlett
(This used to be commit 7cb517329b0fa2dec427a890a985c75cd467a3b0)
|
|
Jeremy.
(This used to be commit 8db233c8b5866df2b3f9f4ed64e7de95807cf371)
|
|
not change behaviour.
This should make my later diffs smaller, where I actualy start cleaning up this
mess...
Andrew Bartlett
(This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c)
|
|
if the password is blank. That ain't valid with encrypted passwords!
Jeremy, this changes the semantics of session setup. We no longer
automatically set guest=True when the client happens to choose their
username == the guest username. Instead we rely on the map_to_guest
code. I'm pretty sure this is now the right thing, but please look at
it carefully before putting it in 2.2
This is the bug that was causing the build farm to sometimes
fail. Basically we failed every 256 attempts - ie. when the first byte
of the encrypted password happened to be 0
(This used to be commit 4b35a3494c53fe38532fc12cf1c57e1a3715ad0f)
|
|
for help on this.
Jeremy.
(This used to be commit 7efaefdf60e1880cf4ab97e1901248abd00acd79)
|
|
(This used to be commit a1dee993cbf52e7232b65323430c8574843eb168)
|
|
(This used to be commit 3b9eb528f56b325399e5a4588242bb6d9f9226e2)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267960e56005a741817ebd227ecfc512a)
|
|
(This used to be commit 657836599a847578096696af27cd7c9f0d52c931)
|
|
Jeremy.
(This used to be commit 310d2af6b0797cbd4f776b5c6c5b90a5d86b1aa9)
|