summaryrefslogtreecommitdiff
path: root/source3/smbd/seal.c
AgeCommit message (Collapse)AuthorFilesLines
2011-10-21libcli/smb: move smb_seal.c to the toplevelStefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
2011-10-21s3-seal Remove struct smb_srv_trans_enc_ctxAndrew Bartlett1-99/+50
This structure added no value, particularly after the move to gensec. It was added at a time when auth_ntlmssp_state was not available in the client. This changed a while back (the wrapper was extended with client calls), and the move to gensec again reinforced that we do not need the extra complexity. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove references to auth_ntlmssp_context from the smb sealing codeAndrew Bartlett1-15/+24
Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett1-1/+1
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_negotiated_sign() and ↵Andrew Bartlett1-2/+2
auth_ntlmssp_negotiated_seal() We now just call the gensec_have_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett1-7/+8
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few ↵Stefan Metzmacher1-1/+1
lines later metze
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett1-1/+1
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-08-25s3: Pass smbd_server_connection to (unused) server_encryption_shutdownVolker Lendecke1-1/+1
2011-08-25s3: Pass smbd_server_connection to srv_encrypt_bufferVolker Lendecke1-1/+2
2011-08-25s3: Pass smbd_server_connection to srv_decrypt_bufferVolker Lendecke1-1/+1
2011-08-25s3: Pass smbd_server_connection to srv_free_enc_bufferVolker Lendecke1-1/+1
2011-08-25s3: Pass smbd_server_connection to is_encrypted_packetVolker Lendecke1-1/+2
2011-08-25s3: Explicitly pass smb_srv_trans_enc_ctx to srv_enc_ctxVolker Lendecke1-3/+3
2011-08-05s3: Make srv_enc_ctx staticVolker Lendecke1-1/+1
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Aug 5 18:29:24 CEST 2011 on sn-devel-104
2011-08-05s3: Fix some nonempty blank linesVolker Lendecke1-3/+3
2011-08-03s3-ntlmssp Split auth_ntlmssp_start into two functionsAndrew Bartlett1-1/+7
This helps map on to the GENSEC semantics better, and ensures that the full set of desired features are set before the mechanism starts. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the serverAndrew Bartlett1-0/+2
This is changed so that the callers ask for the additional flags that they need, starting with no additional flags. This helps to create a proper abstraction layer in ntlmssp_wrap/auth_ntlmssp. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett1-3/+7
This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-08-03s3-ntlmssp Use auth_ntlmssp_*() functions in more placesAndrew Bartlett1-2/+2
This allows auth_ntlmssp_get_ntlmssp_state() to be removed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-04s3-auth: Added remote_address to ntlmssp server.Andreas Schneider1-11/+39
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-1/+1
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-05-06s3-libsmb: move protos to libsmb/proto.hGünther Deschner1-0/+1
Guenther
2011-05-05Fix many const compiler warnings.Jeremy Allison1-1/+1
2011-03-30s3-auth: smbd needs auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3: include smbd/smbd.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-16s3-build: only include asn1 headers where actually needed.Günther Deschner1-0/+1
Guenther
2011-03-16s3-libsmb: move smb encryption structs into own header.Günther Deschner1-0/+1
Guenther
2010-10-08s3: Fix input check in is_encrypted_packetVolker Lendecke1-1/+3
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 07:40:52 UTC 2010 on sn-devel-104
2010-07-20Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵Jeremy Allison1-4/+4
contexts. Jeremy.
2010-07-20Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduceJeremy Allison1-2/+2
use of malloc, and data_blob(). Jeremy.
2010-07-20s3-auth: Move auth_ntlmssp wrappers in their own fileSimo Sorce1-0/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-19s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contextsSimo Sorce1-1/+1
Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state. Remote auth_ntlmssp_end and use TALLOC_FREE in the callers. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-05-31ntlmssp: Make the ntlmssp.h from source3/ a common headerAndrew Bartlett1-1/+1
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Remove AUTH_NTLMSSP_STATE typedef.Andrew Bartlett1-1/+1
typedefs are no longer preferred Samba style. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31s3:auth Make AUTH_NTLMSSP_STATE a private structure.Andrew Bartlett1-3/+6
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org>
2009-12-22s3:ntlmssp: only include ntlmssp.h where actually neededAndrew Bartlett1-0/+1
Andrew Bartlett
2009-09-17spnego: share spnego_parse.Günther Deschner1-0/+1
Guenther
2009-01-08s3:smbd: move all globals and static variables in globals.[ch]Stefan Metzmacher1-3/+1
The goal is to move all this variables into a big context structure. metze
2008-12-23Fix more asprintf warnings and some error path errors.Jeremy Allison1-2/+1
Jeremy.
2008-10-13s3: fix another build warning.Günther Deschner1-4/+4
Guenther
2008-10-12Cope with the fact that the data blobs returned are nowJelmer Vernooij1-4/+20
talloc-allocated. Ideally, this memory should be talloc-stolen (and perhaps have DATA_BLOB in the interface everywhere), but that requires some more complex changes so I've just changed it to copy it for now.
2008-04-07Remove unused variable.James Peach1-1/+0
(This used to be commit 3ed2c65bde0c2e5ad10cf777dae8a2d3e626a42c)
2008-04-07Fix Kerberos interop with Mac OS X 10.5 clients.Bill Ricker1-2/+5
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated with the client rather than hardcoding OID_KERBEROS5_OLD. (This used to be commit 59a2bcf30fef14ecc826271862b645dd3a61cb48)
2008-02-14Currently we don't SPNEGO negotiate back to NTLMSSP. Note this.Jeremy Allison1-4/+16
Jeremy. (This used to be commit 8cd04b948bfba3896d40c9e314a197f60ad76833)
2008-01-08Simplify... plus add a debug message.Jeremy Allison1-5/+5
Jeremy. (This used to be commit bedc493874adaf783362ba7b821e2a6d985b96ea)
2008-01-08Correctly identify enc/non-enc packets.Jeremy Allison1-3/+5
Jeremy. (This used to be commit 647f13d0f1a270a68263b3b0403436f9d6cf1a0e)
2008-01-04Refactor the crypto code after a very helpful conversationJeremy Allison1-15/+29
with Volker. Mostly making sure we have data on the incoming packet type, not stored in the smb header. Jeremy. (This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8)
2007-12-30As the encryption is stream based there's no reasonJeremy Allison1-0/+9
oplock breaks can't be encrypted. If we have multiple contexts I should probably attach them to the connection struct, but for now use the global context number. Jeremy. (This used to be commit 5b4b335ed0d1dc738f1f099e5c638361f3aede07)
2007-12-26Add SMB encryption. Still fixing client decrypt butJeremy Allison1-0/+703
negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104)