Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-02-22 | s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_info | Andrew Bartlett | 1 | -34/+34 | |
These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2011-02-10 | s3-auth Rename cryptic 'ptok' to security_token | Andrew Bartlett | 1 | -1/+1 | |
This will allow the auth_serversupplied_info struct to be migrated to auth_session_info easier. Adnrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-08-30 | s3-smbd: use make_server_info_krb5() in smb2 too. | Simo Sorce | 1 | -75/+8 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-30 | s3-smbd: User helper function to resolve kerberos user for smb2 | Simo Sorce | 1 | -125/+30 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-22 | s3: Pass the rhost through smb_pam_accountcheck | Volker Lendecke | 1 | -1/+2 | |
2010-08-18 | s3: Lift smbd_server_fd from reload_services() | Volker Lendecke | 1 | -1/+1 | |
2010-08-17 | s3: Remove smbd_server_fd() from session_claim | Volker Lendecke | 1 | -4/+2 | |
2010-08-09 | Fix bug #7608 - Win7 SMB2 authentication causes smbd panic | Jeremy Allison | 1 | -2/+4 | |
We need to call setup_ntlmssp_server_info() if status==NT_STATUS_OK, or if status is anything except NT_STATUS_MORE_PROCESSING_REQUIRED, as this can trigger map to guest. Jeremy. | |||||
2010-08-08 | s3: Lift the smbd_messaging_context from reload_services | Volker Lendecke | 1 | -1/+1 | |
2010-08-06 | s3-krb5: include krb5pac.h where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-05 | s3: avoid global include of ads.h. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-07-20 | Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵ | Jeremy Allison | 1 | -17/+11 | |
contexts. Jeremy. | |||||
2010-07-20 | Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduce | Jeremy Allison | 1 | -5/+6 | |
use of malloc, and data_blob(). Jeremy. | |||||
2010-07-20 | s3-auth: Move auth_ntlmssp wrappers in their own file | Simo Sorce | 1 | -0/+1 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-20 | s3-auth: Refactor and rename auth_ntlmssp_server_info() | Simo Sorce | 1 | -1/+1 | |
Rename it to auth_ntlmssp_steal_server_info() to make it clear that the server_info struct is stolen from the auth_ntlmssp_state structure. Use talloc_move instead of manual steal&clear Add comments to explain what is going on. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-19 | s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contexts | Simo Sorce | 1 | -9/+9 | |
Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state. Remote auth_ntlmssp_end and use TALLOC_FREE in the callers. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-16 | Make the "map to guest" parameter work correctly with NTLMSSP (spnego | Jeremy Allison | 1 | -7/+28 | |
and raw) under SMB2. Still need to investigate fixing this with krb5 auth (does this make sense ?). Jeremy. | |||||
2010-07-14 | s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS | Andrew Bartlett | 1 | -3/+4 | |
This fixes a bug where register_existing_vuid() could be called with a NULL server_info if the alloction failed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-07-05 | s3: Remove procid_self() from session_claim() | Volker Lendecke | 1 | -2/+4 | |
2010-06-08 | Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS" | Volker Lendecke | 1 | -4/+3 | |
This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80. Conflicts: source3/auth/auth_ntlmssp.c | |||||
2010-06-07 | s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS | Andrew Bartlett | 1 | -3/+4 | |
It's nicer to have an NTSTATUS return, and in s3compat there may be a reason other than 'no memory' why this can fail. Andrew Bartlett | |||||
2010-06-03 | Allow us to cope correctly with NT_STATUS_MORE_PROCESSING_REQUIRED when ↵ | Jeremy Allison | 1 | -1/+7 | |
downgrading from krb5 to NTLMSSP over SMB2. Jeremy. | |||||
2010-06-03 | Found by Guenther - fix up our fallback paths from krb5 to NTLMSSP when ↵ | Jeremy Allison | 1 | -8/+29 | |
using SMB2. Jeremy. | |||||
2010-05-31 | s3:smbd map_username() doesn't need sconn anymore | Simo Sorce | 1 | -2/+1 | |
Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
2010-05-31 | ntlmssp: Make the ntlmssp.h from source3/ a common header | Andrew Bartlett | 1 | -1/+1 | |
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-31 | s3:auth Make AUTH_NTLMSSP_STATE a private structure. | Andrew Bartlett | 1 | -19/+11 | |
This makes it a little easier for it to writen in terms of GENSEC in future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-28 | s3:auth Free sampass as soon as we have server_info | Simo Sorce | 1 | -0/+1 | |
We don't keep sampass in server_info anymore So it makes no sense to keep it around. Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-28 | s3:auth use info3 in auth_serversupplied_info | Simo Sorce | 1 | -4/+4 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-21 | Make krb5 over SMB2 identical to the way we handle it in SMB1. | Jeremy Allison | 1 | -2/+50 | |
Jeremy. | |||||
2010-05-20 | s3 smb2: Fix the build without kerberos | Kai Blin | 1 | -0/+2 | |
Jeremy, please check | |||||
2010-05-17 | Plumb in krb5 to the SMB2 sessionsetup code. First cut of this code. | Jeremy Allison | 1 | -10/+403 | |
Jeremy. | |||||
2010-05-17 | Refactor the sessionsetup SMB2 code to make it easy to add | Jeremy Allison | 1 | -140/+293 | |
krb5. Fix a memory leak in returning security blobs. Jeremy | |||||
2010-05-10 | SMB2 always have level2 oplock capability. Correct mapping from break ↵ | Jeremy Allison | 1 | -0/+2 | |
messages to SMB2 oplock levels. Jeremy. | |||||
2010-04-17 | First part of fix for bug #7331 - Compound async SMB 2 requests don't work ↵ | Jeremy Allison | 1 | -10/+17 | |
right. Gets us handling SMB2 compound async requests similar to W2K8R2 (and triggers the same client bug in the Win7 redirector). Great thanks to Ira Cooper <samba@ira.wakeful.net> for helping with this and to Metze for the wonderful async framework. The one thing I need to fix to make us identical to W2K8R2 is that when a compound request goes async at the end W2K8R2 splits the replies up into a compound non-async reply followed by a separate async reply. Currently we're doing the whole thing in a compound reply. Jeremy. | |||||
2010-04-07 | On compound requests, MS-SMB2 says clients MAY use 0xFFFFFFFF for compound ↵ | Jeremy Allison | 1 | -0/+20 | |
tid and 0xFFFFFFFFFFFFFFFF for compound sessionid values. Cope with this. Jeremy. | |||||
2009-12-22 | s3:ntlmssp: only include ntlmssp.h where actually needed | Andrew Bartlett | 1 | -0/+1 | |
Andrew Bartlett | |||||
2009-09-17 | spnego: share spnego_parse. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2009-08-12 | libcli: move some common SMB and SMB2 stuff into libcli/smb/ | Stefan Metzmacher | 1 | -1/+1 | |
This will hold code that's shared between source3 and source4. metze | |||||
2009-08-12 | s3:smbd: correctly invalidate vuids when SMB2 is used | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2009-08-08 | s3:smbd: rename conn => sconn for smbd_server_connection structs | Stefan Metzmacher | 1 | -12/+12 | |
This should avoid confusion between smbd_server_connection and connection_struct variables. metze | |||||
2009-06-05 | s3:smbd: implement smbd_smb2_request_error/done() as macros on top of the ↵ | Stefan Metzmacher | 1 | -1/+2 | |
_ex() function metze | |||||
2009-06-04 | Add NTLMSSP SPNEGO to smb2 auth. Tested with Win7. | Jeremy Allison | 1 | -7/+68 | |
Jeremy. | |||||
2009-06-03 | s3:smbd: create a connection_struct in SMB2 Tree Connect | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2009-06-03 | s3:smbd: create a user_struct for compat in SMB2 Session Setup | Stefan Metzmacher | 1 | -0/+16 | |
metze | |||||
2009-05-26 | s3:smbd: add support for SMB2 signing | Stefan Metzmacher | 1 | -11/+59 | |
metze | |||||
2009-05-22 | s3:smbd: implement SMB2 Tree Connect | Stefan Metzmacher | 1 | -0/+13 | |
For now this only checks if the share is present or not. metze | |||||
2009-05-22 | s3:smbd: SMB2 session ids are 64bit... | Stefan Metzmacher | 1 | -2/+2 | |
We only grand ids up to 0x0000000000FFFFFF, because that's what our idtree implementation can handle. But also 16777215 sessions on one tcp connection should be enough:-) metze | |||||
2009-05-22 | s3:smbd: implement SMB2 Logoff | Stefan Metzmacher | 1 | -0/+45 | |
metze | |||||
2009-05-20 | s3:smbd: check the incoming session id for SMB2 requests | Stefan Metzmacher | 1 | -0/+31 | |
metze | |||||
2009-05-20 | s3:smbd: implement SMB2 Session Setup with raw NTLMSSP | Stefan Metzmacher | 1 | -0/+190 | |
metze |