Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-03-16 | s3-build: only include asn1 headers where actually needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-12-07 | s3:ntlm_auth: support clients which offer a spnego mechs we don't support | Stefan Metzmacher | 1 | -110/+169 | |
Before we rejected the authentication if we don't support the first spnego mech the client offered. We now negotiate the first mech we support. This fix works arround problems, when a client sends the NEGOEX (1.3.6.1.4.1.311.2.2.30) oid, which we don't support. metze | |||||
2010-12-07 | s3:ntlm_auth: free session key, as we don't use it (at least for now) | Stefan Metzmacher | 1 | -1/+2 | |
metze | |||||
2010-12-07 | s3:ntlm_auth: fix memory leak in the raw ntlmssp code path | Stefan Metzmacher | 1 | -0/+2 | |
metze | |||||
2010-11-02 | s3-debug Impove setup_logging() to specify logging to stderr | Andrew Bartlett | 1 | -1/+1 | |
This change improves the setup_logging() API so that callers which wish to set up logging to stderr can simply ask for it, rather than directly modify the dbf global variable. Andrew Bartlett | |||||
2010-09-16 | s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth | Volker Lendecke | 1 | -0/+4 | |
2010-09-16 | s3: Correctly unwrap the krb ticket in gss-spnego | Volker Lendecke | 1 | -1/+52 | |
2010-09-16 | s3: Fall back to raw NTLMSSP for the gss-spnego protocol | Volker Lendecke | 1 | -0/+25 | |
This is to handle the mod_auth_ntlm_winbind protocol sending "Negotiate" to IE, which sends raw NTLMSSP instead of a SPNEGO wrapped NTLMSSP blob. | |||||
2010-09-16 | s3: Split off output generation from manage_squid_ntlmssp_request | Volker Lendecke | 1 | -17/+41 | |
2010-09-16 | s3: Wrap the ntlm_auth loop with a talloc_stackframe | Volker Lendecke | 1 | -0/+2 | |
2010-09-16 | libcli/auth/ntlmssp Be clear about talloc parents for session keys | Andrew Bartlett | 1 | -5/+7 | |
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-15 | s3: Fix some debug msgs in ntlm_auth | Volker Lendecke | 1 | -8/+8 | |
2010-09-13 | s3: Remove some unnecessary if-statements | Volker Lendecke | 1 | -10/+5 | |
2010-09-13 | ntlm_auth: Fix a valgrind error | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo (authentictaion->authentication) | Volker Lendecke | 1 | -1/+3 | |
2010-08-26 | s3-build: only include nsswitch header where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-05 | s3-popt: Only include popt-common.h when needed. | Andreas Schneider | 1 | -0/+1 | |
2010-08-05 | s3: avoid global include of ads.h. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-07-20 | s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys | Simo Sorce | 1 | -4/+6 | |
2010-07-19 | s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it. | Simo Sorce | 1 | -17/+17 | |
All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-05-31 | ntlmssp: Make the ntlmssp.h from source3/ a common header | Andrew Bartlett | 1 | -1/+1 | |
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3-crypto: only include crypto headers when crypto is done. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-05-11 | s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA | Andrew Bartlett | 1 | -2/+2 | |
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-26 | s3 ntlm_auth: Don't malloc data that will be talloc_free()d | Kai Blin | 1 | -12/+12 | |
This fixes bug #7290 Thanks to Mohan <mohann@silver-peak.com> for the bug report. | |||||
2010-03-24 | s3:ntlmssp: use client.netbios_name instead of workstation | Stefan Metzmacher | 1 | -3/+4 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: rename void *auth_context; into void *callback_private; | Stefan Metzmacher | 1 | -6/+6 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: remove unused get_global_myname() and get_domain() from ↵ | Stefan Metzmacher | 1 | -4/+0 | |
ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them | Stefan Metzmacher | 1 | -1/+5 | |
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state | Stefan Metzmacher | 1 | -1/+27 | |
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-01-10 | s3: Fix some nonempty blank lines | Volker Lendecke | 1 | -36/+36 | |
2009-12-22 | s3:ntlmssp: only include ntlmssp.h where actually needed | Andrew Bartlett | 1 | -0/+1 | |
Andrew Bartlett | |||||
2009-12-22 | s3:ntlmssp: remove the typedef NTLMSSP_STATE | Andrew Bartlett | 1 | -4/+4 | |
Andrew Bartlett | |||||
2009-11-27 | s3-kerberos: only use krb5 headers where required. | Günther Deschner | 1 | -0/+1 | |
This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther | |||||
2009-11-21 | ntlm_auth: use data_blob_talloc() to allocate session key | Kai Blin | 1 | -2/+2 | |
Thanks to Shibu Piriyath <shibunair80@ymail.com> for spotting the issue. | |||||
2009-11-06 | s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2009-09-17 | spnego: Support ASN.1 BIT STRING and use it in SPNEGO. | Kouhei Sutou | 1 | -2/+4 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | spnego: share spnego_parse. | Günther Deschner | 1 | -19/+24 | |
Guenther | |||||
2009-05-22 | s3: set winbindd request flags in ntlm_auth to make it contact trusted ↵ | Bo Yang | 1 | -1/+56 | |
domain when krb5 auth is enabled Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-04-14 | s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIs | Andrew Bartlett | 1 | -2/+2 | |
2009-04-14 | Make Samba3 use the new common libcli/auth code | Andrew Bartlett | 1 | -3/+3 | |
This is particuarly in the netlogon client (but not server at this stage) | |||||
2009-04-14 | Rework Samba3 to use new libcli/auth code (partial) | Andrew Bartlett | 1 | -2/+3 | |
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett | |||||
2009-04-14 | Add some harmless use of talloc_tos() in ntlm_auth | Andrew Bartlett | 1 | -2/+2 | |
2009-04-07 | s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context | Andrew Bartlett | 1 | -4/+2 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-02-13 | Fix an uninitialized variable, introdued with 4d100f2f | Volker Lendecke | 1 | -1/+1 | |
2009-02-13 | Fix Coverity ID 744 | Volker Lendecke | 1 | -1/+1 | |
This was marked as a resource leak. This change makes the code a bit clearer that we always free error_string. | |||||
2009-02-13 | Fix Coverity ID 745 (RESOURCE_LEAK) | Volker Lendecke | 1 | -0/+1 | |
2009-02-10 | S3: Fixes for coverity issues. | todd stecher | 1 | -2/+3 | |
2008-11-30 | remove the explicit mem_ctx from ntlmssp_state, use the state itself | Volker Lendecke | 1 | -3/+4 | |
2008-11-10 | ntlm_auth: Put huge NTLMv2 blobs into extra_data on CRAP auth. | Kai Blin | 1 | -3/+15 | |
This fixes bug #5865 |