Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-10-18 | ntlmssp: Move ntlmssp code to auth/ntlmssp | Andrew Bartlett | 1 | -1/+1 | |
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> | |||||
2011-08-03 | s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the server | Andrew Bartlett | 1 | -0/+4 | |
This is changed so that the callers ask for the additional flags that they need, starting with no additional flags. This helps to create a proper abstraction layer in ntlmssp_wrap/auth_ntlmssp. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2011-07-28 | s3:ntlm_auth: use lp_load_global() | Michael Adam | 1 | -1/+1 | |
2011-06-09 | s3-param Remove special case for global_myname(), rename to lp_netbios_name() | Andrew Bartlett | 1 | -5/+5 | |
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett | |||||
2011-05-18 | s3-lib Replace StrnCaseCmp() with strncasecmp_m() | Andrew Bartlett | 1 | -1/+1 | |
strncasecmp_m() never needs to call to talloc, and via next_codepoint() still has an ASCII fast-path bypassing iconv() calls. Andrew Bartlett | |||||
2011-05-06 | More const fixes. Remove CONST_DISCARD. | Jeremy Allison | 1 | -3/+3 | |
2011-04-01 | s3: Fix Coverity ID 1136: CONSTANT_EXPRESSION_RESULT | Volker Lendecke | 1 | -1/+1 | |
2011-03-16 | s3-build: only include asn1 headers where actually needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-12-07 | s3:ntlm_auth: support clients which offer a spnego mechs we don't support | Stefan Metzmacher | 1 | -110/+169 | |
Before we rejected the authentication if we don't support the first spnego mech the client offered. We now negotiate the first mech we support. This fix works arround problems, when a client sends the NEGOEX (1.3.6.1.4.1.311.2.2.30) oid, which we don't support. metze | |||||
2010-12-07 | s3:ntlm_auth: free session key, as we don't use it (at least for now) | Stefan Metzmacher | 1 | -1/+2 | |
metze | |||||
2010-12-07 | s3:ntlm_auth: fix memory leak in the raw ntlmssp code path | Stefan Metzmacher | 1 | -0/+2 | |
metze | |||||
2010-11-02 | s3-debug Impove setup_logging() to specify logging to stderr | Andrew Bartlett | 1 | -1/+1 | |
This change improves the setup_logging() API so that callers which wish to set up logging to stderr can simply ask for it, rather than directly modify the dbf global variable. Andrew Bartlett | |||||
2010-09-16 | s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth | Volker Lendecke | 1 | -0/+4 | |
2010-09-16 | s3: Correctly unwrap the krb ticket in gss-spnego | Volker Lendecke | 1 | -1/+52 | |
2010-09-16 | s3: Fall back to raw NTLMSSP for the gss-spnego protocol | Volker Lendecke | 1 | -0/+25 | |
This is to handle the mod_auth_ntlm_winbind protocol sending "Negotiate" to IE, which sends raw NTLMSSP instead of a SPNEGO wrapped NTLMSSP blob. | |||||
2010-09-16 | s3: Split off output generation from manage_squid_ntlmssp_request | Volker Lendecke | 1 | -17/+41 | |
2010-09-16 | s3: Wrap the ntlm_auth loop with a talloc_stackframe | Volker Lendecke | 1 | -0/+2 | |
2010-09-16 | libcli/auth/ntlmssp Be clear about talloc parents for session keys | Andrew Bartlett | 1 | -5/+7 | |
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-15 | s3: Fix some debug msgs in ntlm_auth | Volker Lendecke | 1 | -8/+8 | |
2010-09-13 | s3: Remove some unnecessary if-statements | Volker Lendecke | 1 | -10/+5 | |
2010-09-13 | ntlm_auth: Fix a valgrind error | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo | Volker Lendecke | 1 | -1/+1 | |
2010-09-13 | s3: Fix a typo (authentictaion->authentication) | Volker Lendecke | 1 | -1/+3 | |
2010-08-26 | s3-build: only include nsswitch header where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-08-05 | s3-popt: Only include popt-common.h when needed. | Andreas Schneider | 1 | -0/+1 | |
2010-08-05 | s3: avoid global include of ads.h. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-07-20 | s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys | Simo Sorce | 1 | -4/+6 | |
2010-07-19 | s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it. | Simo Sorce | 1 | -17/+17 | |
All the members are children of ntlmssp_state anyway. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-05-31 | ntlmssp: Make the ntlmssp.h from source3/ a common header | Andrew Bartlett | 1 | -1/+1 | |
The code is not yet in common, but I hope to fix that soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-05-18 | s3-crypto: only include crypto headers when crypto is done. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-05-11 | s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA | Andrew Bartlett | 1 | -2/+2 | |
All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-26 | s3 ntlm_auth: Don't malloc data that will be talloc_free()d | Kai Blin | 1 | -12/+12 | |
This fixes bug #7290 Thanks to Mohan <mohann@silver-peak.com> for the bug report. | |||||
2010-03-24 | s3:ntlmssp: use client.netbios_name instead of workstation | Stefan Metzmacher | 1 | -3/+4 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: rename void *auth_context; into void *callback_private; | Stefan Metzmacher | 1 | -6/+6 | |
metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: remove unused get_global_myname() and get_domain() from ↵ | Stefan Metzmacher | 1 | -4/+0 | |
ntlmssp_state Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them | Stefan Metzmacher | 1 | -1/+5 | |
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-03-24 | s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state | Stefan Metzmacher | 1 | -1/+27 | |
Inspired by the NTLMSSP merge work by Andrew Bartlett. metze Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-01-10 | s3: Fix some nonempty blank lines | Volker Lendecke | 1 | -36/+36 | |
2009-12-22 | s3:ntlmssp: only include ntlmssp.h where actually needed | Andrew Bartlett | 1 | -0/+1 | |
Andrew Bartlett | |||||
2009-12-22 | s3:ntlmssp: remove the typedef NTLMSSP_STATE | Andrew Bartlett | 1 | -4/+4 | |
Andrew Bartlett | |||||
2009-11-27 | s3-kerberos: only use krb5 headers where required. | Günther Deschner | 1 | -0/+1 | |
This seems to be the only way to deal with mixed heimdal/MIT setups during merged build. Guenther | |||||
2009-11-21 | ntlm_auth: use data_blob_talloc() to allocate session key | Kai Blin | 1 | -2/+2 | |
Thanks to Shibu Piriyath <shibunair80@ymail.com> for spotting the issue. | |||||
2009-11-06 | s3-kerberos: modify cli_krb5_get_ticket to take a new impersonate_princ_s arg. | Günther Deschner | 1 | -2/+2 | |
Guenther | |||||
2009-09-17 | spnego: Support ASN.1 BIT STRING and use it in SPNEGO. | Kouhei Sutou | 1 | -2/+4 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2009-09-17 | spnego: share spnego_parse. | Günther Deschner | 1 | -19/+24 | |
Guenther | |||||
2009-05-22 | s3: set winbindd request flags in ntlm_auth to make it contact trusted ↵ | Bo Yang | 1 | -1/+56 | |
domain when krb5 auth is enabled Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-04-14 | s3: Fix ntlm_auth and winbindd to use new common libcli/auth APIs | Andrew Bartlett | 1 | -2/+2 | |
2009-04-14 | Make Samba3 use the new common libcli/auth code | Andrew Bartlett | 1 | -3/+3 | |
This is particuarly in the netlogon client (but not server at this stage) | |||||
2009-04-14 | Rework Samba3 to use new libcli/auth code (partial) | Andrew Bartlett | 1 | -2/+3 | |
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett | |||||
2009-04-14 | Add some harmless use of talloc_tos() in ntlm_auth | Andrew Bartlett | 1 | -2/+2 | |