Age | Commit message (Collapse) | Author | Files | Lines |
|
there is now a public patch that uses it, make it always available.
(It was #ifdef DEVELOPER)
Andrew Bartlett
(This used to be commit aa3bc79835c79652199ce5aaf2f3981f8211c9bd)
|
|
(This used to be commit fe7daa3b8a080a9e39ff055177b54f476fce2c32)
|
|
Volker
(This used to be commit b4429d97439e511d40901f809e3923945cb52221)
|
|
libiconv.
Based on inital fix from Jason Mader.
Jeremy.
(This used to be commit 2719d0ee7cb8bbaad79a4b73e10453a825de1309)
|
|
I restricted it to 128k max to prevent DOS attacks.
Jeremy.
(This used to be commit 70fb2a196d83c4bde11d27608da27f956f3f19b8)
|
|
because not only does it not work on Heimdal, but also since ccaches
created within samba are memory-based, so we shouldn't touch a
FILE-based one (it was probably created via kinit or similar).
(This used to be commit 5971b0980ca8abae2208f22485c5af4c0dde0459)
|
|
bug 1208. Based on a fix from Guether Deschener.
Outstanding pieces:
- Heimdal FILE-based ccaches don't actually remove creds properly, so we
need to code a check for this
- what if ticket expires between our check and when we use it?
Guenther has coded up fixes for these parts, but I still need
to review them, as I'm not totally comfortable with the solutions.
(This used to be commit ef008b9710e682f87f0bbf526d30eb5114264233)
|
|
metze
(This used to be commit 2326c9e0a239de6997a40d8d28c39b9aea965feb)
|
|
metze
(This used to be commit 4d9d8e83aa367fe17a74b81d4417cc2cfbdf200e)
|
|
(allow the use of base64 encoded strings, LM or NT passwords)
Andrew Bartlett
(This used to be commit 57a5563b421b0684e7bb40d10c2168916c59c89d)
|
|
(This used to be commit 6b18012dc8fe92a296c46a12214622d56e1f3fd8)
|
|
(This used to be commit 911a28361b9d8dd50597627f245ebfb57c6294fb)
|
|
(This used to be commit 1501d58b8e23d0c9ae51514773d0429886fa9d58)
|
|
static or shared libraries.
(This used to be commit 35d7435caec55765b39508889d77583c4ec4807c)
|
|
server had said something (such as an error).
Andrew Bartlett
(This used to be commit c05016a2f750960c40387c1d6aba9f6841f66a3b)
|
|
This protocol looks rather like SMTP headers/LDAP:
NT-Domain: TESTWG
Username: abartlet
...
Password: foo
Challenge-response passwords are in hexideciaml, while any 'plain'
string can be base64 encoded when like this:
Password:: Zm9vCg==
(the :: indicates it, just like LDAP - I hope)
The protocol is not final, so it is #ifdef DEVELOPER for now (so
nobody starts to rely on it until I'm happy), but we may as well get
this into subversion.
My intention is to use this to power the next version of my
PPP/ntlm_auth plugin, and hopefully entice a FreeRadius plugin out of
the woods.
Andrew Bartlett
(This used to be commit 8efdd957ba8310515242ba2979ff07130a0b1a3a)
|
|
(This used to be commit 54912b70f2a6e26a278d6e94b830bf1f43896c3f)
|
|
the main ntlm_auth program.
It quite possibly should belong in smbtorture, but relies on the
winbind client for now.
Andrew Bartlett
(This used to be commit 6e1b7a8848062a184ee293cf688135b851f2bd8d)
|
|
with more correct NTLMSSP support in client and server, but it will do
for now.
Also implement LANMAN password only in the classical session setup code, but
#ifdef'ed out. In Samba4, I'll make this run-time so we can torture it.
Lanman passwords over 14 dos characters long could be considered
'invalid' (they are truncated) - so SMBencrypt now returns 'False' if
it generates such a password.
Andrew Bartlett
(This used to be commit 565305f7bb30c08120c3def5367adfd6f5dd84df)
|
|
Andrew Bartlett
(This used to be commit e5bbb086b2aeb826121d7fef88fcfaa49d876ea4)
|
|
this variable to 'user_session_key', where possible. The command line
parameter is currently unchanged).
Andrew Bartlett
(This used to be commit da4177209d1058af8e121c34f9928728f491b22e)
|
|
cluttered. I've tested with w2k and xp with msdfs proxy and normal msdfs root,
but I would like others to also look at the code.
Thanks,
Volker
(This used to be commit c31feb045a3d9a6bc1dfd0377a74d93354e8034a)
|
|
per share basis
(This used to be commit 14d3794eecd848d3d75e2b8e71cf8b4d0792b0c9)
|
|
(This used to be commit fbeff419913b01bf0e814ada6ec55d56fe90f179)
|
|
UNIX info levels, and the short case preserve names. Tested
with NT - needs more testing. Will work on this more on Monday.
Jeremy.
(This used to be commit 88a9bca9aade3ee0ce9713857becfe0a13bbfd07)
|
|
session key.
(This used to be commit b09d333aed00a7ea599f45105e913d3a3ea25b31)
|
|
Volker
(This used to be commit 6e18bed17093e0b1792f68817096e64e0e841f26)
|
|
indendation.
(This used to be commit 3d045d46e4b129057d30c78cd513ecca8da5107a)
|
|
(This used to be commit 3eab8ed5453f29516d8e0022bab87c271468d690)
|
|
(This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f)
|
|
(This used to be commit 1fae60ab20c5cbe396dc8af1c8c9a98d5683fdf4)
|
|
Andrew Bartlett
(This used to be commit 0693b9e79fabd58491f8aaec11dbbc71fab34f80)
|
|
normally takes as it's param entry the filename to
be acted upon.... Unless it's UNIX extensions create
hardlink, or UNIX extensions create symlink. Then it's
param -> newfile name
data -> oldfile name.
This caused me to stuff them up in 3.0.2 (and the
client commands link and symlink). Fixed them, everything
is now called oldname and newname - thus specifying which
name should already exist (hint - the old one...) and which
will be created (newname).
Jeremy.
(This used to be commit 21cc6ab7e8a41160a3e2970623ade7445b5214d6)
|
|
(This used to be commit 4d1be258a1e0798267eef792ca59cc15695f8057)
|
|
we never checked if it was a domain user and didn't find a local one.
(This used to be commit 68022f5ebc55d1f3403dee5198d364cff300baf5)
|
|
(This used to be commit e688c08d330836640af91c734d2c6f451c2f4337)
|
|
*ANYTHING* in
unless you have done a make clean; make.
Jeremy.
(This used to be commit 09d82a0bef2dd5759e5430c4faea413b5a64ac11)
|
|
Andrew Bartlett
(This used to be commit 1c6d0399d67c9206baf7d4173cc00540146fa897)
|
|
Andrew Bartlett
(This used to be commit 039883043d15902096f6d5e80737f4a502ed0bf8)
|
|
all authentication to members of this particular group.
Also implement an option to allow ntlm_auth to get 'squashed' error codes,
which are safer to communicate to remote network clients.
Andrew Bartlett
(This used to be commit eb1c1b5eb086f49a230142ad2de45dc0e9691df3)
|
|
Jeremy.
(This used to be commit 0661357484a33329c75457527416667feaf57ef9)
|
|
display in the cifs mount helper
(This used to be commit 69861f168c6be90b4e7f47e29006b2d60d442ffd)
|
|
We use cli_state.smb_rw_error to pass this specific case into cli_close_connection()
from smbmount as smb_rw_error can have only selected number of states and
it is ignored in cli_close_connection().
Compiled and tested by Lars Mueller from SuSE on x86, x86_64, ppc, ppc64, s390 and
s390x.
(This used to be commit 738666ce0a310fae14476020fd6dac027b0e3ec5)
|
|
(This used to be commit 673c3f8bc0343cce293bacbf0773212b53182d1d)
|
|
(This used to be commit 70fd78025b04062104fec36691efcd1b01252d03)
|
|
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
(This used to be commit 724e8d3f33719543146280062435c69a835c491e)
|
|
Volker
(This used to be commit b69e8e64d4d89d48f9cb5d07b32110d6ecfc3401)
|
|
(This used to be commit 40b5794ae0919c6c6f1b8a451871dcc95bbab5cc)
|
|
cache entry time comparisons in password lockout. Fixes problems where
pdb_ldap tries to delete the operational attribute modifyTimestamp when
deleting a user account.
(This used to be commit 5ebcb9081e435d54c39d4d3a1ef1d7b651ccb53f)
|
|
swap lookups for user and group - group will do an
algorithmic lookup if it fails, user won't.
Jeremy.
(This used to be commit a205c56a75c93c82796fd68687e8c0db26459073)
|