Age | Commit message (Collapse) | Author | Files | Lines |
|
This will allow gensec_start.c to move to the top level. This does not change
what code uses the cli_credentials code, but allows the gensec code to be
more broadly.
Andrew Bartlett
|
|
credentials.c.
|
|
|
|
This allows it to be proxied for NTLM pass-though authentication (aka
security=server and associated man-in-the-middle attacks).
Andrew Bartlett
(This used to be commit 6ffabb38d03ad90d8731ab3e0eb692438db967ee)
|
|
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
(This used to be commit 23724bfd24b051c4096ac49c52c2cd31389340be)
|
|
even when not sending the LM response. Needed to pass the
test_session_key against Win2k3.
Yes, I think this is a security flaw in the use of Win2k3-compatible NTLM.
Andrew Bartlett
(This used to be commit cb6c27b4f29878a6a904f798e228eea05cc658e1)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe)
|
|
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
From here we can add tests to Samba for kerberos, forcing it on and
off. In the process, I also remove the dependency of credentials on
GENSEC.
This also picks up on the idea of bringing 'set_boolean' into general
code from jpeach's cifsdd patch.
Andrew Bartlett
(This used to be commit 1ac7976ea6e3ad6184c911de5df624c44e7c5228)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
(thanks metze).
Andrew Bartlett
(This used to be commit 848831a1559d6569359bd6fb4993ccbef6ad86d8)
|
|
authentication for user@realm logins and machine account logins.
This should avoid various protocol downgrade attacks.
Andrew Bartlett
(This used to be commit 76c2d204d0a1ec66d1ef3c935688c7571b051f46)
|
|
(This used to be commit 204185576c6a4df5e43e5a97cb13227407c09e6e)
|
|
authentication out of the various callers and into the kitchen
sink.. err, credentials subsystem.
This should ensure consistant logic, as well as get us one step closer
to security=server operation in future.
Andrew Bartlett
(This used to be commit 09c95763301c0f7770d56462e8af4169b8c171fb)
|