summaryrefslogtreecommitdiff
path: root/source4/auth/ntlmssp/ntlmssp.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r9411: Ensure we don't send a challenge without first getting a negotiate inAndrew Bartlett1-2/+8
NTLMSSP, unless we are in datagram mode (not fully implemented yet). Andrew Bartlett (This used to be commit 727f5109421e9414a335e42e3ad3dd3ff19776bd)
2007-10-10r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytabAndrew Bartlett1-0/+11
support in Heimdal. This removes the 'ext_keytab' step from my Samba4/WinXP client howto. In doing this work, I realised that the replay cache in Heimdal is currently a no-op, so I have removed the calls to it, and therefore the mutex calls from passdb/secrets.c. This patch also includes a replacement 'magic' mechanism detection, that does not issue extra error messages from deep inside the GSSAPI code. Andrew Bartlett (This used to be commit c19d5706f4fa760415b727b970bc99e7f1abd064)
2007-10-10r7536: doesn't spam the smbd_log in the build_farm...Stefan Metzmacher1-1/+1
metze (This used to be commit 9f4ed54c58a1d029b171ad199dd4a7ccf1f96f64)
2007-10-10r6800: A big GENSEC update:Andrew Bartlett1-1/+6
Finally remove the distinction between 'krb5' and 'ms_krb5'. We now don't do kerberos stuff twice on failure. The solution to this is slightly more general than perhaps was really required (as this is a special case), but it works, and I'm happy with the cleanup I achived in the process. All modules have been updated to supply a NULL-terminated list of OIDs. In that process, SPNEGO code has been generalised, as I realised that two of the functions should have been identical in behaviour. Over in the actual modules, I have worked to remove the 'kinit' code from gensec_krb5, and placed it in kerberos/kerberos_util.c. The GSSAPI module has been extended to use this, so no longer requires a manual kinit at the command line. It will soon loose the requirement for a on-disk keytab too. The general kerberos code has also been updated to move from error_message() to our routine which gets the Heimdal error string (which may be much more useful) when available. Andrew Bartlett (This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
2007-10-10r6705: let the gensec module decide if messages can be signed and sealed in ↵Stefan Metzmacher1-0/+5
a different order than a strict request - reply sequence Note: we should also fix the client code... metze (This used to be commit 0a61d1f65150546f7a7582512ca010d156f963bf)
2007-10-10r6465: Use talloc_zero for the gensec_ntlmssp_state structure, as the historyAndrew Bartlett1-1/+1
of this code has too many pre-zeroed structure assumptions. Remove unused 'stub' functions Andrew Bartlett (This used to be commit 78dc57c65513ba4c271308d84fc2a2a533f76061)
2007-10-10r6464: Remove the last of the Samba3 NTLMSSP API. This removes the rudundentAndrew Bartlett1-47/+45
struct ntlmssp_state, and pushes all the member elements into struct gensec_ntlmssp_state. This also removes the 2-layer start function, caused by the previous double abstraction layer. Andrew Bartlett (This used to be commit eebbb4205b335214d24974f3be825846f6227f0c)
2007-10-10r6462: Move the arcfour sbox state into it's own structure, and allocate itAndrew Bartlett1-24/+1
with talloc() for the NTLMSSP system. Andrew Bartlett (This used to be commit 7a93ac49c28d433ccf0f077294f473fe728b9995)
2007-10-10r6460: Push the client credentials into NTLMSSP, allowing logins of the formAndrew Bartlett1-65/+4
user@REALM for the first time. Fix the build for smbencrypt.c Andrew Bartlett (This used to be commit 5a6a57cd93e22e612bfbb8a8f7bc29269a9a3ac6)
2007-10-10r6458: Split up NTLMSSP into a new directory, and into seperate files for theAndrew Bartlett1-0/+442
client and server logic code. In future, this may allow us to build only the NTLMSSP client, and not the server, but in the short-term, it allows me greater sainity in moving around these files. Andrew Bartlett (This used to be commit 2f22841c6753e3d5816c12bd463b71f74e1d8796)