samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2007-10-10	r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytab	Andrew Bartlett	1	-0/+11
	support in Heimdal. This removes the 'ext_keytab' step from my Samba4/WinXP client howto. In doing this work, I realised that the replay cache in Heimdal is currently a no-op, so I have removed the calls to it, and therefore the mutex calls from passdb/secrets.c. This patch also includes a replacement 'magic' mechanism detection, that does not issue extra error messages from deep inside the GSSAPI code. Andrew Bartlett (This used to be commit c19d5706f4fa760415b727b970bc99e7f1abd064)
2007-10-10	r7536: doesn't spam the smbd_log in the build_farm...	Stefan Metzmacher	1	-1/+1
	metze (This used to be commit 9f4ed54c58a1d029b171ad199dd4a7ccf1f96f64)
2007-10-10	r6800: A big GENSEC update:	Andrew Bartlett	1	-1/+6
	Finally remove the distinction between 'krb5' and 'ms_krb5'. We now don't do kerberos stuff twice on failure. The solution to this is slightly more general than perhaps was really required (as this is a special case), but it works, and I'm happy with the cleanup I achived in the process. All modules have been updated to supply a NULL-terminated list of OIDs. In that process, SPNEGO code has been generalised, as I realised that two of the functions should have been identical in behaviour. Over in the actual modules, I have worked to remove the 'kinit' code from gensec_krb5, and placed it in kerberos/kerberos_util.c. The GSSAPI module has been extended to use this, so no longer requires a manual kinit at the command line. It will soon loose the requirement for a on-disk keytab too. The general kerberos code has also been updated to move from error_message() to our routine which gets the Heimdal error string (which may be much more useful) when available. Andrew Bartlett (This used to be commit 0101728d8e2ed9419eb31fe95047944a718ba135)
2007-10-10	r6705: let the gensec module decide if messages can be signed and sealed in ↵	Stefan Metzmacher	1	-0/+5
	a different order than a strict request - reply sequence Note: we should also fix the client code... metze (This used to be commit 0a61d1f65150546f7a7582512ca010d156f963bf)
2007-10-10	r6465: Use talloc_zero for the gensec_ntlmssp_state structure, as the history	Andrew Bartlett	1	-1/+1
	of this code has too many pre-zeroed structure assumptions. Remove unused 'stub' functions Andrew Bartlett (This used to be commit 78dc57c65513ba4c271308d84fc2a2a533f76061)
2007-10-10	r6464: Remove the last of the Samba3 NTLMSSP API. This removes the rudundent	Andrew Bartlett	1	-47/+45
	struct ntlmssp_state, and pushes all the member elements into struct gensec_ntlmssp_state. This also removes the 2-layer start function, caused by the previous double abstraction layer. Andrew Bartlett (This used to be commit eebbb4205b335214d24974f3be825846f6227f0c)
2007-10-10	r6462: Move the arcfour sbox state into it's own structure, and allocate it	Andrew Bartlett	1	-24/+1
	with talloc() for the NTLMSSP system. Andrew Bartlett (This used to be commit 7a93ac49c28d433ccf0f077294f473fe728b9995)
2007-10-10	r6460: Push the client credentials into NTLMSSP, allowing logins of the form	Andrew Bartlett	1	-65/+4
	user@REALM for the first time. Fix the build for smbencrypt.c Andrew Bartlett (This used to be commit 5a6a57cd93e22e612bfbb8a8f7bc29269a9a3ac6)
2007-10-10	r6458: Split up NTLMSSP into a new directory, and into seperate files for the	Andrew Bartlett	1	-0/+442
	client and server logic code. In future, this may allow us to build only the NTLMSSP client, and not the server, but in the short-term, it allows me greater sainity in moving around these files. Andrew Bartlett (This used to be commit 2f22841c6753e3d5816c12bd463b71f74e1d8796)