Age | Commit message (Collapse) | Author | Files | Lines |
|
never pass in something of the wrong length.
Andrew Bartlett
(This used to be commit d6999ea9c07d8652b0d63147e7294bc35e7063fe)
|
|
This includes the netlogon pipe, for the machine account password
change system.
Andrew Bartlett
(This used to be commit 49d545a82057ee8b60d50aa55e908efe59875150)
|
|
names rather than our crazy naming scheme. So DES is now called
des_crypt() rather than smbhash()
- added the code from the solution of the ADS crypto challenge that
allows Samba to correctly handle a 128 bit session key in all of the
netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard
from PADL for solving this one!
- restructured the server side rpc authentication to allow for other
than NTLMSSP sign and seal. This commit just adds the structure, the
next commit will add schannel server side support.
- added 128 bit session key support to our client side code, and
testing against w2k3 with smbtorture. Works well.
(This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
|
|
metze
(This used to be commit 2986c5f08c8f0c26a2ea7b6ce20aae025183109f)
|
|
metze
(This used to be commit 0e5517d937a2eb7cf707991d1c7498c1ab456095)
|
|
This involves allowing the password set code in samdb to take an
already hashed password, and some fixes to our torture code.
Andrew Bartlett
(This used to be commit f9f581b5804a20785df06cde157b23c952edc2ce)
|
|
Currently this only authentiates the machine, not real users.
As a consequence of running the Samba4 NETLOGON test against Samba4, I
found a number of issues in the SAMR server, which I have addressed.
There are more templates in the provison.ldif for this reason.
I also added some debug to our credentials code, and fixed some bugs
in the auth_sam module.
The static buffer in generate_random_string() bit me badly, so I
removed it in favor of a talloc based system.
Andrew Bartlett
(This used to be commit 94624e519b66def97758b8a48a01ffe9029176f0)
|
|
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
|
|
yet, but at least the request is understood by w2k3
Also modified pidl to allow multiple branches in a union to have the
same element. This is used in netlogon.
(This used to be commit 983c0e9683fa9666a6e055d1776ebeef8cd2e700)
|
|
actually makes sense, and as a nice side effect it matches the debug
output of the w2k3 netlogon.log
(This used to be commit 3c7287c24e5970e5b7447ad042848505537c7d3b)
|
|
machine account password.
* neater handling on value() options in IDL. The auto-print code
will now display the right value so you don't need to initialise
it in your C code
(This used to be commit 3dd978b12bb5571fba4e1839c0f7ee60cf729aa2)
|
|
* don't use static variables in the smbdes code
(This used to be commit e6e09064646c347169852fa162c72fc0542c6d5c)
|
|
(This used to be commit b7d748f499f79415b444e7cebe7d8de7186fbc94)
|
|
(This used to be commit 4fa3ad3ecbfd8f8663fcdfaba9a7db481e303f2b)
|
|
I would like the netlogon test suite to eventually do a new domain
join using a fake workstation name, then remove itself afterwards, but
for now I'm assuming we are already joined to the domain when the
testsuite runs. This means you need to use the Samba3 net command to
do a join before running RPC-NETLOGON
(This used to be commit 8c7a9446a0892a4f7722cced5019667f7a9fafdd)
|