samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2007-10-10	r1359: fix uninit var - found by valgrind	Stefan Metzmacher	1	-3/+1
	metze (This used to be commit 264afea9ec3ada4df51e5f5de4c0b977024af40b)
2007-10-10	r1357: Work on GENSEC:	Andrew Bartlett	1	-5/+50
	- Add the concept of a 'subcontext' into gensec, so that the spengo code doesn't have to figure out how to make one. (A subcontext inherits the username, domain, password (or callback) from the main context). - Add comments to some other routines, and explain a bit about what the various 'start' functions are for. Andrew Bartlett (This used to be commit 7aedbfbdd92b4ca93cbd0babff16e7526201ee88)
2007-10-10	r1348: get gensec backend by OID instead of name	Stefan Metzmacher	1	-11/+0
	metze (This used to be commit 38e00f87191b86901b603e66aec1e7e71f74c29f)
2007-10-10	r1344: add gensec_start_mech_by_name()	Stefan Metzmacher	1	-0/+11
	some gensec spnego fixes (NULL pointer and length checks) metze (This used to be commit 41ff6d0cd47f6295fe7fe1d31fec7306416ce199)
2007-10-10	r1294: A nice, large, commit...	Andrew Bartlett	1	-43/+362
	This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10	r1200: Add 'gensec', our generic security layer.	Andrew Bartlett	1	-0/+104
	This layer is used for DCERPC security, as well as ntlm_auth at this time. It expect things like SASL and the CIFS layer to use it as well. The particular purpose of this layer is to introduce SPENGO, which needs generic access to the actual implementation mechanisms. Schannel, due to it's 'interesting' setup properties is in GENSEC, but is only in the RPC code. Andrew Bartlett (This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)