samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2007-10-10	r3322: fixed a bunch of warnings in the build, including one case where it ↵	Andrew Tridgell	1	-1/+1
	was a real bug (This used to be commit 02d5d0f685e44bd66aff4a007f0bf34c8f915574)
2007-10-10	r1438: Record the principal name we are sent in the SPENGO mechListMIC in a	Andrew Bartlett	1	-0/+1
	seperate char *, not a DATA_BLOB. This allows us to tell if we were sent a string here, or a real MIC. (This used to be commit 06b997c826e3ec00e0528da800e3eae0e3497a54)
2007-10-10	r1363: add SPNEGO_NONE_RESULT as spnego_negResult value	Stefan Metzmacher	1	-1/+2
	this should indicate that we don't send a spnego_negResult t all over the wire metze (This used to be commit 69d685d81784e5fb33e41d3244498ac620a2f5f0)
2007-10-10	r1347: - remove typedef	Stefan Metzmacher	1	-2/+2
	- pass down gensec_user to the sub context - if segfault when mechType is NULL metze (This used to be commit 3f84263c27add3bf01eea88618f707da925bed5c)
2007-10-10	r1346: revert my last spnego changes	Stefan Metzmacher	1	-2/+2
	metze (This used to be commit 7b8237bfb3c302a448a7db0236c0a953603dcd89)
2007-10-10	r1344: add gensec_start_mech_by_name()	Stefan Metzmacher	1	-2/+2
	some gensec spnego fixes (NULL pointer and length checks) metze (This used to be commit 41ff6d0cd47f6295fe7fe1d31fec7306416ce199)
2007-10-10	r1294: A nice, large, commit...	Andrew Bartlett	1	-25/+0
	This implements gensec for Samba's server side, and brings gensec up to the standards of a full subsystem. This means that use of the subsystem is by gensec_* functions, not function pointers in structures (this is internal). This causes changes in all the existing gensec users. Our RPC server no longer contains it's own generalised security scheme, and now calls gensec directly. Gensec has also taken over the role of auth/auth_ntlmssp.c An important part of gensec, is the output of the 'session_info' struct. This is now reference counted, so that we can correctly free it when a pipe is closed, no matter if it was inherited, or created by per-pipe authentication. The schannel code is reworked, to be in the same file for client and server. ntlm_auth is reworked to use gensec. The major problem with this code is the way it relies on subsystem auto-initialisation. The primary reason for this commit now.is to allow these problems to be looked at, and fixed. There are problems with the new code: - I've tested it with smbtorture, but currently don't have VMware and valgrind working (this I'll fix soon). - The SPNEGO code is client-only at this point. - We still do not do kerberos. Andrew Bartlett (This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2007-10-10	r1200: Add 'gensec', our generic security layer.	Andrew Bartlett	1	-3/+30
	This layer is used for DCERPC security, as well as ntlm_auth at this time. It expect things like SASL and the CIFS layer to use it as well. The particular purpose of this layer is to introduce SPENGO, which needs generic access to the actual implementation mechanisms. Schannel, due to it's 'interesting' setup properties is in GENSEC, but is only in the RPC code. Andrew Bartlett (This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
2007-10-10	r1198: Merge the Samba 3.0 ntlm_auth, including the kerberos and SPENGO parts.	Andrew Bartlett	1	-0/+65
	I have moved the SPNEGO and Kerberos code into libcli/auth, and intend to refactor them into the same format as NTLMSSP. Andrew Bartlett (This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)