Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Sep 29 18:59:54 CEST 2011 on sn-devel-104
|
|
gensec_session_key()
This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.
Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.
Andrew Bartlett
|
|
Guenther
|
|
the mixture of async and sync code in gensec makes a EOF on a socket
during a session setup cause a crash. The simplest solution is to
stop processing events on the socket until the session setup is
complete.
|
|
metze
|
|
|
|
When starting GENSEC on the server, the auth subsystem context must be
passed in, which now includes function pointers to the key elements.
This should (when the other dependencies are fixed up) allow GENSEC to
exist as a client or server library without bundling in too much of
our server code.
Andrew Bartlett
|
|
should in the future only contain some settings required for gensec.
|
|
metze
(This used to be commit 2844e361730a6bc640ea89d0e10059deca1ca867)
|
|
metze
(This used to be commit 5b3ba3f3556e8031133128853cd2324ee3852aa1)
|
|
Metze pointed out that if signing is mandatory in the server then we
need to reject packets without the signed flag if the packet contains
a session id.
(This used to be commit 056f16e664e581bab1c07759e99ad4f6685c58eb)
|
|
(This used to be commit 8e919dcb0826a5b25d037ee6144af5f7cb21f3ae)
|
|
(This used to be commit 81612b7854725837e8487bf97b87bff6548b6ad3)
|
|
(This used to be commit d2c6ad55eca27f50a38fc6e2a85032eddb3f0aae)
|
|
(This used to be commit 3c2af0fdc4916dce32c2690e49dde0852d1a0c50)
|
|
wbsrv_connection.
(This used to be commit 7c008664238ed966cb82adf5b25b22157bb50730)
|
|
(This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081)
|
|
(This used to be commit c9651e2c5c078edee7b91085e936a93625c8d708)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
(This used to be commit 9a8da730a725fc9fc1a3e407273e688f44eadfe1)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
and gensec_server_start().
calling them with NULL for event context or messaging context
is no longer allowed!
metze
(This used to be commit 679ac74e71b111344f1097ab389c0b83a9247710)
|
|
Andrew Bartlett
(This used to be commit f814fae4002241f73a3a411ade96e5c58f973055)
|
|
gensec_update_send/recv() api
metze
(This used to be commit 14ecc563431335c99df33f4a454b3b02380ae165)
|
|
is no padding...
the following patch is needed for vista beta2 to connect to samba4
metze
(This used to be commit 58baae8fc463cd2c4e4ce532c153ad80313b03eb)
|
|
there're 8 more unknown bytes...
Note:
- vista-CTP also support this as a server,
but uses the old format as client
- but vista-beta2 only uses and accept the new format
metze
(This used to be commit b3bdd4afdefc9ad3550f86a0aa6e6c90bf8ab416)
|
|
metze
(This used to be commit de7e856a464c1c986be3687a7b97527b734240ce)
|
|
also if the dynamic flag should be set
metze
(This used to be commit 7829100e1ee79f4f5d24004af221288e19c09b3e)
|
|
(This used to be commit 3ef9326386ba1c210166302cbcf02d2ed3f19944)
|
|
when the client sends UID = 0, otherwise we return
NT_STATUS_USER_SESSION_DELETED
metze
(This used to be commit 15973be48e3da0a49130911b9d3f192338c23783)
|
|
metze
(This used to be commit 4d527ac005086c2db954578b4126ca128e436e01)
|
|
- implement keepalive and logoff
metze
(This used to be commit 859ab627f45a5acca1deb66b8abdc38eaf49e5a2)
|
|
- it does Negprot and SessionSetup yet
the rest returns NT_STATUS_NOT_IMPLEMENTED
- it's off by default, enable with:
smbsrv:enable smb2 = yes
- negotition in the SMB Negprot isn't supported yet
- it's only tested with smbtorture SMB2-CONNECT
not with vista as client
metze
(This used to be commit 08b31d5f618d2e416cb9812ad3a49754cd7212b8)
|