Age | Commit message (Collapse) | Author | Files | Lines |
|
also fixes a memory leak found with --leak-check.
(This used to be commit f19201ea274f0a542314c61c4af676197bf154ad)
|
|
(This used to be commit 7124949140141513193f41bb8491aa6a283efed7)
|
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
Add missing break;
Andrew Bartlett
(This used to be commit cdb8261775a3100e1b95b485d91ba1f94c879905)
|
|
Andrew Bartlett
(This used to be commit 8f4dab5d44480b40fc14afc70172861c229ba77d)
|
|
Andrew Bartlett
(This used to be commit 5c5b45c1a870693c6201a09b508109b121ddc030)
|
|
changes
- got rid of global_myname(), using lp_netbios_name() instead
(This used to be commit e8d4b390884e487163d81f66a5a7ac1de1305d9a)
|
|
Andrew Bartlett
(This used to be commit 871e98ce5771bc96527f7ad4da07a7d6c1ae1c3c)
|
|
Declare variables at the start of a block.
Andrew Bartlett
(This used to be commit 9f5394703e81db9ed93648e06e48b0364a04a696)
|
|
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
|
|
This layer is used for DCERPC security, as well as ntlm_auth at this
time. It expect things like SASL and the CIFS layer to use it as
well.
The particular purpose of this layer is to introduce SPENGO, which
needs generic access to the actual implementation mechanisms.
Schannel, due to it's 'interesting' setup properties is in GENSEC, but
is only in the RPC code.
Andrew Bartlett
(This used to be commit 902af49006fb8cfecaadd3cc0c10e2e542083fb1)
|
|
I have moved the SPNEGO and Kerberos code into libcli/auth, and intend
to refactor them into the same format as NTLMSSP.
Andrew Bartlett
(This used to be commit 58da78a7460d5d0a4abee7d7b84799c228e6bc0b)
|
|
metze
(This used to be commit b5378803fdcb3b3afe7c2932a38828e83470f61a)
|
|
(This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f)
|