Age | Commit message (Collapse) | Author | Files | Lines |
|
NTLM sign
NTLM sign+seal
NTLM2 sign
NTLM2 sign+seal
and all of the above both with and without key exchange
the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
(This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8)
|
|
(This used to be commit d8825b69aca5f4d0edf70945d64b4d1780e121c4)
|
|
'authenticated' connections.
Fix kerberos session key issues - we need to call the
routine for extracting the session key, not just read the cache.
Andrew Bartlett
(This used to be commit b80d849b6b586869fc7d3d4153db1a316f2867a9)
|
|
function argument structures and idl structures to and from Python
dictionaries.
(This used to be commit e4729949c61a8df23b5132c6136ae8c3777c348a)
|
|
in a more samba4 style at some point (along with the session code).
Andrew Bartlett
(This used to be commit b8fe29dc7ac6fc60e5171a29788ae56968c1098b)
|
|
Andrew Bartlett
(This used to be commit 49171e420337136d3e66300f99fa1885051e5b61)
|
|
These fixes aim particularly at allowing PAC-less logins, as I don't
yet generate a PAC in the lorikeet-heimdal KDC.
This is for the benifit of a Kerbeors-enabled domain join, which seems
to be progressing quite well!
Andrew Bartlett
(This used to be commit f5a381094dd5bcbd795a134bc4b8b89901b5e3eb)
|
|
(This used to be commit 2c701f59a7f232fed624f7cec62dd494dd32c2d9)
|
|
This means that 'require NTLMv2 session security' now works for RPC
pipe signing. We don't yet have sealing, but it can't be much further.
This is almost all tridge's code, munged into a form that can work
with the GENSEC API.
This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.
No doubt I missed something, but I'm going to get some sleep :-)
Andrew Bartlett
(This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
|
|
I think the idea here is to bail out correctly when we get signing
broken on TCP, rather than keeping on hammering the socket.
Andrew Bartlett
(This used to be commit 553b529a0991ccf2f1be14cc6a27695223f02e65)
|
|
Andrew Bartlett
(This used to be commit a089bcf503bfc91eead08d10539367886b7927cd)
|
|
(This used to be commit 7be16e503616d9b339390a253357114c510729d0)
|
|
server
(This used to be commit 3b4ed24f4ba467a77bef8d6c25695fdbdb42b2ac)
|
|
(This used to be commit 5a64449599beb7b46484f1c3aef10f7e7b878319)
|
|
(This used to be commit 69710bbcb8123e5f9cb882723350506e77307419)
|
|
(This used to be commit b7ebafbbe0ada17748ad4bb36da4c0d63a2b10f5)
|
|
(This used to be commit 22a6e5d50d2d40c2dfc5e36bce1132b92723dd81)
|
|
options
(This used to be commit b7db909e8e8194366ff93f68adbd68a8f1dcbe9a)
|
|
fails this and it kills the pipe, so we can't run the rest of the test
(This used to be commit bdb49f01b75aa5b3a458ee4629e867bee1d03358)
|
|
(This used to be commit 89acbf4f02ae03f0546e1633c030765a563ce958)
|
|
clashes
metze, please note that the 'val' field in popt is not the default
value, its the integer to switch on in the argument loop.
(This used to be commit 0f3b01bebadc9f949a663dc40280945536bc86fd)
|
|
now works on NCACN_IP_TCP as well.
(This used to be commit 9cc33d936407255b5c5fb9bde37d918cf268c784)
|
|
(This used to be commit f6ea24296acaaadcd2d59740bc88ef1a93fb1c28)
|
|
in the current key)
(This used to be commit 83f9f8eaa4825bb49e2b160a1a810080ecae4d39)
|
|
are currently
not working though.
(This used to be commit 55bd2dc02de13ee3da1cde20694f452df0899a9f)
|
|
(This used to be commit db191572ff9351ae84dc0c3d6302fa60b61cd179)
|
|
(This used to be commit 8056f4a9a7f5065eeb3a3bec81977c5e4163bf8e)
|
|
(This used to be commit fd31ae38dfe2d005b3e01ac059c2e15fa389aad4)
|
|
(This used to be commit fdb675bbad1322ddd94c646f67803b9678468a64)
|
|
note that this is just a skeleton so far. More to come soon.
(This used to be commit efc8850b9aa9348f5f7c4b342aa76dab1635e7d4)
|
|
(This used to be commit c455a3a61d587f5126236d8c11ba84e19d4f038a)
|
|
(This used to be commit 21ef338cbbe96acc8594ffc550ef60c6a40fb951)
|
|
(This used to be commit 6c1a72c5d667245b1eec94f58e68acd22dd720ce)
|
|
(This used to be commit 301bb069c31ee7ce09bdd6cd2dd4b7fa0441e1a1)
|
|
PRINTF_ATTRIBUTE() format checking magic, so only enable it for gcc
versions >= 3.0
(This used to be commit 9c7100e3c770fca163d3788fc6b735457f74d7e9)
|
|
convert a ... varargs function to a va_list by just a cast!!)
also mark the tdb log function with PRINTF_ATTRIBUTE() and fixed some
bad format errors in tdb.c that jim found.
(This used to be commit c26c92eb8f538748fcbb2ae5a0a8a02bffbbbf86)
|
|
Add argout typemap which throws an exception if NTSTATUS != OK and
creates a dictionary of return values.
samr_Connect2 function now works!
(This used to be commit fdfabbd4a597b0d9b44832fdbfc200f857728c2b)
|
|
all by hand.
Use $symname to name TALLOC_CTX's created in wrapper function. Also,
make sure to free context afterwards.
Set the DCERPC_NDR_REF_ALLOC flag in the dcerpc_pipe struct to save
use lots of initialisation.
(This used to be commit 5fead63618b5ee76cadc4719d933ea9cee7538b5)
|
|
a dcerpc_pipe structure as we discussed this morning.
(This used to be commit 79969dc8daf5fdaacd26135a200ecec0b4d7663c)
|
|
automatically generated but at the moment it's hand coded.
(This used to be commit e1a368050d3abb6a6ca6529315dc4228e8590c7f)
|
|
returned from the C function. This way we can return the struct dcerpc_pipe
object instead of a tuple of (NTSTATUS, dcerpc_pipe) which is a bad
interface.
(This used to be commit a3a85bd419e38f0dce138e67174517e23a361010)
|
|
bindings happening. This commit lets python call dcerpc_pipe_connect()
and open the samr pipe.
(This used to be commit f5852bf3e2064f03aa9b63af4aa1b4f9e39bdb24)
|
|
(This used to be commit 64f961f039545c9948eb7d7652b7494be2443174)
|
|
sure how this can be integrated into the build system properly though.
Editing makefile.pl is the wrong way to do this.
(This used to be commit e6a42f7880993271f2610584182f7d47538b6747)
|
|
--eparser.
(This used to be commit 68b10c4aeebc4aa1225aab3c8a9fc0a4d28d6455)
|
|
(This used to be commit 04de3edbab106eec040c442eedb5bb3cfcfec778)
|
|
to do. There is a patch to the grammar and idl files for this but I
won't commit that just yet.
(This used to be commit 4e155b966c6027daa34166c7daf30cbff96ff679)
|
|
passwords - where the LM hash is invalid.
Also, we now drive all the logon levels and validation levels from the
outer loop, so we can check the expected return values (rather than
overwriting them).
Andrew Bartlett
(This used to be commit f7f7c3de23ffb042f7cf7b4fa42b6b18c205719d)
|
|
for the bad path algorithm.
Jeremy.
(This used to be commit d2d32d8f2b7a4a3e62f505adae787b42f80309bb)
|
|
Jeremy.
(This used to be commit fb7a529c4c65788c307c1043cf2b664059ed8c2a)
|