sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
67,074 Commits 60 Branches 1,145 Tags
Commit Graph

44 Commits

Author SHA1 Message Date
Jeremy Allison
5002b3a90d Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL contexts. 
Jeremy.
 2010-07-20 16:17:58 -07:00
Jeremy Allison
4ed9437b7e Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduce 
use of malloc, and data_blob().

Jeremy.
 2010-07-20 13:35:43 -07:00
Simo Sorce
e958b39042 s3-auth: Move auth_ntlmssp wrappers in their own file 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-20 15:52:31 +10:00
Simo Sorce
c09dcb903c s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contexts 
Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state.
Remote auth_ntlmssp_end and use TALLOC_FREE in the callers.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-19 14:20:04 +10:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header 
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:56 +02:00
Andrew Bartlett
723ea68d3b s3:auth Remove AUTH_NTLMSSP_STATE typedef. 
typedefs are no longer preferred Samba style.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:44 +02:00
Andrew Bartlett
3b706865f6 s3:auth Make AUTH_NTLMSSP_STATE a private structure. 
This makes it a little easier for it to writen in terms of GENSEC in future.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-31 15:10:33 +02:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed 
Andrew Bartlett
 2009-12-22 21:07:53 +01:00
Günther Deschner
503d035814 spnego: share spnego_parse. 
Guenther
 2009-09-17 01:12:20 +02:00
Stefan Metzmacher
3dde0cbb76 s3:smbd: move all globals and static variables in globals.[ch] 
The goal is to move all this variables into a big context structure.

metze
 2009-01-08 12:22:21 +01:00
Jeremy Allison
d0eeb9aa8d Fix more asprintf warnings and some error path errors. 
Jeremy.
 2008-12-23 12:11:12 -08:00
Günther Deschner
053da4ba0a s3: fix another build warning. 
Guenther
 2008-10-13 12:32:44 +02:00
Jelmer Vernooij
d68168e633 Cope with the fact that the data blobs returned are now 
talloc-allocated. Ideally, this memory should be talloc-stolen
(and perhaps have DATA_BLOB in the interface everywhere), but
that requires some more complex changes so I've just changed it to copy
it for now.
 2008-10-12 04:00:55 +02:00
James Peach
f863cb2ef4 Remove unused variable. 
(This used to be commit 3ed2c65bde0c2e5ad10cf777dae8a2d3e626a42c)
 2008-04-07 15:28:10 -07:00
Bill Ricker
f700ee6418 Fix Kerberos interop with Mac OS X 10.5 clients. 
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated
with the client rather than hardcoding OID_KERBEROS5_OLD.
(This used to be commit 59a2bcf30fef14ecc826271862b645dd3a61cb48)
 2008-04-07 15:05:51 -07:00
Jeremy Allison
81d6133b03 Currently we don't SPNEGO negotiate back to NTLMSSP. Note this. 
Jeremy.
(This used to be commit 8cd04b948bfba3896d40c9e314a197f60ad76833)
 2008-02-14 18:07:27 -08:00
Jeremy Allison
7febec3c58 Simplify... plus add a debug message. 
Jeremy.
(This used to be commit bedc493874adaf783362ba7b821e2a6d985b96ea)
 2008-01-08 16:08:39 -08:00
Jeremy Allison
80158198ee Correctly identify enc/non-enc packets. 
Jeremy.
(This used to be commit 647f13d0f1a270a68263b3b0403436f9d6cf1a0e)
 2008-01-08 15:57:08 -08:00
Jeremy Allison
9254bb4ef1 Refactor the crypto code after a very helpful conversation 
with Volker. Mostly making sure we have data on the incoming
packet type, not stored in the smb header.
Jeremy.
(This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8)
 2008-01-04 12:56:23 -08:00
Jeremy Allison
c6646f115e As the encryption is stream based there's no reason 
oplock breaks can't be encrypted. If we have multiple
contexts I should probably attach them to the connection
struct, but for now use the global context number.
Jeremy.
(This used to be commit 5b4b335ed0d1dc738f1f099e5c638361f3aede07)
 2007-12-30 13:10:29 -08:00
Jeremy Allison
afc93255d1 Add SMB encryption. Still fixing client decrypt but 
negotiation works.
Jeremy.
(This used to be commit d78045601af787731f0737b8627450018902b104)
 2007-12-26 17:12:36 -08:00
Gerald (Jerry) Carter
e5a951325a [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. 
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
 2007-10-10 15:34:30 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text 
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
 2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later. 
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
 2007-10-10 12:28:20 -05:00
Volker Lendecke
b4a7b7a888 r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; and 
replace all data_blob(NULL, 0) calls.
(This used to be commit 3d3d61687ef00181f4f04e001d42181d93ac931e)
 2007-10-10 12:22:01 -05:00
Volker Lendecke
7192160599 r22747: Fix some C++ warnings 
(This used to be commit a66a04e9f11f6c4462f2b56b447bae4eca7b177c)
 2007-10-10 12:21:54 -05:00
Jeremy Allison
d47868cb5e r22352: Wow - working gss SMB sealing ! 
Jeremy.
(This used to be commit abcb2a4b0709ef84c50c1d9a85191dc3866cd138)
 2007-10-10 12:19:28 -05:00
Jeremy Allison
226d96337f r22351: Making progress in tests... 
Jeremy.
(This used to be commit f1726e04eb1d63387cf955c907fe077b2201a3ae)
 2007-10-10 12:19:28 -05:00
Jeremy Allison
1adbf4af06 r22350: Add some helpful debug messages. 
Jeremy.
(This used to be commit bf2e6bd82dc0d35313677c6cb04357da1e74ce4f)
 2007-10-10 12:19:28 -05:00
Jeremy Allison
9812a7e32e r22327: Finish the gss-spnego part of the seal code. Now 
for testing....
Jeremy.
(This used to be commit 1c1f5360b67792f14b50835a2c5a4d4ac68aca8f)
 2007-10-10 12:19:27 -05:00
Stefan Metzmacher
3678d69b82 r22262: fix the build on systems without GSS_C_NT_HOSTBASED_SERVICE 
metze
(This used to be commit 402704b62972c223f3e70bcd6221dc7c3a64f4b9)
 2007-10-10 12:19:22 -05:00
Jeremy Allison
b0bcb48369 r22013: Move to SSPI framing (sig first in NTLM). 
Jeremy
(This used to be commit 22eaed76f01ea9d0184dcaf57adca23abc6330b9)
 2007-10-10 12:19:01 -05:00
Jeremy Allison
e9157961d6 r21997: Implement the server side of gss seal negotiate. 
Jeremy.
(This used to be commit 6b923acfee59e39eea69e9e9a00f1f6118ed4270)
 2007-10-10 12:18:58 -05:00
Jeremy Allison
4a66d0e232 r21991: I hate Steve French :-). Add support for encryption 
contexts....
Jeremy.
(This used to be commit ae8f3649f773b8a8dcb55921536d038d3475322e)
 2007-10-10 12:18:58 -05:00
Jeremy Allison
8b63654c2e r21969: Start working on the gss-side of the server negotiation. 
Jeremy.
(This used to be commit fbc569b530104679e47fe743963eb0c4384de6ae)
 2007-10-10 12:18:54 -05:00
Jeremy Allison
f93d75c932 r21926: Fix missing enum specifier pointed out by Don McCall @ HP. 
Thanks Don !
Jeremy.
(This used to be commit 662344d1ec3593689de7602afa518ed98e10dc37)
 2007-10-10 12:18:49 -05:00
Jeremy Allison
23149b3bb8 r21925: Start to code up the gss acquire creds calls. 
Jeremy.
(This used to be commit 4a7fbc88520e8f5dfe53a7c5da68040271149da3)
 2007-10-10 12:18:49 -05:00
Jeremy Allison
42238c78bb r21917: Start to do the gss versions of sign+seal. 
Jeremy.
(This used to be commit a226645353a40047b72de1b96c3a7676a2bf1034)
 2007-10-10 12:18:48 -05:00
Volker Lendecke
4a965110e5 r21904: Fix HP build -- thanks, Don 
(This used to be commit 57efba97b634728ae75901cb76b904a5d82986a4)
 2007-10-10 12:18:47 -05:00
Jeremy Allison
ea4dada48f r21900: Token exchange now seems to work, now why does the 
client encrypt fail ?
Jeremy.
(This used to be commit 6bd7c05290909ef9f5f377dd141a64ed0d654134)
 2007-10-10 12:18:47 -05:00
Jeremy Allison
071db6fdbf r21897: Add in a basic raw NTLM encrypt request. Now 
for testing.
Jeremy.
(This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
 2007-10-10 12:18:46 -05:00
Jeremy Allison
6b0dcfa62d r21894: Some refactoring of server side encryption context. Support 
"raw" NTLM auth (no spnego).
Jeremy.
(This used to be commit 6b5ff7bd591b4f65e2eb767928db50ddf445f09a)
 2007-10-10 12:18:46 -05:00
Jeremy Allison
492ad71855 r21891: Finish server-side NTLM-SPNEGO negotiation support. 
Now for the client part, and testing.
Jeremy.
(This used to be commit 487706701f5f4a92c8fd1da1f29fb44491bac064)
 2007-10-10 12:18:46 -05:00
Jeremy Allison
296dcbac58 r21882: The server part of the code has to use an AUTH_NTLMSSP struct, 
not just an NTLMSSP - grr. This complicates the re-use of
common client and server code but I think I've got it right.
Not turned on of valgrinded yet, but you can see it start
to take shape !
Jeremy.
(This used to be commit 60fc9c0aedf42dcd9df2ef9f1df07eaf3bca9bce)
 2007-10-10 12:18:43 -05:00