samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00

Author	SHA1	Message	Date
Douglas Bagnall	3ee56607db	ntlmssp: fix compilation with -O2 -fno-inline Without inlining the function, GCC doesn't know that gensec_ntlmssp->ntlmssp_state->role always has a valid value. With inlining, this is obviously redundant but GCC clearly knows enough to detect this and elide the default case. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2017-02-10 05:09:09 +01:00
Stefan Metzmacher	8cd1a2a118	CVE-2016-2110: auth/ntlmssp: implement gensec_ntlmssp_may_reset_crypto() [MS-SPNG] requires the NTLMSSP RC4 states to be reset after the SPNEGO exchange with mechListMic verification (new_spnego). The 'reset_full' parameter is needed to support the broken behavior that windows only resets the RC4 states but not the sequence numbers. Which means this functionality is completely useless... But we want to work against all windows versions... BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-04-12 19:25:23 +02:00
Stefan Metzmacher	b3d4523ff7	auth/ntlmssp: provide a "ntlmssp_resume_ccache" backend These can be used to implement the winbindd side of the WINBINDD_CCACHE_NTLMAUTH call. It can properly get the initial NEGOTIATE messages injected if available. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2016-03-10 06:52:28 +01:00
Stefan Metzmacher	a85a02b631	auth/ntlmssp: add gensec_ntlmssp_server_domain() This is a hack in order to temporary export the server domain from NTLMSSP through the gensec stack. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2016-03-10 06:52:27 +01:00
Stefan Metzmacher	71c63e85e7	auth/gensec: introduce gensec_internal.h We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>	2013-08-10 09:19:02 +02:00
Andrew Bartlett	239c7a355c	auth/ntlmssp: Remove gensec_security element from gensec_ntlmssp_state This just means there is one less pointer to ensure we initialise. Andrew Bartlett	2012-03-09 14:31:24 +11:00
Andrew Bartlett	111d9f3eb2	auth: Remove plugable password-check functions from gensec_ntlmssp The auth4_context layer now provides the plugability here. Andrew Bartlett	2012-02-24 11:23:18 +11:00
Andrew Bartlett	9de7fb8706	s3-ntlm_auth: Convert ntlm_auth to use gensec_ntlmssp server-side This uses the common gensec_ntlmssp server code for ntlm_auth, removing the last non-gensec use of the NTLMSSP server. Andrew Bartlett	2012-02-24 11:23:18 +11:00
Andrew Bartlett	9b147ce26d	s3-auth Use the common gensec_ntlmssp_update in gensec_ntlmssp3_server Signed-off-by: Stefan Metzmacher <metze@samba.org>	2012-02-17 10:48:09 +01:00
Andrew Bartlett	52ac479764	auth: Move the rest of the source4 gensec_ntlmssp code to the top level The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>	2012-02-17 10:48:09 +01:00
Andrew Bartlett	e4546f50fe	auth: rename ntlmssp.c to ntlmssp_util.c	2012-02-08 16:30:25 +11:00
Andrew Bartlett	0c6e4adcb2	ntlmssp: Move ntlmssp code to auth/ntlmssp This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>	2011-10-18 13:13:31 +11:00

12 Commits