IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Packet traces showing such servers are found in the bug this fixes:
https://bugzilla.samba.org/show_bug.cgi?id=10016
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Mar 19 12:05:56 CET 2015 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Dec 2 21:46:53 CET 2014 on sn-devel-104
If we do not set the netbios_name we are not able to connect to a
Windows DC.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10279
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
The ntlmssp_server code will be in common shortly, and aside from a
symbol name or two, moving the client code causes no harm and makes
less mess. We will also get the client code in common very soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
When E_deshash() returns false, it indicates that the password is either > 14 chars
in length, or could not be represented as an LM hash value for some other
reason. In this case, we should not regard the LM hash being missing
as an error or a no-password situation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jan 6 14:59:13 CET 2012 on sn-devel-104
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This means that the core logic (but not the initialisation) of the
NTLMSSP server is in common, but uses different authentication backends.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This allows for a future where the auth subsystem is async, and the
session key generation needs to happen in a callback.
This code is originally reworked into this style by metze for the
source4/ implementation.
The other change here is to introduce an 'out_mem_ctx', which makes
the API match that used in source4.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This code will, I hope, soon be merged in common, and the Samba4
use case does not currently support talloc_tos() properly. Use another
context for now.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This is another 'belts and braces' check to avoid the use of the
weak 'LM_KEY' encryption when the client has chosen NTLMv2.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This ensures the client isn't confused and we don't enter this
weaker authentication scheme when we don't really, really need to.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
This may help to avoid a number of possible MITM attacks where LM_KEY is
spoofed into the session. If the login wasn't with lanman
(and so the user chose to disclose their lanman response),
don't disclose back anything based on their lanman password.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
With -d 10, there were a ton of uninitialized variables: The "NegotiateFlags"
in the automatically parsed ntlmssp structures were not initialized.
This also cleans up the talloc use a bit: do early TALLOC_FREE()
Günther, please check!
Thanks,
Volker
This needs a small re-arrangement of the supporting code.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
The code is not yet in common, but I hope to fix that soon.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
