1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-30 13:18:05 +03:00
Commit Graph

13 Commits

Author SHA1 Message Date
Tim Potter
90dbd21cd0 Fix compiler warning.
(This used to be commit f127f96425)
2003-04-28 06:19:11 +00:00
Tim Potter
4ea3cd2629 Merge of const fixes from HEAD.
(This used to be commit a847ebd827)
2003-04-28 05:18:30 +00:00
Andrew Bartlett
9265628c20 This const isn't quite vaild C.
Andrew Bartlett
(This used to be commit de96c1aaca)
2003-04-23 09:32:29 +00:00
Tim Potter
5f82e261c6 Merge:
- Jelmer's latest popt changes
(This used to be commit 6a54d9a0a7)
2003-04-14 03:59:04 +00:00
Andrew Bartlett
6dce8c678a Merge the ntlm_auth updates (refactor, add --diagnostics) into Samba 3.0
Andrew Bartlett
(This used to be commit d711a1c95c)
2003-04-07 07:10:53 +00:00
Andrew Bartlett
53beee9e56 (merge from HEAD)
NTLM Authentication:

- Add a 'privileged' mode to Winbindd.  This is achieved by means of a directory
  under lockdir, that the admin can change the group access for.

- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
  replacement:
 - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
   challenge.
 - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
   servers.
 - Tested - works for Win2k clients, but not Win9X at present.  NTLMSSP updates
   are needed.
 - Now uses fgets(), not x_fgets() to cope with Squid environment (I think
   somthing to do with non-blocking stdin).

- Add much more robust connection code to wb_common.c - it will not connect to
  a server of a different protocol version, and it will automatically try and
  reconnect to the 'privileged' pipe if possible.
  - This could help with 'privileged' idmap operations etc in future.

- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()

- Correctly pull our 'session key' out of the info3 from th the DC.  This is
  used in both the auth code, and in for export over the winbind pipe to
  ntlm_auth.

- Given the user's challenge/response and access to the privileged pipe,
  allow external access to the 'session key'.  To be used for MSCHAPv2
  integration.

Andrew Bartlett
(This used to be commit ec071ca3dc)
2003-03-24 09:54:13 +00:00
Tim Potter
a03c5f2394 Merge: add popt_common_version to command line options table.
(This used to be commit 8de62f7896)
2003-02-25 23:54:23 +00:00
Andrew Tridgell
ba51d1d888 the 'static' keyword here is useless as we are not declaring a
variable or function
(This used to be commit f2c9c64900)
2003-01-17 04:12:12 +00:00
Andrew Bartlett
d92b21280e Updates to the NTLMSSP code again - moving the base64 decode fuctionality out
of the SWAT code, and adding a base64 encoder.

The main purpose of this patch is to add NTLMSSP support to 'ntlm_auth', for
use with Squid.  Unfortunetly the squid side doesn't quite support what we need
yet.

Changes to winbind to get us the info we need, and a couple of consequential
changes/cleanups in the rest of the code.

Andrew Bartlett
(This used to be commit fe50ca8f54)
2003-01-16 03:29:54 +00:00
Andrew Bartlett
b0851cb1c7 Add a dash of static.
(This used to be commit 6d201c9616)
2003-01-02 12:39:36 +00:00
Andrew Bartlett
6d66fb308a BIG patch...
This patch makes Samba compile cleanly with -Wwrite-strings.
 - That is, all string literals are marked as 'const'.  These strings are
always read only, this just marks them as such for passing to other functions.

What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables).  The rest
is just adding a lot of 'const'.

As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).

Andrew Bartlett
(This used to be commit 92a777d0ea)
2003-01-02 09:07:17 +00:00
Andrew Bartlett
01063e8845 Add support to switch between Squid 2.4 and 2.5 protocols - squid doesn't
encode the username, so don't decode it (users could play HTTP escaping games
on usernames).

Andrew Bartlett
(This used to be commit 71e24d0200)
2002-11-24 21:08:36 +00:00
Andrew Bartlett
5aca399a38 Add ntlm_auth, a new program to provide a stable interface to winbind's
authentication code.

In particular, ntlm_auth is designed to replace the winbind authentication
'helpers' currently supplied by Squid.  I have added support for the current
plaintext password protocol used by Squid, and will add the real guts (NTLMSSP
support) shortly.

I'll merge this into 3.0 when I've got the interface more stable (error message
format etc) and got the important NTLMSSP support added.

Also move SWAT's URL decoding code into util_str.c, for use in both utilities.

Andrew Bartlett
(This used to be commit 82dbf83887)
2002-11-24 08:32:03 +00:00