IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The caller should take care of the global cli_state values.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Aug 12 19:38:27 CEST 2011 on sn-devel-104
Callers of tevent_req_done() (or similar functions) have to return directly.
Otherwise the callback could invalidate the current stack state,
which is likely to trigger segfaults.
If there was only one pending request and we just got the response
for that one, we can use tevent_req_done() directly.
Otherwise there're more pending requests and we need to call
cli_state_receive_next() or we got the response for chained requests.
Both means that we have to use tevent_req_defer_callback().
metze
It's up to the caller to notify the current request,
but we have to notify all other pending requests if
we're not able to read the next response from the server.
metze
If we got a problem on the connection we need to notify every
pending request. But we need to make use of tevent_req_defer_callback()
before tevent_req_nterror(), otherwise the callback, triggered
by tevent_req_nterror(), could invalidate the state of current caller,
which will likely cause segfaults.
metze
The max_data parameter of trans2/nttrans calls are not bound
to cli->max_xmit. Even with cli->max_xmit, which means the max
size of the whole SMB pdu, we would get fragmented trans2/nttrans
replies. That's why we can also use our maximum, which is CLI_BUFFER_SIZE.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Aug 9 18:14:38 CEST 2011 on sn-devel-104
Removing the return is reasonable here because while no callers
currently specify more than one flag at a time, the
ntlmssp_want_feature code allows it.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Aug 4 02:19:46 CEST 2011 on sn-devel-104
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.
The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.
However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This is changed so that the callers ask for the additional flags
that they need, starting with no additional flags.
This helps to create a proper abstraction layer in
ntlmssp_wrap/auth_ntlmssp.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This allows the current behaviour of the NTLMSSP code to be unchanged
while adding a way to hook in an alternate implementation via an auth
module.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
