921 Commits

Author	SHA1	Message	Date
Stefan Metzmacher	26853e4607	gensec_gssapi: only cache the session key in STAGE_DONE ... The key may change because we switch from initiator to acceptor subkey. metze (This used to be commit 66244092a457b2cde6339cb31dcfa73b122ba9b5)	2008-08-14 13:13:52 +02:00
Stefan Metzmacher	8c0fbbf6e9	gensec_gssapi: add support for GENSEC_FEATURE_NEW_SPNEGO ... metze (This used to be commit 9246924effd4d0b08ca1ef87e45ad510020df93e)	2008-08-12 16:21:40 +02:00
Stefan Metzmacher	588cc81760	gensec_gssapi: fix compiler warnings ... metze (This used to be commit f4f4bb7fe977301e468ab164ba750b69d9a92306)	2008-08-12 16:21:40 +02:00
Stefan Metzmacher	b686328039	gensec_gssapi: add a function to load the lucid structure once ... metze (This used to be commit daa986d1d04e59550bb5d33b5075daa414d087ba)	2008-08-12 16:21:39 +02:00
Stefan Metzmacher	8ba2041bf3	gensec: add support for new style spnego and correctly handle mechListMIC ... metze (This used to be commit 05a3403967d3cf64bca8b06536dc1b20cf835396)	2008-08-12 16:21:39 +02:00
Stefan Metzmacher	50fb2059c0	gensec_gssapi: use the correct signature size for cfx/rfc4121 style signatures ... metze (This used to be commit fcabe24f96c9677146ca754a502f336c23050339)	2008-08-08 15:30:06 +02:00
Stefan Metzmacher	dd35840d9b	gensec_gssapi: use gsskrb5_get_subkey() to get the session key ... This is needed to get the correct key, when aes keys are used. metze (This used to be commit 7587a7d8b65f27a5865d6873f63a450488da02c9)	2008-08-08 15:29:16 +02:00
Andrew Bartlett	bf0f1f6d1a	Always set a session key, even for the 'no password' case. ... This is for bug 5664 reported by Tom <hto@arcor.de>. Andrew Bartlett (This used to be commit b345c9cf535af35c83da040ac965d9690dc802fe)	2008-08-08 14:06:42 +10:00
Andrew Bartlett	08d20ece96	Clarify comment ... (This used to be commit 580cce9de38ddd9d59b272b58caadce528321d09)	2008-08-08 14:06:40 +10:00
Stefan Metzmacher	fd84beb194	gensec_gssapi: add support for GENSEC_FEATURE_SIGN_PKT_HEADER ... This only works for sign/verify_packet() yet, seal/unseal_packet() doesn't work yet... metze (This used to be commit c62e5d23a69789d23516a6d150fd3b756e270998)	2008-08-07 15:40:00 +02:00
Stefan Metzmacher	fe7e90cca4	gensec: add GENSEC_FEATURE_SIGN_PKT_HEADER flag ... metze (This used to be commit d7dfdbaf34843cb6783d8e686e659c53c5ac27ef)	2008-08-07 15:06:59 +02:00
Stefan Metzmacher	d0f0d5e691	auth/kerberos: remove dependencies to internal heimdal ... metze (This used to be commit ed0fc19ac6a1194e6fd9a6534cbf7453fa870066)	2008-08-01 21:10:40 +02:00
Stefan Metzmacher	9cc663af6e	auth/kerberos: we don't need to include heimdal private headers ... metze (This used to be commit 6ec3887aee9bbb9c182ab966d37212edeaa16b5a)	2008-08-01 17:52:37 +02:00
Stefan Metzmacher	c251443e73	gensec_gssapi: include <gssapi/gssapi.h> ... metze (This used to be commit 49e01d00bded74190c8e3049ac5883fe211e86fd)	2008-08-01 17:52:37 +02:00
Stefan Metzmacher	ca086c9e2c	auth_server: set the workstation name ... metze (This used to be commit 6d640ee4b84c72f6c2da0ee047c9bac916bf3e57)	2008-08-01 17:27:18 +02:00
Stefan Metzmacher	35cd60b002	build with the new heimdal version ... (This used to be commit 3817d653faecb70bfafb850fe7d6e83aaed7e6d1)	2008-08-01 16:11:00 +02:00
Stefan Metzmacher	d087545deb	auth/ntlmssp: don't crash when the backend give no challenge ... metze (This used to be commit c01fee80a79cd9e0f7bb295333bb03bd37328d05)	2008-08-01 16:10:59 +02:00
Stefan Metzmacher	f1cdce5963	auth_server: fix the logic of server_get_challenge() ... metze (This used to be commit 699e3cdb52acdf2524347d8c053730306c579dd9)	2008-08-01 15:54:57 +02:00
Stefan Metzmacher	5d68244a27	auth_server: fix segfault reported by Julien Kerihuel <j.kerihuel@openchange.org> ... metze (This used to be commit c2cc8ef943e8c2e02edb1eb20214de245cc6914c)	2008-08-01 15:22:25 +02:00
Stefan Metzmacher	e45c3e127d	Revert "gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work" ... This reverts commit 73964f069056f46f2f27fc690e42e5c91ae1fe19. This breaks more than it gains:-( It seems to break the ncacn_np session key metze (This used to be commit 9678085f75b6cb0ed068e22f3d9f94247b200ce2)	2008-07-28 17:59:17 +02:00
Stefan Metzmacher	c4c79aa1b6	gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work ... SMB signing with aes doesn't work, but still works with arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc. metze (This used to be commit 73964f069056f46f2f27fc690e42e5c91ae1fe19)	2008-07-28 16:15:23 +02:00
Stefan Metzmacher	0299edbc02	auth/credentials: explain why we need to the enctypes for the gssapi layer ... metze (This used to be commit 88970c4d4192635544cf63e79e929e9bb05ecb5f)	2008-07-28 09:29:42 +02:00
Stefan Metzmacher	55ea54ec64	gensec_gssapi: add support for signing RPC messages ... metze (This used to be commit dc2847c0acb0adaede4db72a7517046b93221162)	2008-07-26 21:48:32 +02:00
Stefan Metzmacher	21592142c3	auth/credentials: use the same enctypes when getting a TGT and a TGS ... metze (This used to be commit 9fc5750156467f579ea8d7755987d091f5b579c2)	2008-07-26 21:46:43 +02:00
Andrew Bartlett	63d91e9ab0	Kill of some bogus debugs for the world who does not use the LDAP backend ... (This used to be commit 5bde586bdb4a1523a62a764b9ff292a4a8cee4fe)	2008-07-15 19:31:37 +10:00
Andrew Bartlett	f5d18f4d24	Allow ldap credentials to be (optionally) stored in secrets.ldb ... This includes a simple bind DN, or SASL credentials. The error messages are reworked as on systems without an LDAP backend, we will fail to find this record very often. Andrew Bartlett (This used to be commit 95825ae6d5e9d9846f3a7505a81ebe603826227e)	2008-07-15 15:05:41 +10:00
Andrew Bartlett	9caa8d3da1	Try to make NTLMSSP less fussy for unimportant messages. ... We don't really care (because nobody uses them) what we send as the domain and workstation in the negotiate packet. Andrew Bartlett (This used to be commit 9ac07e14873df2c18d0e9501691c2d4c4047e218)	2008-07-15 15:04:06 +10:00
Stefan Metzmacher	93bc9f49a2	auth: don't force the build of auth_server as shared_module ... metze (This used to be commit b5187dd58ccae03e22ba8857c344a2d7d94f13b3)	2008-06-30 09:25:30 +02:00
Michael Adam	db7bd968da	ntlmssp: get rid of "cast to pointer from integer of different size" warning on 64 bit ... Not sure if this check is actually necessary, though: the second should be sufficient. Michael (This used to be commit 2813882ef3cc3609a74ad83bcee6be0c2cd53494)	2008-06-27 14:27:30 +02:00
Stefan Metzmacher	78ed0f72a6	credentials: gss_set_cred_option() doesn't like GSS_C_NO_BUFFER ... metze (This used to be commit 31cf1a781efce932d0574d7840979fcd0a07ec08)	2008-06-27 12:43:04 +02:00
Michael Adam	65ce11c5f3	credentials: gss_set_cred_option() needs gss_cred_id_t * argument, not gss_cred_id_t. ... This call was added in f573c1ff4443f3002c310d3ba29d8c343ad03907. Metze, please check! Michael (This used to be commit 2b40fd7e950a7f06d2c589eadc0f604a4c65e325)	2008-06-27 09:26:35 +02:00
Stefan Metzmacher	809d82d169	credentials: set GSS_KRB5_CRED_NO_CI_FLAGS_X to avoid GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG ... metze (This used to be commit f573c1ff4443f3002c310d3ba29d8c343ad03907)	2008-06-19 13:59:38 +02:00
Simo Sorce	ab871770ca	Fix build ... (This used to be commit 220b58070239141158d796bd782d62cc36cd19db)	2008-06-16 09:06:50 -04:00
Simo Sorce	929adc9efa	Make up the right dependencies now that ldb depends on libevents ... (This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)	2008-06-14 11:59:19 -04:00
Andrew Bartlett	be14efbdf9	Revert Jelmer's CFLAGS commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c ... This commit broke the build, because not all files (libreplace, popt) were updated. Andrew Bartlett (This used to be commit 3faacf4351d68a10aea78b53768571d2059772ae)	2008-05-31 08:35:55 +10:00
Jelmer Vernooij	39f50afc57	Move CFLAGS handling out of smb_build. ... (This used to be commit e2b71a0ecbf10a78a59a8ec6371bdee57b1bfa6c)	2008-05-30 02:07:28 +02:00
Jelmer Vernooij	73b789b6d2	Add docstrings to a couple more python modules. ... (This used to be commit b4560c90e5e8d3a35367d3a21d361dc4c9c0de23)	2008-05-24 04:01:57 +02:00
Jelmer Vernooij	a46450810b	Regenerate with SWIG 1.3.35. ... (This used to be commit ce063eca498036937f99161a1f12e076c2ab313f)	2008-05-23 03:22:56 +02:00
Jelmer Vernooij	d0b3551097	Add some docstrings to credentials python module. ... (This used to be commit 7b4435a68c5515f2ec09c8ba251d11ca1427748d)	2008-05-23 00:35:39 +02:00
Jelmer Vernooij	5ce59419a0	Fix CFLAGS for SWIG files. ... (This used to be commit 8ee4f075046e0b181ec8a4ac1eaf3ea5621a56bf)	2008-05-22 02:13:26 +02:00
Jelmer Vernooij	49706ab19b	Move more modules inside of the samba package. ... (This used to be commit 9b39e99f48266a54ed0b8890c2efde218b4b118a)	2008-05-21 23:59:34 +02:00
Jelmer Vernooij	b1fc7bab11	Move some python files into the samba package. ... (This used to be commit ed38c668cdbe10966e46bad97301122eea8001d0)	2008-05-21 21:50:56 +02:00
Jelmer Vernooij	82bcf967b7	Move CFLAGS overrides for SWIG modules to Makefile. ... (This used to be commit 58665a8a8e4b10435aebbf2c95b6a8e50db232d6)	2008-05-21 21:32:53 +02:00
Jelmer Vernooij	2914b0ca04	Remove support for .py files from smb_build - deal with it only in the makefiles. ... (This used to be commit b865249efaa58d0fc87fa25491fda3b970af81c3)	2008-05-21 21:24:48 +02:00
Jelmer Vernooij	1323e3e736	Fix proto generation. ... (This used to be commit 7385d9641d49b94c83fd2c75e57c9623d21fcdb0)	2008-05-20 01:02:05 +02:00
Andrew Bartlett	868c45102d	Don't regenerate pam_errors.h any more. ... Due to the new rules on prototypes, it must be a static header file. Andrew Bartlett (This used to be commit cf60a9b34ec2419b2bc03a37190cb17ad4cf3d5f)	2008-05-20 08:06:50 +10:00
Andrew Bartlett	343fea32cc	Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local ... Fix config.mk due to changing syntax. Conflicts: source/libcli/config.mk source/nbt_server/config.mk (This used to be commit 6a1c76f29f78183f44dfac6f468c5e728d2cb2cf)	2008-05-20 08:03:35 +10:00
Jelmer Vernooij	60ae8f0657	Fix a bunch of dependencies. ... (This used to be commit a63f458462d207d215a6e4ef8e480b0c8daedf6a)	2008-05-18 23:40:23 +02:00
Jelmer Vernooij	4c70cda986	Fix a couple (well, little more than that..) of typos. ... (This used to be commit a6b52119940a900fb0de3864b8bca94e2965cc24)	2008-05-18 23:02:47 +02:00
Jelmer Vernooij	4c8756f147	Create prototype headers from Makefile directory, without smb_build in the middle. ... (This used to be commit f4a77b96f9c17d853348b70794026e5b9e384942)	2008-05-18 22:30:08 +02:00