IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This function updates cli->server_{os,type,domain} to valid values
after a session setup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12779
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e0069bd2a4)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jun 19 15:15:47 CEST 2017 on sn-devel-144
Also old servers should be able to handle NTLMSSP via SPNEGO.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 21 22:21:08 CET 2016 on sn-devel-144
This will allow us to setup SMB1 encryption by just passing
cli_credentials.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This can be used temporarily to do the required kinit if we use kerberos
and the password has been specified.
In future this should be done in the gensec layer on demand, but there's
more work attached to doing it in the gensec_gse module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
There're no callers which try to pass a raw lm_response directly anymore.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 9 13:09:37 CET 2016 on sn-devel-144
This can be used with a valid creds structure in order
to do a share level authentication or with NULL in the cases
we assume a modern server already.
Later we can change the ordering and implement
cli_tree_connect() on top of cli_tree_connect_creds().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Dec 2 17:32:26 CET 2016 on sn-devel-144
'dest_realm' is only valid in the winbindd use case, where we also have
the account in that realm.
We need to ask the DC to which KDC the principal belongs to, in order to
get the potential trust referrals right.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
It's enough to pass down target_service and target_hostname, that's all we
have at the smb layer. The kerberos layer should figure out what
the final target_principals is based on the users realm.
The gse_krb5 backend doesn't use it currently, so it's also unused.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The spnego backend will take the "client use spnego principal" option.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This separates the construction of the ASCII-Password (lm_response)
and UNICODE-Password (nt_response) values from the marshalling logic.
We don't need the NT1 marshalling logic 3 times (guest, plain, nt1),
we just need it once now in smb1cli_session_setup_nt1*.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This separates the spnego authentication logic from the
marshalling logic.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
There're no callers which tried to pass raw {lm,nt}_response any more.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We need NT1 => LATEST in order to work against all servers which support
DCERPC over ncacn_np.
This is a mini step in using SMB2/3 in our client side by default.
This gives us a higher chance that SMB signing is supported by the
server (as it can't be turned off for SMB2 and higher).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
