IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
'dest_realm' is only valid in the winbindd use case, where we also have
the account in that realm.
We need to ask the DC to which KDC the principal belongs to, in order to
get the potential trust referrals right.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
It's enough to pass down target_service and target_hostname, that's all we
have at the smb layer. The kerberos layer should figure out what
the final target_principals is based on the users realm.
The gse_krb5 backend doesn't use it currently, so it's also unused.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
The spnego backend will take the "client use spnego principal" option.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This separates the construction of the ASCII-Password (lm_response)
and UNICODE-Password (nt_response) values from the marshalling logic.
We don't need the NT1 marshalling logic 3 times (guest, plain, nt1),
we just need it once now in smb1cli_session_setup_nt1*.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This separates the spnego authentication logic from the
marshalling logic.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This does a session setup for the NT1 protocol with CAP_EXTENDED_SECURITY.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This does a session setup for the NT1 protocol (without CAP_EXTENDED_SECURITY).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This does a session setup for the LANMAN 2(.1) protocol.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
There're no callers which tried to pass raw {lm,nt}_response any more.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This offers a global 'struct user_auth_info *cmdline_auth_info',
similar to the 'cmdline_credentials' we have in
source4/lib/cmdline/popt_common.c.
And we create that in the POPT_CALLBACK_REASON_PRE stage
and finalize it in the POPT_CALLBACK_REASON_POST stage.
That means much less boring work for the callers
and more freedom to change the user_auth_info internals
in future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This is important in order to let the kdc of the users realm start with
the trust referral routing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This is important in order to let the kdc of the users realm start with
the trust referral routing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We always provide each output blob as it's own talloc memory
and also check for talloc failures.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Nov 15 05:09:31 CET 2016 on sn-devel-144
This test demonstrates that one cannot use a handle retrieved via
iremotewinspool in a spoolss context.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
