| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Still todo:
* release notes
* few minor outstanding patches
* additional idmap man pages
|
| |
|
|
| |
to warrant one)
|
| |
|
|
|
|
| |
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
Yau Lam Yiu <yiuext@cs.ust.hk>.
Jeremy.
|
| |
|
|
|
|
| |
initial NTLMSSP negotiate blob of only 16 bytes - no strings
added ! (So don't try parsing them).
Jeremy.
|
| |
|
|
|
|
| |
NTLMSSP client and domain strings as Unicode, even when setting
flags as OEM. Cope with this.
Jeremy.
|
| |
|
|
|
|
|
| |
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
|
| |
|
|
| |
ntlmssp_set_workstation()
|
| |
|
|
| |
messages) due to trying to strdup a NULL pointer
|
| |
|
|
|
|
|
|
| |
before trying the alternate format).
This only caused confusion and bug reports...
Andrew Bartlett
|
| |
|
|
| |
unused variables
|
| |
|
|
|
|
|
|
|
| |
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
|
| |
|
|
| |
ntlmssp code
|
| |
|
|
|
|
|
| |
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
|
| |
|
|
|
|
|
|
| |
to checkout try this:
svn co svn+ssh://svn.samba.org/home/svn/samba/branches/SAMBA_3_0 samba-3_0-work
metze
|
|
|
metze
|
