| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
instead of char *, which matches what samba4 has.
Fix all the callers to prevent compiler warnings.
This essentially ports r22001 from SAMBA_3_0 to SAMBA_3_0_26.
There are a few additional type cast corrections.
|
| |
|
|
| |
replace all data_blob(NULL, 0) calls.
|
| |
|
|
|
| |
match Windows NTLMSSP flags.
Jeremy.
|
| |
|
|
|
|
|
| |
Merge back the winbindd changes from SAMBA_3_0
to a release branch. This compiles, but hasn't
been valgrinded or tested. That will come...
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
This had
worked in one test, no idea what memory I've overwritten that time. This time
it survives the unpatched w2k password change.
Volker
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
------------------------------------------------
To be honest, I have NO idea whatsoever what this does, but it fixes what I
have been able to reproduce with smbtorture4 for bug number 4059. It's too
late here now to check with W2k native, I'll do that tomorrow or over the
weekend. I'll then also check in a samba4 torture test to walk this from now
on.
Volker
------------------------------------------------
|
| |
|
|
|
|
| |
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
Yau Lam Yiu <yiuext@cs.ust.hk>.
Jeremy.
|
| |
|
|
|
|
| |
initial NTLMSSP negotiate blob of only 16 bytes - no strings
added ! (So don't try parsing them).
Jeremy.
|
| |
|
|
|
|
| |
NTLMSSP client and domain strings as Unicode, even when setting
flags as OEM. Cope with this.
Jeremy.
|
| |
|
|
|
|
|
| |
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
|
| |
|
|
| |
ntlmssp_set_workstation()
|
| |
|
|
| |
messages) due to trying to strdup a NULL pointer
|
| |
|
|
|
|
|
|
| |
before trying the alternate format).
This only caused confusion and bug reports...
Andrew Bartlett
|
| |
|
|
| |
unused variables
|
| |
|
|
|
|
|
|
|
| |
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
|
| |
|
|
| |
ntlmssp code
|
| |
|
|
|
|
|
| |
key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
|
| |
|
|
|
|
|
|
| |
to checkout try this:
svn co svn+ssh://svn.samba.org/home/svn/samba/branches/SAMBA_3_0 samba-3_0-work
metze
|
|
|
metze
|
