samba.git/source4/utils, branch talloc-2.1.7 Unnamed repository; edit this file 'description' to name the repository. lib: Give base64.c its own .h 2016-05-03T23:28:23+00:00 Volker Lendecke vl@samba.org 2016-05-03T14:12:10+00:00 93b982faada860b6be178e0dcd4650bf7ca498aa Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
lib: Make callers of base64_encode_data_blob check for success 2016-05-03T23:28:23+00:00 Volker Lendecke vl@samba.org 2016-05-03T13:54:07+00:00 cf5a81013d2dbc62cacaa0141c9ee6b53e13cb39 Quite a few callers already did check for !=NULL. With the current code this is pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the callers consistently check, so that we can remove SMB_ASSERT from base64.c. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_auth 2016-03-11T21:58:18+00:00 Herwin Weststrate herwin@quarantainenet.nl 2015-12-09T17:47:47+00:00 0b500d413c5b76188c0c566318be7079b777237c An implementation of https://lists.samba.org/archive/samba/2012-March/166497.html (which has been discussed in 2012, but was never implemented). It has been tested on a Debian Jessie system with this patch added to the Debian package (which is currently 4.1.17). Even though this is Samba 4, the ntlm_auth installed is the one from Samba 3 (yes, it surprised me too). The backend was a machine with Windows 2012R2. It was first tested with the local security policy 'Network Security: LAN Manager authentication level' setting changed to 'Send NTLMv2 Response Only' (allow ntlm v1). This way we are able to authenticate with and without the MSV1_0_ALLOW_MSVCHAPV2 flag (as expected). After the basic step has been verified, the local security policy 'Network Security: LAN Manager authentication level' setting was changed to 'Send NTLMv2 Response Only. Refuse LM & NTLM' (only allow ntlm v2). The behaviour now changed according to the MSV1_0_ALLOW_MSVCHAPV2 flag (again: as expected). $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= Logon failure (0xc000006d) $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= --allow-mschapv2 NT_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX The changes in `wbclient.h` are intended for programs that use libwinbind directly instead of authenticating via `ntlm_auth`. I intend to use that within FreeRADIUS (see https://bugzilla.samba.org/show_bug.cgi?id=11149). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11694 Signed-off-by: Herwin Weststrate <herwin@quarantainenet.nl> Reviewed-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
An implementation of https://lists.samba.org/archive/samba/2012-March/166497.html (which has been discussed in 2012, but was never implemented).

It has been tested on a Debian Jessie system with this patch added to the Debian package (which is currently 4.1.17). Even though this is Samba 4, the ntlm_auth installed is the one from Samba 3 (yes, it surprised me too). The backend was a machine with Windows 2012R2.

It was first tested with the local security policy 'Network Security: LAN Manager authentication level' setting changed to 'Send NTLMv2 Response Only' (allow ntlm v1). This way we are able to authenticate with and without the MSV1_0_ALLOW_MSVCHAPV2 flag (as expected).

After the basic step has been verified, the local security policy 'Network Security: LAN Manager authentication level' setting was changed to 'Send NTLMv2 Response Only. Refuse LM & NTLM' (only allow ntlm v2). The behaviour now changed according to the MSV1_0_ALLOW_MSVCHAPV2 flag (again: as expected).

  $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain=
  Logon failure (0xc000006d)
  $ ntlm_auth --request-nt-key --username=XXXXXXXXXXXXX --challenge=XXXXXXXXXXXXXXXXX --nt-response=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --domain= --allow-mschapv2
  NT_KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The changes in `wbclient.h` are intended for programs that use libwinbind directly instead of authenticating via `ntlm_auth`. I intend to use that within FreeRADIUS (see https://bugzilla.samba.org/show_bug.cgi?id=11149).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11694
Signed-off-by: Herwin Weststrate <herwin@quarantainenet.nl>
Reviewed-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Fix various spelling errors 2015-11-06T12:43:45+00:00 Mathieu Parent math.parent@gmail.com 2015-07-26T21:02:57+00:00 c315fce17ef11a23c24fc92b7475ac3a3ac55032 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 6 13:43:45 CET 2015 on sn-devel-104 
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov  6 13:43:45 CET 2015 on sn-devel-104
ntlm_auth: Remove two uses of hex_encode() 2015-05-12T23:44:20+00:00 Volker Lendecke vl@samba.org 2015-05-08T10:12:21+00:00 c8e9574f41f912b26a9947c4973752f24c7ad904 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Typo: s/preceeded/preceded/ 2014-04-14T01:51:15+00:00 Jelmer Vernooij jelmer@samba.org 2014-03-30T02:01:06+00:00 e0cddcd5c44a22a36a156079f8546d3b8e7ee0c1 Caught by lintian, the Debian package linter :) Change-Id: Ia7162ea8c2b1845155345526b66d71ae64f15227 Reviewed-on: https://gerrit.samba.org/216 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Mon Apr 14 03:51:15 CEST 2014 on sn-devel-104 
Caught by lintian, the Debian package linter :)

Change-Id: Ia7162ea8c2b1845155345526b66d71ae64f15227
Reviewed-on: https://gerrit.samba.org/216
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Mon Apr 14 03:51:15 CEST 2014 on sn-devel-104
s4:ntlm_auth: make use of gensec_update_ev() 2014-03-26T23:36:32+00:00 Stefan Metzmacher metze@samba.org 2013-12-13T18:37:32+00:00 01575faf678d4280733c2a4c657e370b9b847b69 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
oLschema2ldif: Add some NULL checks 2013-11-11T20:04:08+00:00 Volker Lendecke vl@samba.org 2013-11-09T15:40:18+00:00 096358f4e1b8000d1006293963f4c571ee6fc8cb This should fix Coverity ID 1034812 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ira Cooper <ira@samba.org> 
This should fix Coverity ID 1034812

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
ldb: Do not build libldb-cmdline when using system ldb. 2013-09-10T10:52:26+00:00 Jeroen Dekkers jeroen@dekkers.ch 2013-09-08T22:42:39+00:00 0af09f0179c024099e0776d3794f4b3d7fb3f6f6 Cleanup leftover include and linking of libldb-cmdline in oLschema2ldif. Do not build libldb-cmdline anymore when using the system ldb, oLschema2ldif was the only reason for building libldb-cmdline. Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104 
Cleanup leftover include and linking of libldb-cmdline in
oLschema2ldif. Do not build libldb-cmdline anymore when using the
system ldb, oLschema2ldif was the only reason for building
libldb-cmdline.

Signed-off-by: Jeroen Dekkers <jeroen@dekkers.ch>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 10 12:52:26 CEST 2013 on sn-devel-104
auth/gensec: introduce gensec_internal.h 2013-08-10T07:19:02+00:00 Stefan Metzmacher metze@samba.org 2013-08-05T05:12:01+00:00 71c63e85e7a09acb57f6b75284358f2b3b29eeed We should treat most gensec related structures private. It's a long way, but this is a start. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
We should treat most gensec related structures private.

It's a long way, but this is a start.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>