summaryrefslogtreecommitdiff
path: root/source3/smbd/seal.c
Commit message (Collapse)AuthorAgeFilesLines
* auth: Always supply both the remote and local address to the auth subsystemAndrew Bartlett2017-03-291-0/+5
| | | | | | | | | | | This ensures that gensec, and then the NTLM auth subsystem under it, always gets the remote and local address pointers for potential logging. The local address allows us to know which interface an authentication is on Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s3-auth: Pass service_description into gensec via auth_generic_prepare()Andrew Bartlett2017-03-291-0/+1
| | | | | | | | | | | This allows the GENSEC service description to be set from the various callers that go via this function. The RPC service description is the name of the interface from the IDL. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s3:smbd: remove unused spnego related includesStefan Metzmacher2015-12-171-2/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3:smbd: pass smbXsrv_connection to smb1 encryption functionsStefan Metzmacher2014-08-061-4/+4
| | | | | | | | These parameters are not really used currently, but may be in future. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:smbd: remove unused 'sconn' from is_encrypted_packet()Stefan Metzmacher2014-08-061-2/+1
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* lib-util: rename memdup to smb_memdup and fix all callersBjörn Baumbach2014-04-161-1/+1
| | | | | Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Volker Lendecke <vl@samba.org>
* auth/gensec: remove tevent_context argument from gensec_update()Stefan Metzmacher2014-03-271-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/smb: Convert struct smb_trans_enc_state to tallocAndrew Bartlett2012-01-311-34/+11
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-smbd: Use gensec_spnego in smb seal serverAndrew Bartlett2012-01-311-304/+29
| | | | | | | | | This is instead of the inline, manual spnego code currently in use. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-libsmb: use struct gensec_security directlyAndrew Bartlett2012-01-201-9/+9
| | | | | | | | This is rather than via a now one-element union. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-libcli Change krb5 smb sealing to call via gensec and gensec_gseAndrew Bartlett2012-01-201-189/+32
| | | | | | | | | This also fixes the support for smb sealing with krb5 in make test, as this now relies on secrets.tdb rather than /etc/krb5.keytab. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Rename make_auth_ntlmssp() -> make_auth_gensec()Andrew Bartlett2012-01-061-5/+5
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth remove outdated commentAndrew Bartlett2012-01-051-3/+0
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Jan 5 18:51:47 CET 2012 on sn-devel-104
* s3-auth remove unused ntlmssp.hAndrew Bartlett2012-01-051-1/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Remove ntlmssp_wrap.h which is no longer requiredAndrew Bartlett2012-01-051-1/+0
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth use gensec directly rather than via auth_generic_stateAndrew Bartlett2012-01-051-8/+7
| | | | | | | | | This is possible because the s3 gensec modules are started as normal gensec modules, so we do not need a wrapper any more. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Add TALLOC_CTX * to auth_generic_prepare()Andrew Bartlett2012-01-051-1/+1
| | | | | | | | | This makes the long term owner of this memory more clear. So far only the clear cases have been moved from NULL however. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth remove auth_ntlmssp_start(), call auth_generic_start() directlyAndrew Bartlett2011-12-221-1/+1
| | | | | | | | This makes it clear that this can support more than just NTLMSSP. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth rename auth_ntlmssp_prepare() -> auth_generic_prepare()Andrew Bartlett2011-12-221-1/+1
| | | | | | | | | This function handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth rename auth_ntlmssp_state -> auth_generic_stateAndrew Bartlett2011-12-221-1/+1
| | | | | | | | | This structure handles more than NTLMSSP now, at least when we are an AD DC and so changing the name may avoid some confusion in the future. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* libcli/smb: move smb_seal.c to the toplevelStefan Metzmacher2011-10-211-1/+1
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
* s3-seal Remove struct smb_srv_trans_enc_ctxAndrew Bartlett2011-10-211-99/+50
| | | | | | | | | | | | | This structure added no value, particularly after the move to gensec. It was added at a time when auth_ntlmssp_state was not available in the client. This changed a while back (the wrapper was extended with client calls), and the move to gensec again reinforced that we do not need the extra complexity. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-ntlmssp Remove references to auth_ntlmssp_context from the smb sealing codeAndrew Bartlett2011-10-211-15/+24
| | | | | | Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett2011-10-211-1/+1
| | | | | | | | We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-ntlmssp Remove auth_ntlmssp_negotiated_sign() and ↵Andrew Bartlett2011-10-211-2/+2
| | | | | | | | | | auth_ntlmssp_negotiated_seal() We now just call the gensec_have_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett2011-10-211-7/+8
| | | | | | | | We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few ↵Stefan Metzmacher2011-10-211-1/+1
| | | | | | lines later metze
* ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett2011-10-181-1/+1
| | | | | | | | | This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3: Pass smbd_server_connection to (unused) server_encryption_shutdownVolker Lendecke2011-08-251-1/+1
|
* s3: Pass smbd_server_connection to srv_encrypt_bufferVolker Lendecke2011-08-251-1/+2
|
* s3: Pass smbd_server_connection to srv_decrypt_bufferVolker Lendecke2011-08-251-1/+1
|
* s3: Pass smbd_server_connection to srv_free_enc_bufferVolker Lendecke2011-08-251-1/+1
|
* s3: Pass smbd_server_connection to is_encrypted_packetVolker Lendecke2011-08-251-1/+2
|
* s3: Explicitly pass smb_srv_trans_enc_ctx to srv_enc_ctxVolker Lendecke2011-08-251-3/+3
|
* s3: Make srv_enc_ctx staticVolker Lendecke2011-08-051-1/+1
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Aug 5 18:29:24 CEST 2011 on sn-devel-104
* s3: Fix some nonempty blank linesVolker Lendecke2011-08-051-3/+3
|
* s3-ntlmssp Split auth_ntlmssp_start into two functionsAndrew Bartlett2011-08-031-1/+7
| | | | | | | | | This helps map on to the GENSEC semantics better, and ensures that the full set of desired features are set before the mechanism starts. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the serverAndrew Bartlett2011-08-031-0/+2
| | | | | | | | | | | | This is changed so that the callers ask for the additional flags that they need, starting with no additional flags. This helps to create a proper abstraction layer in ntlmssp_wrap/auth_ntlmssp. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett2011-08-031-3/+7
| | | | | | | | This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Use auth_ntlmssp_*() functions in more placesAndrew Bartlett2011-08-031-2/+2
| | | | | | | | This allows auth_ntlmssp_get_ntlmssp_state() to be removed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth: Added remote_address to ntlmssp server.Andreas Schneider2011-07-041-11/+39
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-1/+1
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-libsmb: move protos to libsmb/proto.hGünther Deschner2011-05-061-0/+1
| | | | Guenther
* Fix many const compiler warnings.Jeremy Allison2011-05-051-1/+1
|
* s3-auth: smbd needs auth.hGünther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: include smbd/smbd.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-build: only include asn1 headers where actually needed.Günther Deschner2011-03-161-0/+1
| | | | Guenther
* s3-libsmb: move smb encryption structs into own header.Günther Deschner2011-03-161-0/+1
| | | | Guenther
* s3: Fix input check in is_encrypted_packetVolker Lendecke2010-10-081-1/+3
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Oct 8 07:40:52 UTC 2010 on sn-devel-104
* Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL ↵Jeremy Allison2010-07-201-4/+4
| | | | | | contexts. Jeremy.
View Lorry Controller Status