s3-auth: Remove security=share (depricated since 3.6). This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
lib/crypto: add aes_cmac_128* (rfc 4493) Thanks to Jeremy, Michael and Volker for the debugging! metze
s3: Add a test that makes a chained open break an oplock Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Wed Feb 29 01:13:03 CET 2012 on sn-devel-104
s3-build: allow gcov testing by linking timelimit with --coverage
s3-auth Use the common gensec_ntlmssp_update in gensec_ntlmssp3_server Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-auth: Use common gensec_ntlmssp server functions for more of gensec_ntlmssp3_server This is possible because we now supply the auth4_context abstraction that this code is looking for. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-build: Use credentials_ntlm.c in the autoconf build as well Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-librpc: Use gensec_spnego for DCE/RPC authentication This ensures that we use the same SPNEGO code on session setup and on DCE/RPC binds, and simplfies the calling code as spnego is no longer a special case in cli_pipe.c A special case wrapper function remains to avoid changing the application layer callers in this patch. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-build: remove EXEEXT from Makefiles As far as I am aware, we do not actually build on any platforms that require this. The last Stratos VOS release on ftp://ftp.stratus.com/vos/samba/samba.html was 3.0.5 Andrew Bartlett
auth: rename ntlmssp.c to ntlmssp_util.c
lib: Remove dead mszip code. RIP, long live zlib.
Revert "build: Add -lz to wbinfo to fix build on some hosts" This reverts commit 88daf798fec56a99e5eb3aed67f3b58572d97d34. This is not needed as 5c88cfcc525290d0ad1c322401685c60c1abdf10 is the better fix, see https://bugzilla.samba.org/show_bug.cgi?id=8711 metze
build: Add -lz to wbinfo to fix build on some hosts This is required after the rework of the object lists for gensec_gse Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Jan 20 23:33:14 CET 2012 on sn-devel-104
s3: Fix the build on FreeBSD8 Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Fri Jan 20 21:58:04 CET 2012 on sn-devel-104
s3-librpc Remove unused dcesrv_gssapi.[ch] functions The code from dcesrv_gssapi.c is now in source3/auth/auth_generic.c as an auth callback. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-build: Rework object lists to allow gse gensec module This also allows the spnego_parse_krb5_wrap() function to be shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-gse: Add gensec wrapper for gse GSSAPI client This brings in part of the s4 gensec_gssapi as the boilerplate for the new module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
s3-passdb: trying to decouple passdb and secrets a little. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 18 14:46:18 CET 2012 on sn-devel-104
s3-autoconf: fix the build of the pdb_ldap shared module in autoconf build as well. Guenther
s3:build: add auth/gensec/spnego.o metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Jan 13 06:32:30 CET 2012 on sn-devel-104