d977044e76
secur32: Eliminate broken clean-up "cheat".
2011-11-30 11:45:26 +01:00
f4ac641af5
secur32: Clean up the helper in all cases where it was allocated.
2011-11-30 11:45:21 +01:00
7f17934de2
secur32: Superfluous semicolons fix.
2011-11-07 11:54:47 +01:00
0dd54eb0fd
secur32: Print the ntlm_auth diagnostic message to the winediag channel.
2011-10-27 12:25:13 +02:00
982e7f96b1
secur32: Remove dead code (Clang).
2011-07-05 14:42:53 +02:00
30435a5951
secur32: Trace flags as hex values.
2010-10-22 12:03:45 +02:00
24592a7a62
secur32: Avoid using long.
2010-05-12 13:44:40 +02:00
9dd206d28e
secur32: Use NTLM2 instead of NTLMv2.
...
In the current code NTLMv2 is used when talking about second generation
NTLM crypto algorithms. Most other publiations call this NTLM2, and use
NTLMv2 to describe a different crypto handshake that can be used by
either NTLM1 or NTLM2 crypto.
2010-04-19 14:56:12 +02:00
1346834605
secur32: Fix memory leaks in ntlm_InitializeSecurityContextW.
2009-12-30 13:40:31 +01:00
9a81b032c4
secur32: Pretend the NTLM provider also does Negotiate.
...
We had to enable the Negotiate provider a while back so programs that expected
that provider to be present would be happy. This broke programs that expect a
Negotiate provider to actually do something if it is present. This fix works
around that new issue by thunking all calls to Negotiate to NTLM.
2009-12-30 13:31:12 +01:00
3cd88cfab3
secur32: Fix memory leak in NTLM's FreeCredentialsHandle.
2009-12-14 12:04:05 +01:00
e987ec4299
secur32: Use empty credentials when cached creds fail.
2009-11-09 19:38:00 +01:00
e6ac20e814
secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
...
This reverts commit 7788c8ed0dec443be738
2009-08-12 12:51:02 +02:00
ec443be738
secur32: Don't try to use ntlm_auth --use-cred-cache.
...
If ntlm_auth actually uses the cred cache, it will not give a session key.
As the Wine NTLM code depends on the session key to do transport crypto, don't
attempt to use the winbind cred cache.
This completely reverts my attempted fix 7788c8ed888a8e278a2125f9
2009-05-20 13:34:16 +02:00
7788c8ed0d
secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials.
...
Samba 3.0.28a (as shipped with Ubuntu 8.04) seems to break when using
cached credentials backed by winbindd, returning a BH error in our test
if we still need to provide a password. Handle this and report a more
correct error.
2009-04-14 11:28:34 -05:00
21a7b21b65
secur32: Properly initialize the helper structure when fork support is missing.
2009-02-16 11:53:22 +01:00
e01ae46cac
secur32: Remove superfluous pointer casts.
2009-01-22 12:04:52 +01:00
57ab0cd9a6
include: sspi.h: Use the Win types as per MSDN.
...
This improves the Win64 compatibility.
2009-01-06 12:43:46 +01:00
140c0423f5
secur32: Memory allocation size fix.
2008-05-13 10:40:03 +02:00
49939ed544
secur32: Remove unused variables.
2008-04-25 11:28:43 +02:00
088ae3b81c
secur32: Fix ntlm_GetCachedCredential to not call strlenW on a NULL pointer.
...
pszHost should just be set to pszTargetName if pszTargetName doesn't
contain any other information.
2008-03-10 19:12:54 +01:00
8a2125f932
secur32: Try to retrive credentials by using the credential manager to retrieve credentials saved for the target server in InitializeContextHandleW, if possible.
2008-02-04 11:10:50 +01:00
506ba701bb
secur32: If using cached credentials failed in InitializeSecurityContext then fail with SEC_E_NO_CREDENTIALS instead of carrying on with a blank password.
2008-02-04 11:10:05 +01:00
72ffc3fad9
secur32: Move the detection of NULL credentials from AcquireCredentialsHandle to InitializeSecurityContext.
...
Only use cached credentials if the credentials were NULL. Don't pass a
domain into ntlm_auth when using cached credentials as
ntlm_auth/winbindd should be able to figure that out.
2008-02-04 11:10:01 +01:00
e4ca5c5647
secur32: Remove unneeded casts.
2008-01-21 11:38:45 +01:00
d117938f7a
secur32: Remove the SECUR32_ALLOC() macro around HeapAlloc().
2007-12-06 12:07:12 +01:00
fdfa760c85
secur32: ntlm_auth returns BH if the connection to winbindd fails.
2007-10-09 12:34:35 +02:00
9b1082ef3b
secur32: Fix some memory leaks.
2007-10-05 10:26:20 +02:00
5afd341aec
secur32: Remove hardcoded assumption that the SECBUFFER_DATA is always at index 1 for en/decrypting.
2007-10-02 11:42:10 +02:00
78b047e4e4
secur32: Give a hint where to find ntlm_auth.
2007-08-30 11:57:18 +02:00
610a3b1ad2
secur32: Remove valid_session_key from NegoHelper since it is only ever set and not read.
2007-08-08 15:32:00 +02:00
888a8e27b8
secur32: Split the NTLM credential and context handles into separate objects.
...
This prevents races with two threads using the helper object at the same
time on two different context handles, eliminates the need to free the
credential handle after freeing the context handles and also prevents a
crash caused by not clearing session_key in DeleteSecurityContext.
2007-08-08 15:32:00 +02:00
2ede1370d3
secur32: Don't free the password in InitializeSecurityContextW to enable the credentials handle to be re-used in further InitializeSecurityContextW calls.
2007-07-03 12:29:19 +02:00
c1e724bc88
secur32: Downgrade WARN to TRACE, fix another TRACE.
2007-05-29 11:54:22 +02:00
aa1be492cd
secur32: Fix NTLM's InitializeSecurityContextA/W to be flexible with the index of the token buffer in both the input and output buffer descriptions.
2007-05-25 20:17:11 +02:00
4d275bcf10
secur32: Don't set the output buffer type in NTLM's IntializeSecurityContextA/W.
2007-05-25 20:16:58 +02:00
661b49785e
secur32: Make the NTLM SSP cope with a NULL phCredential parameter when InitializeSecurityContext is called more than once.
2007-05-25 20:16:42 +02:00
7e6c5aad3c
secur32: Move NTLM debug output to a seperate "ntlm" channel.
2007-04-16 12:08:44 +02:00
b814c45f00
secur32: NTLM's AcquireCredentialHandleA/W should accept domains and usernames with lengths of 0.
...
Add tests for these cases.
2007-03-06 21:59:39 +01:00
d9229bd1c5
secur32: NTLM - don't bother nul terminating the password string as nothing relies on it being nul terminated.
2007-03-06 21:59:34 +01:00
3012038e73
secur32: NTLM - don't copy more data from User, Domain and Password
...
pointers in the SEC_WINNT_AUTH_IDENTITY structure than the
corresponding Length fields say the pointers hold.
2007-03-06 21:59:28 +01:00
7325bbd127
secur32: Fix ntlm_auth version number check when registering the NTLM SSP.
2007-02-06 12:30:21 +01:00
809e4124d7
secur32: Bump minimal required samba version to 3.0.25, 3.0.24 is a bugfix release.
2007-02-06 12:30:16 +01:00
747ab4bf74
secur32: Fix off-by-one error in converting the password to unicode.
2007-01-24 12:56:33 +01:00
dc98ac1adb
secur32: Fix off-by-one error when copying the password to the helper.
...
This fixes NTLM authentication with Outlook2003.
2007-01-24 12:07:41 +01:00
aab5e5856e
Don't put single quotes around '%s' when using the debugstr_*() functions.
2007-01-18 12:55:50 +01:00
f46da1f985
secur32: Use constants instead of hardcoded values.
2006-12-24 15:12:34 +01:00
098e82d81e
secur32: Make some data const.
2006-12-14 20:11:44 +01:00
3dc6390e72
secur32: Improve version detection, move all the version detection to ntlm.c.
...
Also, as starting with Samba 3.0.24, ntlm_auth will have all the features
we need, require that as minimal version and remove odd old-version
compatibility hacks.
2006-11-29 12:37:20 +01:00
1037e20bc7
secur32: Fix handling of ISC_REQ* flags in InitializeSecurityContext.
2006-11-14 11:34:19 +01:00
Ken Thomases