svn commit: samba r9408 - in trunk/source: include lib libsmb registry rpc_client rpc_parse rpc_server

Andrew Bartlett abartlet at samba.org
Sat Aug 20 02:11:37 GMT 2005 

On Sat, 2005-08-20 at 01:38 +0000, jra at samba.org wrote:
> Author: jra
> Date: 2005-08-20 01:38:31 +0000 (Sat, 20 Aug 2005)
> New Revision: 9408
> 
> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9408
> 
> Log:
> The *classic* friday night check-in :-).
> Ok - this code (especially the RPC client code) will probably not work.
> But enough of the server RPC code is fixed that we need to have it in the
> tree so others can start banging on it.
> Brings back the NTLMv2 code from Samba4 gensec and allows Samba3 rpc pipes
> to negotiate NTLMv2 sign and seal - using auth type 10. 

For the list, the reason this is important is that this will fix the
last part of Samba 3.0 that could not (modulo bugs) handle NTLMv2, or
even traditional NTLM authentication (it used LM only!).  This should
make it possible to enable NTLMv2 (in all it's forms) as a policy across
a Samba 3.0 domain with far more confidence.  

The main area this hit was password changes, as they use a sealed RPC
pipe.  

The reason this never worked before is because I was just too afraid of
the RPC server pipe code to touch it.  A big thanks to jra for taking
this on!

> It works with Samba4 smbtorture using
> the RPC-ECHO test until I get a segfault (in Samba4 smbtorture). I'm going
> to look into that next.
> Thanks to Andrew Bartlett for his wonderfully clear gensec code and some
> extremely useful help and advice in doing this.
> Jeremy.

Thank-you!

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050820/7e30bb8b/attachment.bin

More information about the samba-technical mailing list