summaryrefslogtreecommitdiff
path: root/libcli/auth
AgeCommit message (Collapse)AuthorFilesLines
2013-08-05libcli/auth: add netlogon_creds_shallow_copy_logon()Stefan Metzmacher2-0/+76
This can be used before netlogon_creds_encrypt_samlogon_logon() in order to keep the provided buffers unchanged. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: add netlogon_creds_[de|en]crypt_samlogon_logon()Stefan Metzmacher2-0/+124
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: fix shadowed declaration in ↵Stefan Metzmacher1-4/+4
netlogon_creds_crypt_samlogon_validation() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: make netlogon_creds_crypt_samlogon_validation more robustStefan Metzmacher1-1/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: also set secure channel type in netlogon_creds_client_init().Günther Deschner2-0/+3
Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-07-31schannel: Fix an unused variableVolker Lendecke1-1/+0
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-19build: Build with system md5.h on OpenIndianaAndrew Bartlett3-6/+6
This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2013-04-12schannel_store.tdb: make it schannel_store.ntdb if 'use ntdb'.Rusty Russell1-1/+1
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-04-12libcli/auth: convert to dbwrap.Rusty Russell3-39/+37
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-03-28libcli/auth: avoid using transactions a chainlock is enoughStefan Metzmacher1-10/+26
We're just writting a single record into a CLEAR_IF_FIRST|TDB_NOSYNC tdb. We just need to make sure we lock the record between reading and writting. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Mar 28 14:52:14 CET 2013 on sn-devel-104
2013-01-22libcli/auth: fix void function cannot return value errorAndrew Bartlett1-2/+2
Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 22 22:32:31 CET 2013 on sn-devel-104
2012-12-21libcli: Check schannel state return value of tdb_transaction_commit().Andreas Schneider1-1/+5
Found by Coverity. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-15libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2-6/+44
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-15libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2-6/+9
netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-12-09libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner1-0/+14
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09libcli/auth: remove trailing whitespace.Günther Deschner1-38/+38
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-09libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2-0/+30
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-08-24Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().Jeremy Allison3-13/+3
The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
2012-08-24Remove useless bool "upper_case_domain" parameter.Jeremy Allison1-13/+2
2012-08-24Move uppercasing the domain out of smb_pwd_check_ntlmv2()Jeremy Allison1-9/+21
Allows us to remove a silly bool parameter. Based on work done by "Blohm, Guntram (I/FP-37, extern)" <extern.guntram.blohm@audi.de>.
2012-07-17libcli/auth: add support for AES/HMAC-SHA256 to the netlogon schannel sign/sealStefan Metzmacher1-51/+137
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17libcli/auth: add support for AES/HMAC-SHA256 schannel session key supportStefan Metzmacher1-3/+63
metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-07-17s4:librpc/rpc/dcerpc_schannel: just append NETLOGON_NEG_RODC_PASSTHROUGH as rodcStefan Metzmacher1-2/+0
The RODC stuff doesn't depend on the schannel algorithm. metze Signed-off-by: Günther Deschner <gd@samba.org>
2012-06-19libcli: use tdb directly, not tdb_compat.Rusty Russell1-2/+2
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-05-03UTIL_TDB: lowercase name.Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 20:18:22 CEST 2012 on sn-devel-104
2012-04-23Make krb5 wrapper library common so they can be used all overSimo Sorce3-310/+1
2012-04-12krb5_wrap: krb5_string_to_key / krb5_encrypt_block are deprecated.Simo Sorce1-4/+4
Remove checks and replace with krb5_c_string_to_key(). Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12auth-krb: Move pac related util functions in a single place.Simo Sorce2-81/+0
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12auth-krb: Make functions static.Simo Sorce1-4/+0
The remaining gssapi_parse functions were used exclusively in gensec_krb5. Move them there and make them static. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12auth-krb: Nove oid packet check to gensec_util.Simo Sorce1-1/+0
This is clearly a utiliy function generic to gensec. Also the 3 callers had identical implementations. Provide a generic implementation for all of them and avoid duplicating the code everywhere. Signed-off-by: Andreas Schneider <asn@samba.org>
2012-04-12krb5_wrap: remove duplicate declaration and dead ifdefSimo Sorce1-4/+0
Signed-off-by: Andreas Schneider <asn@samba.org>
2012-03-10tdb_wrap: Move to specific directory.Jelmer Vernooij1-1/+1
It's a bit confusing to mix low-level and high-level libraries. We had multiple libraries in one directory, and there were have circular dependencies with other libraries outside that directory (in this case, samba-hostconfig). Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Mar 10 23:13:01 CET 2012 on sn-devel-104
2012-02-25libcli: Remove a pointless checkVolker Lendecke1-3/+1
"n" is size_t, so it is always >=0.
2012-02-17auth: Move the rest of the source4 gensec_ntlmssp code to the top levelAndrew Bartlett1-2/+2
The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-02-17auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett1-0/+17
gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
2012-01-12auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksumAndrew Bartlett1-2/+1
2012-01-10krb5: Require krb5_string_to_key be available to build with krb5Andrew Bartlett1-1/+1
2012-01-10krb5: Require krb5_principal_compare_any_realm be available to build with krb5Andrew Bartlett1-28/+0
2012-01-10krb5: Require krb5_c_verify_checksum is available to build with krb5Andrew Bartlett1-63/+20
2011-12-28auth/kerberos: Move gssapi_parse.c to the top levelAndrew Bartlett1-0/+4
This will help with writing a gensec module for the s3 gse layer. Andrew Bartlett
2011-12-12s4-lsarpc handle more info levels in SetInfoTrustedDomain callsAndrew Bartlett1-1/+1
This uses the very helpful conversion functions written for the s3 lsa server and places these in common. Andrew Bartlett
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett8-1827/+5
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-13lib/util: Add back control of mmap and hash size in tdb for top level buildAndrew Bartlett1-1/+1
This passes down a struct loadparm_context to allow these parameters to be checked. This may be s3 or s4 context, allowing the #if _SAMBA_BUILD_ macro to go away safely. Andrew Bartlett
2011-10-13libcli/auth: Provide a struct loadparm_context to schannel callsAndrew Bartlett4-13/+14
This will allow us to pass this down to the tdb_wrap layer. Andrew Bartlett
2011-09-14libcli/auth: add some const to SMBNTencrypt_hash() and SMBNTencrypt()Stefan Metzmacher2-4/+4
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Sep 14 19:49:24 CEST 2011 on sn-devel-104
2011-08-03ntlmssp: Add ntlmssp_blob_matches_magic()Andrew Bartlett2-0/+12
This avoids having the same check in 3 different parts of the code Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
2011-08-03gensec: Remove mem_ctx from calls that do not return memoryAndrew Bartlett2-2/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-06-20tdb_compat: use tdb_errorstr_compat()Rusty Russell1-1/+1
Since TDB2 functions return the error directly, tdb_errorstr() taken an error code, not the tdb as it does in TDB1. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20tdb_compat.h: divert every tdb build and includes to tdb_compatRusty Russell1-1/+1
We change all the headers and wscript files to use tdb_compat; this means we have one place to decide whether to use TDB1 or TDB2. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-06-20libcli/util Rename common map_nt_error_from_unix to avoid duplicate symbolAndrew Bartlett1-3/+3
The two error tables need to be combined, but for now seperate the names. (As the common parts of the tree now use the _common function, errmap_unix.c must be included in the s3 autoconf build). Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jun 20 08:12:03 CEST 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-08-26 18:08:45 +0000