summaryrefslogtreecommitdiff
path: root/source3/libsmb/smbencrypt.c
AgeCommit message (Collapse)AuthorFilesLines
1999-03-25fixed issues with "Welcome to SAMBA Domain" for when admin user/pass isLuke Leighton1-1/+1
used to add workstation to domain. unix account db not modified: only SAM password db is used. (This used to be commit 129a9a4d4b74897ed753a697a3aed9b194c25568)
1999-03-24NULL pointer handling in nt_lm_owf_genLuke Leighton1-1/+4
(This used to be commit 68841eeb64df5958a90a6471fd17e6e56fba7c67)
1999-03-19return type of nt_decrypt_string2 set to BOOL.Luke Leighton1-4/+3
(This used to be commit 674e4a3a73cd601c647a5069e2af943a6321ac06)
1999-03-19Implemented encryption algorithm used for a number of RPC buffers.Matthew Chapman1-0/+45
(actually, decryption only currently because I need to get some sleep). Basically another Microsoft twist on DES; the "master key" is the user's NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys. (This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619)
1999-02-12UNICODE cleanup (see lib/util_unistr.c).Matthew Chapman1-1/+1
No more ugly static library buffers and all functions take a destination string length (especially unistrcpy was rather dangerous; we were only saved by the fact that datagrams are limited in size). (This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
1999-02-11the UNICODE issue...Luke Leighton1-1/+1
(This used to be commit 73db80f34183324845407b00f58462ff2d7b47ea)
1999-02-08UNICODE byte ordering issue: typecast to uint16* replaced with SSVAL()Luke Leighton1-1/+1
(This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
1998-11-12largely rewrote smbpasswd so that the code is understandable. ThisAndrew Tridgell1-1/+1
should allow us to call a function in swat rather than piping to smbpasswd. while doing this I also fixed quite a few "const char *" versus "char *" issues that cropped up while using const to track down bugs in the code. This led to changes in several generic functions. The smbpasswd changes should be correct but they have not been extensively tested. At least if I have introduced bugs then we should be able to fix them more easily than before. (This used to be commit 713864dd0322ae2ae2d83e333d85be35a7eed4ec)
1998-10-19- dce/rpc codeLuke Leighton1-1/+1
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-14warnings spotted by ./configure.developer optionsLuke Leighton1-0/+2
(This used to be commit 29434bf195b438f4ab41a10ac5ce03f9c2d2ac2f)
1998-10-10dce/rpcLuke Leighton1-4/+14
(This used to be commit dfb48aab6153e53a5efd1f8ee518375cc584b101)
1998-10-09dce/rpcLuke Leighton1-0/+23
(This used to be commit 8a7ac4a25d177235a98c0f84f97ee50432fb6359)
1998-10-09dce/rpcLuke Leighton1-0/+6
(This used to be commit 32d0f5e4a564686ad6b270dd24423ee49a81f223)
1998-10-07dce/rpcLuke Leighton1-0/+12
(This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971)
1998-10-02- static function "create_new_hashes" was identical to "nt_lm_owf_gen".Luke Leighton1-10/+36
create_new_hashes didn't zero the buffer for the md4hash: nt_lm_owf_gen did, because jeremy sorted this out a couple of days ago. call nt_lm_owf_gen instead. - call SMBOWFencrypt from SMBencrypt and SMBNTencrypt. - added #ifdef DEBUG_PASSWORD debug password calls. (This used to be commit a4e7cc3e46b713aa0ae55de74a1c70921bef578d)
1998-10-01Fixed *nasty* bug in nt_lm_owf_gen() - this function wasJeremy Allison1-1/+3
not ensuring a zero filled buffer before doing crypto stuff. See PR#10121. Beware of this ! Jeremy. (This used to be commit c42fb702b70f18dfe3b97ce7ea24c4ce4b3f890f)
1998-09-29Got very strict about the differences and uses ofJeremy Allison1-1/+1
uid_t, gid_t and vuid. Added sys_getgroups() to get around the int * return problem. Set correct datatypes for all uid, gid and vuid variables. Jeremy. (This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
1998-09-29uchar / char typecast issuesLuke Leighton1-1/+1
(This used to be commit 1a1d8d0483fc05765e6dcc2da00405e0ec7421a2)
1998-09-25added rpcclient programLuke Leighton1-0/+35
(This used to be commit aa38f39d67fade4dfd7badb7a9b39c833a1dd1ca)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-23/+0
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-01-22This is *not* a big change (although it looks like one).Jeremy Allison1-1/+1
This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1997-11-10Rolled back tree state to 11:59pm 8th November 1997 EST toJeremy Allison1-16/+6
remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-09attempting to mark up 32 bit error codes, needed for NT domains.Luke Leighton1-6/+16
separated out smb server-mode password validation into a separate file. added called and calling netbios names to client gen state: referenced section in rfc1002.txt. created workstation trust account checking code in ntclient.c there might be a bug in reply_session_setup_andX. i indented and added { } around single-line if statements: the lm password checking code now doesn't look right (around the GUEST_SESSSETUP bits). *no code semantics have been changed by the indentation process*. (This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
1997-10-26fix some casting errors in smbencrypt and some multiply-defined errorsAndrew Tridgell1-5/+5
in clientutil.c (Luke, you can't just copy a global variable declaration from one file to another, you need to declare one of them extern) (This used to be commit 944ecbcbd47afcc20e2e408a06d57c7b8d0d86a8)
1997-10-25Makefile :Luke Leighton1-0/+24
adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-09-16- change generate_challenge() to use md4 instead of desAndrew Tridgell1-23/+0
- move routines about a bit between smbencrypt.c and smbdes.c. Ensure that there is no entry point for normal DES operation - add the following comment: This code is NOT a complete DES implementation. It implements only the minimum necessary for SMB authentication, as used by all SMB products (including every copy of Microsoft Windows95 ever sold) In particular, it can only do a unchained forward DES pass. This means it is not possible to use this code for encryption/decryption of data, instead it is only useful as a "hash" algorithm. There is no entry point into this code that allows normal DES operation. I believe this means that this code does not come under ITAR regulations but this is NOT a legal opinion. If you are concerned about the applicability of ITAR regulations to this code then you should confirm it for yourself (and maybe let me know if you come up with a different answer to the one above) (This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7)
1997-09-15rewrote md4.c from scratch. This implementation should be portable andAndrew Tridgell1-14/+5
doesn't have any worries about RSA copyright. (This used to be commit a1569971663f01c245c145b18290d9dba965dc36)
1997-09-14This commit does 3 main things:Andrew Tridgell1-63/+10
1) put the encryption code in by default, with no #ifdef. It is still disabled by default so you need to add "encrypt passwords = yes" in smb.conf but at least all binaries will have it. 2) cleanup the kanji code so it compiles with no warnings 3) get rid of lots of uses of ugly non-portable C code. The main offender being things like "register" but also remove uses of the "const" keyword as there are compilers out there that don't support it and even those that do often complain about its usage. Users don't like warnings :-( There is still some work to do. We need to replace the md4 code with our own implementation. The current code (from rfc1186) is PD but is not very portable. The new RFC (rfc1320) is more portable but adds copyright restrictions. I'll do a from-scratch MD4 soon. We also need to test that what I've implemented is portable. It should be, but I'm too tired right now to test it on anything other than intel linux. (This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07)
1997-05-08'The mother of all checkins' :-). Jeremy Allison (jallison@whistle.com)Samba Release Account1-1/+1
Wed May 7 1997: Update for 1.9.17alpha1 release - 'browsefix release' designed to make browsing across subnets work. byteorder.h: Updated copyright to 1997. charcnv.c: Updated copyright to 1997. charset.c Updated copyright to 1997. charset.h Updated copyright to 1997. client.c Updated copyright to 1997. clientutil.c Updated copyright to 1997. dir.c Updated copyright to 1997. fault.c Updated copyright to 1997. includes.h Updated copyright to 1997. interface.c Updated copyright to 1997. ipc.c Updated copyright to 1997. kanji.c Updated copyright to 1997. kanji.h Updated copyright to 1997. loadparm.c Updated copyright to 1997. locking.c Updated copyright to 1997. mangle.c Updated copyright to 1997. message.c Updated copyright to 1997. nameannounce.c Made use of WINS subnet explicit. Added reset_announce_timer() so announcement can be made immediately when we become a master. Expanded code to do sync with dmb. namebrowse.c Removed redundent checks for AM_MASTER in sync code. Made use of WINS subnet explicit. namedbname.c Made use of WINS subnet explicit. namedbresp.c Made use of WINS subnet explicit. namedbserver.c Made use of WINS subnet explicit. namedbsubnet.c Explicitly add workgroup to WINS subnet when we become a dmb. Made use of WINS subnet explicit. namedbwork.c Made use of WINS subnet explicit. Removed redundent check_work_servertype() function. nameelect.c Explicitly add workgroup to WINS subnet when we become a master browser. Made use of WINS subnet explicit. namelogon.c Updated copyright to 1997. namepacket.c Updated copyright to 1997. namequery.c Updated copyright to 1997. nameresp.c Made use of WINS subnet explicit. Made nmbd fail if configured as master browser and one exists already. nameserv.c Made use of WINS subnet explicit. Remove redundent logon server and domain master code. nameserv.h Add emumerate subnet macros. nameservreply.c Made use of WINS subnet explicit. nameservresp.c Updated copyright to 1997. namework.c Made use of WINS subnet explicit. Updated code to add sync browser entries to add subnet parameter. nmbd.c Added sanity check for misconfigured nmbd. nmblib.c Updated copyright to 1997. nmblookup.c Updated copyright to 1997. nmbsync.c Removed redundent AM_ANY_MASTER check. params.c Updated copyright to 1997. password.c Updated copyright to 1997. pipes.c Updated copyright to 1997. predict.c Updated copyright to 1997. printing.c Updated copyright to 1997. proto.h Changed protos for new nmbd code. quotas.c Updated copyright to 1997. replace.c Updated copyright to 1997. reply.c Updated copyright to 1997. server.c Updated copyright to 1997. shmem.c Updated copyright to 1997. smb.h Updated copyright to 1997. smbencrypt.c Updated copyright to 1997. smbpasswd.c Updated copyright to 1997. smbrun.c Updated copyright to 1997. status.c Updated copyright to 1997. system.c Updated copyright to 1997. testparm.c Updated copyright to 1997. testprns.c Updated copyright to 1997. time.c Updated copyright to 1997. trans2.c Updated copyright to 1997. trans2.h Updated copyright to 1997. uid.c Updated copyright to 1997. username.c Updated copyright to 1997. util.c Updated copyright to 1997. version.h Changed to 1.9.17alpha1. (This used to be commit cf23a155a1315f50d488794a2caf88402bf3e3e6)
1996-12-10Fixed for FreeBsd.Samba Release Account1-0/+8
jra@cygnus.com (This used to be commit 979acbc1096dda3f36f95eaed88de94931cfb164)
1996-10-24- added support for TMPDIR env variableAndrew Tridgell1-4/+4
- fixed fault.c for linux 2.1 - put back in the FIND_SELF failing code - cleaned up casts in encryption (This used to be commit 3af04f1580b2569c0a4f2549bf6352c7a25afa0d)
1996-06-10got rid of a lot of redundent header files as we now globally generateAndrew Tridgell1-1/+0
prototypes automatically using "make proto". This is much less prone to error than the old method of manually adding prototypes (This used to be commit b551dc98f7cc194a5fc2e67a4ebae7fd67a01bbc)
1996-06-04a huge pile of changes :-)Andrew Tridgell1-14/+1
The biggest thing is the integration of Lukes new nmbd. Its still largely untested, so we will really need some feedback I've also added auto prototype generation and cleaned up a lot of minor things as a result (This used to be commit 0d8dcfa13c527ec2c8aca39ba49c09e4e694b26c)
1996-05-29cleanups to make thinsg compile cleanlyAndrew Tridgell1-1/+1
(This used to be commit 39fbeb04ae938594c380d97ebe67c012fa0dd51a)
1996-05-04Initial version imported to CVS Samba Release Account1-0/+202
(This used to be commit 291551d80711daab7b7581720bcd9a08d6096517)