summaryrefslogtreecommitdiffstats
path: root/libcli/auth/credentials.c
Commit message (Collapse)AuthorAgeFilesLines
* libcli/auth: s/encrypt/do_encryptStefan Metzmacher2014-04-021-6/+6
| | | | | | | This avoids compiler warnings. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: try to use the current timestamp creds->sequenceStefan Metzmacher2013-12-241-0/+22
| | | | | | | | | | | | | | | If the last usage of netlogon_creds_client_authenticator() is in the past try to use the current timestamp and increment more than just 2. If we use netlogon_creds_client_authenticator() a lot within a second, we increment keep incrementing by 2. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Dec 24 13:18:18 CET 2013 on sn-devel-104
* libcli/auth: remove bogus comment regarding replay attacksStefan Metzmacher2013-12-241-2/+0
| | | | | | | | | creds->sequence (timestamp) is the value that is used to increment the internal state, it's not a real sequence number. The sequence comes from adding all timestamps of the whole session. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: set the return_authenticator->timestamp = 0Stefan Metzmacher2013-12-241-1/+1
| | | | | | | This is what windows returns, the value is ignored by the client anyway. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: add netlogon_creds_shallow_copy_logon()Stefan Metzmacher2013-08-051-0/+73
| | | | | | | | This can be used before netlogon_creds_encrypt_samlogon_logon() in order to keep the provided buffers unchanged. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: add netlogon_creds_[de|en]crypt_samlogon_logon()Stefan Metzmacher2013-08-051-0/+118
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: fix shadowed declaration in ↵Stefan Metzmacher2013-08-051-4/+4
| | | | | | | netlogon_creds_crypt_samlogon_validation() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: make netlogon_creds_crypt_samlogon_validation more robustStefan Metzmacher2013-08-051-1/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: also set secure channel type in netlogon_creds_client_init().Günther Deschner2013-08-051-0/+2
| | | | | | Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* build: Build with system md5.h on OpenIndianaAndrew Bartlett2013-06-191-1/+1
| | | | | | | | | | | | | | | | | | | | This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
* libcli/auth: fix void function cannot return value errorAndrew Bartlett2013-01-221-2/+2
| | | | | | | Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 22 22:32:31 CET 2013 on sn-devel-104
* libcli/auth: add netlogon_creds_encrypt_samlogon_validation().Günther Deschner2012-12-151-6/+41
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: rename netlogon_creds_decrypt_samlogon() to ↵Günther Deschner2012-12-151-3/+6
| | | | | | | | | netlogon_creds_decrypt_samlogon_validation(). Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().Günther Deschner2012-12-091-0/+14
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: remove trailing whitespace.Günther Deschner2012-12-091-38/+38
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: add netlogon_creds_aes_{en|de}crypt routines.Günther Deschner2012-12-091-0/+28
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* libcli/auth: add support for AES/HMAC-SHA256 schannel session key supportStefan Metzmacher2012-07-171-3/+63
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* s3-dcerpc: avoid talloc_move on schannel creds in ↵Günther Deschner2010-08-241-1/+45
| | | | | | | | | | | | | | | | cli_rpc_pipe_open_schannel_with_key(). Initially, the schannel creds were talloc memduped, then, during the netlogon creds client merge (baf7274fed2f1ae7a9e3a57160bf5471566e636c) they were first talloc_referenced and then later (53765c81f726a8c056cc4e57004592dd489975c9) talloc_moved. The issue with using talloc_move here is that users of that function in winbind will only be able to have two schanneled connections, as the cached schannel credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy of the struct instead. Guenther
* libcli/auth: initialize creds in netlogon_creds_client_init_session_key()Stefan Metzmacher2009-10-241-2/+3
| | | | metze
* libcli/auth: add netlogon_creds_step_crypt() and netlogon_creds_first_step()Stefan Metzmacher2009-08-271-10/+21
| | | | | | | | | This abstracts the usage of crypto functions instead of directly calling des_crypt112(). metze Signed-off-by: Günther Deschner <gd@samba.org>
* libcli/auth: remove some useless linesStefan Metzmacher2009-08-271-3/+0
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* libcli/auth: remember schannel type in netlogon_creds_server_init()Stefan Metzmacher2009-08-271-0/+1
| | | | | | metze Signed-off-by: Günther Deschner <gd@samba.org>
* Rework netlogon credentials for the top levelAndrew Bartlett2009-04-141-57/+129
| | | | | | | | | | | This makes constructor functions that return the allocated structure, rather than having the caller pass them in, and makes the server init function also check the first credential. The rename of creds_ to netlogon_creds should make it more clear what this code works with. Andrew Bartlett
* libcli/auth Don't compile against un-needed Samba4 headersAndrew Bartlett2009-04-141-1/+0
|
* Move libcli/auth to the top levelAndrew Bartlett2009-04-141-0/+375
generated by cgit (git 2.34.1) at 2026-01-09 11:58:22 +0000