summaryrefslogtreecommitdiffstats
path: root/source3/libsmb/smbencrypt.c
Commit message (Collapse)AuthorAgeFilesLines
* Throw out crappy (non-ascii unaware) mbtows stuff and use proper unicodeJeremy Allison2001-07-301-57/+6
| | | | | | push calls. If this breaks authentication then good, it needed fixing anyway :-). Jeremy. (This used to be commit e3580b4033c551e215cb246d4e36c4870cb4a582)
* Add backend encryption support for NTLMv2.Andrew Bartlett2001-07-071-1/+96
| | | | | | | | | | | | | The leg-work for this was done by the folks at samba-tng.org, I'm just bringing it accross to HEAD. The MD5 implementation is seperatly derived, and does not have the copyright problems that the one in TNG has. Also add const to a few places where it makes sence. Andrew Bartlett (This used to be commit 8df8e841445dfe09fc7a06bb55d12adc3fecb345)
* The big character set handling changeover!Andrew Tridgell2001-07-041-30/+11
| | | | | | | | This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
* Fixed W2K SP2 joining a Samba PDC hosted domain.Jeremy Allison2001-06-201-1/+1
| | | | | Jermey. (This used to be commit 05a2911403a0710d994a618e72743205a3b0b87a)
* Merged encode_pw_buffer() and nt_owf_genW() functions from TNG branch.Tim Potter2001-06-151-0/+49
| | | | (This used to be commit fb80cf2aa13883c6dac461f95bc1000c4881d724)
* merging from 2.2 to headAndrew Tridgell2001-04-221-17/+63
| | | | (This used to be commit bfcc6f88271025760732271f03933839b1cbe0de)
* last part of W2K support.Jean-François Micouleau2000-10-131-4/+5
| | | | | | | | | | | | | the trust domain list reply on netlogon pipe was wrong, interim hack until we have full trust relationships. changed some unistr2 to parse the ending NULL char. added a prs_align_needed() function. much like a prs_align but with a condition. needed for the unistr2 parsing. J.F. (This used to be commit d8bf81553c17d9ee3419d8150b96119ebb0b8fa9)
* changes to sync with 2.2. treeHerb Lewis2000-10-111-1/+1
| | | | | | | | | | | | | | | | | | .cvsignore remove config.h - not in this directory include/profile.h profile changes lib/messages.c added message to return debug level libsmb/clierror.c cast to get rid of compiler warning libsmb/smbencrypt.c cast to get rid of compiler warning profile/profile.c add flush profile stats changes for profile struct rpc_parse/parse_samr.c fix for compiler warning rpc_server/srv_samr.c cast to get rid of compiler warning smbd/ipc.c profile stats message.c profile stats smbd/negprot.c profile stats smbd/nttrans.c profile stats smbd/trans2.c profile stats utils/smbcontrol.c new flush stats command (This used to be commit bbb24daa25dca4e4b6b1f8942cd84ee3aa1bed8e)
* added samr_set_user_info and info_2.Jean-François Micouleau2000-10-071-0/+44
| | | | | | | | | | | | | | | cleanup of create_user cleanup of rid/sid mix in samr. now we only have sid. some prs_align() missing in parse_samr.c a small debug change in srv_pipe.c You still can't change a user's password in this commit. Will be availble in the next one. J.F. (This used to be commit b655bc281fa183b1827a946ada1fcf500fb93aea)
* first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1999-12-131-415/+66
| | | | (This used to be commit 453a822a76780063dff23526c35408866d0c0154)
* sys_select added one more argument (read, write selectors).Luke Leighton1999-12-011-52/+50
| | | | (This used to be commit e4d92ff9dfc51735e6932748f66a7c20b2c1cb6a)
* previous commit added an abstraction function that didn't even haveLuke Leighton1999-11-251-6/+3
| | | | | | struct cli_state, uint16 fnum into the code: rpc_hnd_api_req(). modified cli_lsarpc.c to use this. the rest is const issues. (This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588)
* implement server-side generation of NTLMv2 session key. YESSS :-)Luke Leighton1999-11-211-0/+28
| | | | (This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)
* you know what? this sort of thing makes me laugh. hmm, what functionsLuke Leighton1999-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | have we got. and what data do we have. hmm.. i wonder what the NTLMv2 user session key can be... hmmm... weell.... there's some hidden data here, generated from the user password that doesn't go over-the-wire, so that's _got_ to be involved. and... that bit of data took a lot of computation to produce, so it's probably _also_ involved... and md4 no, md5? no, how about hmac_md5 yes let's try that one (the other's didn't work) oh goodie, it worked! i love it when this sort of thing happens. took all of fifteen minutes to guess it. tried concatenating client and server challenges. tried concatenating _random_ bits of client and server challenges. tried md5 of the above. tried hmac_md5 of the above. eventually, it boils down to this: kr = MD4(NT#,username,domainname) hmacntchal=hmac_md5(kr, nt server challenge) sess_key = hmac_md5(kr, hmacntchal); (This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
* The First Necessary UNICODE String Support.Luke Leighton1999-11-191-19/+67
| | | | | | | | | | the random workstation trust account password is TOTAL garbage. i mean, complete garbage. it's nowhere CLOSE to being a UNICODE string. therefore we can't just take every second character. created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)). followed through to the password setting in srv_samr.c (This used to be commit 172601b84ae94044b27ded917d4e0e21e47a5a66)
* samuserset <username> -p password. YESSSSS :)Luke Leighton1999-11-041-0/+11
| | | | | you have to use "ntlmv1" at the moment (i.e set client ntlmv2 = no). (This used to be commit f52504c553becc64b89d546a57b1bd9cf1bc5b5c)
* adding experimental set user password command to rpcclient, it returnsLuke Leighton1999-11-041-0/+66
| | | | | error wrong password against nt. ???? (This used to be commit b3f16e6b5aa5ba1b6afa38ad698646c8e765ec90)
* adding CAP_EXTENDED_SECURITY support in a hurry last week. forgot toLuke Leighton1999-10-141-0/+29
| | | | | deal with linking issues in other binaries (This used to be commit 57f95a01988fb4035b2e4448f4fd3ef0d652c106)
* removed old code/comments.Luke Leighton1999-06-291-66/+0
| | | | (This used to be commit bc8c46bc088298d6247830b673790032e59d7f6a)
* smbclient modified to use cli_establish_connection(). smbclient thereforeLuke Leighton1999-06-291-5/+11
| | | | | | | now uses improved authentication. smbclient now "broken" for "scripts" based on DEBUG() output. cli_establish_connection() requires modification to support old scripts. (This used to be commit b0539d43407cb2b0bab7977908de09b21b145218)
* improving authentication code (tidyup).Luke Leighton1999-06-291-42/+229
| | | | (This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
* fixed issues with "Welcome to SAMBA Domain" for when admin user/pass isLuke Leighton1999-03-251-1/+1
| | | | | | used to add workstation to domain. unix account db not modified: only SAM password db is used. (This used to be commit 129a9a4d4b74897ed753a697a3aed9b194c25568)
* NULL pointer handling in nt_lm_owf_genLuke Leighton1999-03-241-1/+4
| | | | (This used to be commit 68841eeb64df5958a90a6471fd17e6e56fba7c67)
* return type of nt_decrypt_string2 set to BOOL.Luke Leighton1999-03-191-4/+3
| | | | (This used to be commit 674e4a3a73cd601c647a5069e2af943a6321ac06)
* Implemented encryption algorithm used for a number of RPC buffers.Matthew Chapman1999-03-191-0/+45
| | | | | | | | (actually, decryption only currently because I need to get some sleep). Basically another Microsoft twist on DES; the "master key" is the user's NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys. (This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619)
* UNICODE cleanup (see lib/util_unistr.c).Matthew Chapman1999-02-121-1/+1
| | | | | | | No more ugly static library buffers and all functions take a destination string length (especially unistrcpy was rather dangerous; we were only saved by the fact that datagrams are limited in size). (This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
* the UNICODE issue...Luke Leighton1999-02-111-1/+1
| | | | (This used to be commit 73db80f34183324845407b00f58462ff2d7b47ea)
* UNICODE byte ordering issue: typecast to uint16* replaced with SSVAL()Luke Leighton1999-02-081-1/+1
| | | | (This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
* largely rewrote smbpasswd so that the code is understandable. ThisAndrew Tridgell1998-11-121-1/+1
| | | | | | | | | | | | | | should allow us to call a function in swat rather than piping to smbpasswd. while doing this I also fixed quite a few "const char *" versus "char *" issues that cropped up while using const to track down bugs in the code. This led to changes in several generic functions. The smbpasswd changes should be correct but they have not been extensively tested. At least if I have introduced bugs then we should be able to fix them more easily than before. (This used to be commit 713864dd0322ae2ae2d83e333d85be35a7eed4ec)
* - dce/rpc codeLuke Leighton1998-10-191-1/+1
| | | | | | | | | | | | | | | | | | | | - removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
* warnings spotted by ./configure.developer optionsLuke Leighton1998-10-141-0/+2
| | | | (This used to be commit 29434bf195b438f4ab41a10ac5ce03f9c2d2ac2f)
* dce/rpcLuke Leighton1998-10-101-4/+14
| | | | (This used to be commit dfb48aab6153e53a5efd1f8ee518375cc584b101)
* dce/rpcLuke Leighton1998-10-091-0/+23
| | | | (This used to be commit 8a7ac4a25d177235a98c0f84f97ee50432fb6359)
* dce/rpcLuke Leighton1998-10-091-0/+6
| | | | (This used to be commit 32d0f5e4a564686ad6b270dd24423ee49a81f223)
* dce/rpcLuke Leighton1998-10-071-0/+12
| | | | (This used to be commit 6677b888bdb45df00646eb7cc13005b9465ff971)
* - static function "create_new_hashes" was identical to "nt_lm_owf_gen".Luke Leighton1998-10-021-10/+36
| | | | | | | | | | | create_new_hashes didn't zero the buffer for the md4hash: nt_lm_owf_gen did, because jeremy sorted this out a couple of days ago. call nt_lm_owf_gen instead. - call SMBOWFencrypt from SMBencrypt and SMBNTencrypt. - added #ifdef DEBUG_PASSWORD debug password calls. (This used to be commit a4e7cc3e46b713aa0ae55de74a1c70921bef578d)
* Fixed *nasty* bug in nt_lm_owf_gen() - this function wasJeremy Allison1998-10-011-1/+3
| | | | | | | not ensuring a zero filled buffer before doing crypto stuff. See PR#10121. Beware of this ! Jeremy. (This used to be commit c42fb702b70f18dfe3b97ce7ea24c4ce4b3f890f)
* Got very strict about the differences and uses ofJeremy Allison1998-09-291-1/+1
| | | | | | | | uid_t, gid_t and vuid. Added sys_getgroups() to get around the int * return problem. Set correct datatypes for all uid, gid and vuid variables. Jeremy. (This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
* uchar / char typecast issuesLuke Leighton1998-09-291-1/+1
| | | | (This used to be commit 1a1d8d0483fc05765e6dcc2da00405e0ec7421a2)
* added rpcclient programLuke Leighton1998-09-251-0/+35
| | | | (This used to be commit aa38f39d67fade4dfd7badb7a9b39c833a1dd1ca)
* tridge the destroyer returns!Andrew Tridgell1998-09-051-23/+0
| | | | | | | | | | | | | | | | | | | | | | | prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
* This is *not* a big change (although it looks like one).Jeremy Allison1998-01-221-1/+1
| | | | | | | | This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
* Rolled back tree state to 11:59pm 8th November 1997 EST toJeremy Allison1997-11-101-16/+6
| | | | | | remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
* attempting to mark up 32 bit error codes, needed for NT domains.Luke Leighton1997-11-091-6/+16
| | | | | | | | | | | | | separated out smb server-mode password validation into a separate file. added called and calling netbios names to client gen state: referenced section in rfc1002.txt. created workstation trust account checking code in ntclient.c there might be a bug in reply_session_setup_andX. i indented and added { } around single-line if statements: the lm password checking code now doesn't look right (around the GUEST_SESSSETUP bits). *no code semantics have been changed by the indentation process*. (This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
* fix some casting errors in smbencrypt and some multiply-defined errorsAndrew Tridgell1997-10-261-5/+5
| | | | | | | in clientutil.c (Luke, you can't just copy a global variable declaration from one file to another, you need to declare one of them extern) (This used to be commit 944ecbcbd47afcc20e2e408a06d57c7b8d0d86a8)
* Makefile :Luke Leighton1997-10-251-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
* - change generate_challenge() to use md4 instead of desAndrew Tridgell1997-09-161-23/+0
| | | | | | | | | | | | | | | | | | | | | | | | - move routines about a bit between smbencrypt.c and smbdes.c. Ensure that there is no entry point for normal DES operation - add the following comment: This code is NOT a complete DES implementation. It implements only the minimum necessary for SMB authentication, as used by all SMB products (including every copy of Microsoft Windows95 ever sold) In particular, it can only do a unchained forward DES pass. This means it is not possible to use this code for encryption/decryption of data, instead it is only useful as a "hash" algorithm. There is no entry point into this code that allows normal DES operation. I believe this means that this code does not come under ITAR regulations but this is NOT a legal opinion. If you are concerned about the applicability of ITAR regulations to this code then you should confirm it for yourself (and maybe let me know if you come up with a different answer to the one above) (This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7)
* rewrote md4.c from scratch. This implementation should be portable andAndrew Tridgell1997-09-151-14/+5
| | | | | doesn't have any worries about RSA copyright. (This used to be commit a1569971663f01c245c145b18290d9dba965dc36)
* This commit does 3 main things:Andrew Tridgell1997-09-141-63/+10
| | | | | | | | | | | | | | | | | | | | | | | | 1) put the encryption code in by default, with no #ifdef. It is still disabled by default so you need to add "encrypt passwords = yes" in smb.conf but at least all binaries will have it. 2) cleanup the kanji code so it compiles with no warnings 3) get rid of lots of uses of ugly non-portable C code. The main offender being things like "register" but also remove uses of the "const" keyword as there are compilers out there that don't support it and even those that do often complain about its usage. Users don't like warnings :-( There is still some work to do. We need to replace the md4 code with our own implementation. The current code (from rfc1186) is PD but is not very portable. The new RFC (rfc1320) is more portable but adds copyright restrictions. I'll do a from-scratch MD4 soon. We also need to test that what I've implemented is portable. It should be, but I'm too tired right now to test it on anything other than intel linux. (This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07)
* 'The mother of all checkins' :-). Jeremy Allison (jallison@whistle.com)Samba Release Account1997-05-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Wed May 7 1997: Update for 1.9.17alpha1 release - 'browsefix release' designed to make browsing across subnets work. byteorder.h: Updated copyright to 1997. charcnv.c: Updated copyright to 1997. charset.c Updated copyright to 1997. charset.h Updated copyright to 1997. client.c Updated copyright to 1997. clientutil.c Updated copyright to 1997. dir.c Updated copyright to 1997. fault.c Updated copyright to 1997. includes.h Updated copyright to 1997. interface.c Updated copyright to 1997. ipc.c Updated copyright to 1997. kanji.c Updated copyright to 1997. kanji.h Updated copyright to 1997. loadparm.c Updated copyright to 1997. locking.c Updated copyright to 1997. mangle.c Updated copyright to 1997. message.c Updated copyright to 1997. nameannounce.c Made use of WINS subnet explicit. Added reset_announce_timer() so announcement can be made immediately when we become a master. Expanded code to do sync with dmb. namebrowse.c Removed redundent checks for AM_MASTER in sync code. Made use of WINS subnet explicit. namedbname.c Made use of WINS subnet explicit. namedbresp.c Made use of WINS subnet explicit. namedbserver.c Made use of WINS subnet explicit. namedbsubnet.c Explicitly add workgroup to WINS subnet when we become a dmb. Made use of WINS subnet explicit. namedbwork.c Made use of WINS subnet explicit. Removed redundent check_work_servertype() function. nameelect.c Explicitly add workgroup to WINS subnet when we become a master browser. Made use of WINS subnet explicit. namelogon.c Updated copyright to 1997. namepacket.c Updated copyright to 1997. namequery.c Updated copyright to 1997. nameresp.c Made use of WINS subnet explicit. Made nmbd fail if configured as master browser and one exists already. nameserv.c Made use of WINS subnet explicit. Remove redundent logon server and domain master code. nameserv.h Add emumerate subnet macros. nameservreply.c Made use of WINS subnet explicit. nameservresp.c Updated copyright to 1997. namework.c Made use of WINS subnet explicit. Updated code to add sync browser entries to add subnet parameter. nmbd.c Added sanity check for misconfigured nmbd. nmblib.c Updated copyright to 1997. nmblookup.c Updated copyright to 1997. nmbsync.c Removed redundent AM_ANY_MASTER check. params.c Updated copyright to 1997. password.c Updated copyright to 1997. pipes.c Updated copyright to 1997. predict.c Updated copyright to 1997. printing.c Updated copyright to 1997. proto.h Changed protos for new nmbd code. quotas.c Updated copyright to 1997. replace.c Updated copyright to 1997. reply.c Updated copyright to 1997. server.c Updated copyright to 1997. shmem.c Updated copyright to 1997. smb.h Updated copyright to 1997. smbencrypt.c Updated copyright to 1997. smbpasswd.c Updated copyright to 1997. smbrun.c Updated copyright to 1997. status.c Updated copyright to 1997. system.c Updated copyright to 1997. testparm.c Updated copyright to 1997. testprns.c Updated copyright to 1997. time.c Updated copyright to 1997. trans2.c Updated copyright to 1997. trans2.h Updated copyright to 1997. uid.c Updated copyright to 1997. username.c Updated copyright to 1997. util.c Updated copyright to 1997. version.h Changed to 1.9.17alpha1. (This used to be commit cf23a155a1315f50d488794a2caf88402bf3e3e6)