samba.git/auth, branch talloc-2.3.4 Unnamed repository; edit this file 'description' to name the repository. auth: Covscan: unchecked return value for cli_credentials_set_smb_encryption() 2022-05-14T03:49:32+00:00 Pavel Filipenský pfilipen@redhat.com 2022-05-11T10:11:21+00:00 3960af99e58f3f107f874489b3ab1294eb285cd6 Signed-off-by: Pavel Filipenský <pfilipen@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
auth: Fix trailing whitespace in pycredentials.c 2022-05-14T03:49:32+00:00 Pavel Filipenský pfilipen@redhat.com 2022-05-11T10:10:36+00:00 ccda9c162c841a86e88999dc366a6c862b1cb4ac Signed-off-by: Pavel Filipenský <pfilipen@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
auth/credentials: Add encrypt_samr_password() 2022-03-18T11:55:30+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2022-02-23T07:57:44+00:00 eba1a9d964b8f91b687809efdec0ee58602839bc This method encrypts a samr_Password structure with the current session key, which allows for interactive SamLogon from Python. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
This method encrypts a samr_Password structure with the current session
key, which allows for interactive SamLogon from Python.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
auth: Add required headers to auth_sam_reply.h 2022-03-17T00:41:33+00:00 Andreas Schneider asn@samba.org 2022-03-07T09:25:38+00:00 1f24724b24e04ee4ac1bdf44f83a4f4e19497856 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
auth: let auth logging prefer user_info->orig_client.{account,domain}_name if available 2022-03-10T03:16:35+00:00 Stefan Metzmacher metze@samba.org 2022-03-03T10:10:00+00:00 24b580cae23860a0fe6c9d3a285d60564057043d The optional user_info->orig_client.{account,domain}_name are the once really used by the client and should be used in audit logging. But we still fallback to user_info->client.{account,domain}_name. This will be important for the next commit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
The optional user_info->orig_client.{account,domain}_name are
the once really used by the client and should be used in
audit logging. But we still fallback to
user_info->client.{account,domain}_name.

This will be important for the next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s4:auth: rename user_info->mapped_state to user_info->cracknames_called 2022-03-10T03:16:35+00:00 Stefan Metzmacher metze@samba.org 2022-03-03T10:10:00+00:00 427125d182252d8aee3dd906ee34a909cdbb8ef3 This makes it much clearer what it is used for and it is a special hack for authenticate_ldap_simple_bind_send() in order to avoid some additional work in authsam_check_password_internals(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
This makes it much clearer what it is used for and
it is a special hack for authenticate_ldap_simple_bind_send()
in order to avoid some additional work in
authsam_check_password_internals().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth/ntlmssp: don't set mapped_state explicitly in auth_usersupplied_info 2022-03-10T03:16:35+00:00 Stefan Metzmacher metze@samba.org 2022-03-03T22:15:31+00:00 9a4ac8ab2e2c8ee48f6bf5a6ecf7988c435ba1c6 We already use talloc_zero() and mapped_state will be removed in the next commits. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
We already use talloc_zero() and mapped_state will be removed in the
next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth: Cope with NULL upn_name in PAC 2022-03-01T17:11:35+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2022-02-22T01:15:43+00:00 ef95fb439237910b945b8d6a3ad4a140a8d6d1ea BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14995

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
auth/ntlmssp: make sure we return INVALID_PARAMETER for NTLMv2_RESPONSE parsing errors 2022-01-04T20:57:41+00:00 Stefan Metzmacher metze@samba.org 2021-12-17T22:32:28+00:00 dd9886100514941aa16af8566faf41501b601a44 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jan 4 20:57:41 UTC 2022 on sn-devel-184 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan  4 20:57:41 UTC 2022 on sn-devel-184
auth/credentials: cli_credentials_set_ntlm_response() pass session_keys 2022-01-04T20:07:28+00:00 Stefan Metzmacher metze@samba.org 2021-12-18T09:40:36+00:00 0ef1254f4428ab83ab6c8ca5e3415a1a9e069c92 Otherwise cli_credentials_get_ntlm_response() will return session keys with a 0 length, which leads to errors in the NTLMSSP code. This wasn't noticed as cli_credentials_set_ntlm_response() has no callers yet, but that will change in the next commits. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Otherwise cli_credentials_get_ntlm_response() will return session keys
with a 0 length, which leads to errors in the NTLMSSP code.

This wasn't noticed as cli_credentials_set_ntlm_response() has no
callers yet, but that will change in the next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>