samba.git/libcli/auth/credentials.c, branch talloc-2.4.4 Unnamed repository; edit this file 'description' to name the repository. libcli/auth: add infrastructure for netr_ServerAuthenticateKerberos() 2024-12-12T13:59:29+00:00 Stefan Metzmacher metze@samba.org 2024-10-29T17:02:19+00:00 c7a0efb29e1cd2e8655a1fe0c89fe7ac79b52f2c This shows that STRONG_KEY without ARCFOUR means no encryption for ServerPasswordSet2. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
This shows that STRONG_KEY without ARCFOUR means no encryption
for ServerPasswordSet2.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 libcli/auth: add let netlogon_creds_alloc() use _talloc_keep_secret() 2024-12-12T13:59:29+00:00 Stefan Metzmacher metze@samba.org 2024-12-11T09:14:44+00:00 36b5a75123742b69be190618b549e06374852b58 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 libcli/auth: let netlogon_creds_crypt_samlogon_validation handle generic info 2024-12-05T16:46:37+00:00 Stefan Metzmacher metze@samba.org 2024-11-18T18:50:22+00:00 a4105f94f930bd46f80ffec218bb2a57548b2b11 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
schannel.idl: change netlogon_creds_CredentialState layout for 4.22 2024-12-05T16:46:37+00:00 Stefan Metzmacher metze@samba.org 2024-11-15T15:24:25+00:00 a2b6a68b80fbe26bc8ab9bfd38aff1be340ba68a This breaks compat with 4.21 and moves stuff out of netlogon_creds_CredentialState_extra_info. It also prepares support for netr_ServerAuthenticateKerberos() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
This breaks compat with 4.21 and moves stuff out of
netlogon_creds_CredentialState_extra_info.

It also prepares support for netr_ServerAuthenticateKerberos()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
netlogon.idl: add NetlogonTicketLogonInformation/NetlogonValidationTicketLogon 2024-12-05T16:46:37+00:00 Stefan Metzmacher metze@samba.org 2024-11-21T13:16:12+00:00 544838ac5b6ba802760307d8afef314afb619d49 I have basic tests, which have shown that the payload is not encrypted at application level. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
I have basic tests, which have shown that the payload is not
encrypted at application level.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
libcli/auth: let netlogon_creds_copy() make use of ndr_deepcopy_struct() 2024-11-28T13:53:25+00:00 Stefan Metzmacher metze@samba.org 2023-07-19T19:04:53+00:00 bb92c70f0ee126981a4ffeea28bf7059ab0b08d0 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Nov 28 13:53:25 UTC 2024 on atb-devel-224 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 28 13:53:25 UTC 2024 on atb-devel-224
libcli/auth: let netlogon_creds_copy() copy all scalar elements 2024-10-30T23:08:36+00:00 Stefan Metzmacher metze@samba.org 2023-07-19T19:02:23+00:00 8edbdd65ef78e3f26357d0254b58db3120a32880 This version is good for now, as we want it to be backportable. For master we'll add a ndr_deepcopy_struct() helper in order to avoid future problems. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
This version is good for now, as we want it to be backportable.
For master we'll add a ndr_deepcopy_struct() helper in order
to avoid future problems.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
libcli/auth: split out netlogon_creds_client_verify() that takes auth_{type,level} 2024-10-30T23:08:36+00:00 Stefan Metzmacher metze@samba.org 2024-10-29T08:54:42+00:00 45faf6c35a033ec46a546dfb9d5d6aeb2fb2b83c This will make it easier to implement netr_ServerAuthenticateKerberos() later... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
This will make it easier to implement netr_ServerAuthenticateKerberos()
later...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
libcli/auth: pass auth_{type,level} to netlogon_creds_server_step_check() 2024-10-30T23:08:36+00:00 Stefan Metzmacher metze@samba.org 2024-10-29T08:46:07+00:00 2956c7eb3c9fc2161fd2748e5aac1fc94478e8c7 This will make it easier to implement netr_ServerAuthenticateKerberos() later... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
This will make it easier to implement netr_ServerAuthenticateKerberos() later...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
libcli/auth: return INVALID_PARAMETER for DES in netlogon_creds_{de,en}crypt_samlogon_logon 2024-10-30T23:08:36+00:00 Stefan Metzmacher metze@samba.org 2024-10-28T15:54:48+00:00 131f5c0b251e456c466eaca744525504e1d69492 For the NetlogonGenericInformation case we want an error instead of no encryption if only DES was negotiated... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
For the NetlogonGenericInformation case we want an error instead of no
encryption if only DES was negotiated...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>