samba.git/libcli/auth/wscript_build, branch talloc-2.3.1

libcli/auth: add gnutls test for aes-128-cfb8 cipher bug

2019-10-07T09:31:35+00:00

Guenther

Signed-off-by: Guenther Deschner 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Andreas Schneider 
Autobuild-Date(master): Mon Oct  7 09:31:35 UTC 2019 on sn-devel-184

libcli/auth: add test for gensec_schannel code

2019-10-07T08:13:44+00:00

Guenther

Signed-off-by: Guenther Deschner 
Pair-Programmed-With: Stefan Metzmacher 
Reviewed-by: Andreas Schneider

libcli:auth: Add test for decoding an RC4 password buffer

2019-07-26T01:48:22+00:00

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider 
Reviewed-by: Andrew Bartlett

lib/crypto: move gnutls error wrapper to own subsystem

2019-06-27T12:54:22+00:00

Signed-off-by: Andrew Bartlett 
Reviewed-by: Andreas Schneider

libcli:auth: Use GnuTLS SHA256 HMAC for credentials

2019-04-30T23:18:27+00:00

Signed-off-by: Andreas Schneider 
Reviewed-by: Andrew Bartlett

CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()

2018-08-14T11:57:15+00:00

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360

Signed-off-by: Andrew Bartlett 
Reviewed-by: Jeremy Allison 
Reviewed-by: Gary Lockyer

wscript: remove executable bits for all wscript* files

2017-01-11T19:21:01+00:00

These files should not be executable.

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Wed Jan 11 20:21:01 CET 2017 on sn-devel-144

Rename 'errors' to 'samba-errors' and make it public.

2016-01-13T06:47:04+00:00

This is necessary because it has public headers.

Signed-off-by: Jelmer Vernooĳ 
Reviewed-By: Andrew Bartlett 
Reviewed-By: Stefan Metzmacher 

Autobuild-User(master): Jelmer Vernooij 
Autobuild-Date(master): Wed Jan 13 07:47:04 CET 2016 on sn-devel-144

libcli/auth: add netlogon_creds_cli* infrastructure

2014-01-07T11:47:03+00:00

This provides an abstraction to hide netlogon_creds_CredentialState,
which is stored in a node local tdb.

Where the global state (netlogon_creds_CredentialState) between client and
server was only kept in memory (on the client side), we now use
the abstracted netlogon_creds_cli_context.

We now use a node specific computer name in order to establish
individual netlogon sessions per node.

If the caller wants to use some netlogon calls with credential chain
(struct netr_Authenticator), netlogon_creds_cli_lock*() is used
to get the current netlogon_creds_CredentialState in a g_lock'ed
fashion, a talloc_free() will release the lock.

The locking is needed as there might be more than one process
(multiple winbindd child, cmdline tools) which want to talk
to a specific domain controller. The usage of netlogon_creds_CredentialState
needs to be serialized as it uses sequence numbers.

LogonSamLogonEx doesn't use the credential chain, but for some operations
it needs the global session in order to de/encrypt individual fields.
It uses the lockless netlogon_creds_cli_get() and netlogon_creds_cli_validate()
functions, which just make sure the session hasn't changed between
get and validate.

This is prepares the proper fix for a large number of bugs:
https://bugzilla.samba.org/show_bug.cgi?id=6563
https://bugzilla.samba.org/show_bug.cgi?id=7944
https://bugzilla.samba.org/show_bug.cgi?id=7945
https://bugzilla.samba.org/show_bug.cgi?id=7568
https://bugzilla.samba.org/show_bug.cgi?id=8599

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett

auth/gensec: move libcli/auth/schannel_sign.c into schannel.c

2014-01-06T23:27:11+00:00

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett