summaryrefslogtreecommitdiff
path: root/libcli/auth/proto.h
AgeCommit message (Collapse)AuthorFilesLines
2025-02-22libcli/auth: let NTLMv2_RESPONSE_verify_netlogon_creds() return the ↵Stefan Metzmacher1-1/+3
computer_name This will be used to implement the MS-NRPC 3.5.4.5.1.2 RODC server cachability validation. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2025-02-22libcli/auth: pass trust_forest_domain_info array to ↵Stefan Metzmacher1-1/+11
NTLMv2_RESPONSE_verify_netlogon_creds This will be used in the next commits in order to implement MS-NRPC 3.5.4.5.1.1 Pass-through domain name validation. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2024-12-12libcli/auth: add infrastructure for netr_ServerAuthenticateKerberos()Stefan Metzmacher1-0/+8
This shows that STRONG_KEY without ARCFOUR means no encryption for ServerPasswordSet2. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-30libcli/auth: split out netlogon_creds_client_verify() that takes ↵Stefan Metzmacher1-0/+4
auth_{type,level} This will make it easier to implement netr_ServerAuthenticateKerberos() later... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: pass auth_{type,level} to netlogon_creds_server_step_check()Stefan Metzmacher1-1/+3
This will make it easier to implement netr_ServerAuthenticateKerberos() later... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: make sure low level crypto function are not used directlyStefan Metzmacher1-0/+7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: make netlogon_creds_des_{de,en}crypt_LMKey() staticStefan Metzmacher1-4/+0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: add netlogon_creds_{de,en}crypt_SendToSam()Stefan Metzmacher1-0/+10
These will simplify adding the logic for netr_ServerAuthenticateKerberos... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: add netlogon_creds_{de,en}crypt_samr_CryptPassword()Stefan Metzmacher1-0/+8
These will simplify adding the logic for netr_ServerAuthenticateKerberos... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: add netlogon_creds_{de,en}crypt_samr_Password()Stefan Metzmacher1-0/+8
These will simplify adding the logic for netr_ServerAuthenticateKerberos... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: pass auth_{type,level} to ↵Stefan Metzmacher1-2/+6
netlogon_creds_{de,en}crypt_samlogon_logon() This will be needed when we implement netr_ServerAuthenticateKerberos... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: pass auth_{type,level} to ↵Stefan Metzmacher1-2/+6
netlogon_creds_{de,en}crypt_samlogon_validation() This will be needed when we implement netr_ServerAuthenticateKerberos... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: also use netlogon_creds_CredentialState_extra_info for the clientStefan Metzmacher1-0/+1
In order to allow backports and cluster updates we simulate a dom_sid, so that the old code is able to parse the blob. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: remember client_requested_flags and auth_time in ↵Stefan Metzmacher1-0/+1
netlogon_creds_server_init() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: pass client_sid to netlogon_creds_server_init()Stefan Metzmacher1-0/+1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-10-30libcli/auth: remove unused netlogon_creds_client_init_session_key()Stefan Metzmacher1-2/+0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-04-27libcli:auth: Fix code spellingAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
2022-09-16libcli/auth/proto.h: remove unneeded path details.Douglas Bagnall1-4/+4
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-07-28libcli:auth: Add decode_pwd_string_from_buffer514()Andreas Schneider1-0/+19
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-07-28libcli:auth: Add extract_pwd_blob_from_buffer514()Andreas Schneider1-0/+18
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-07-28libcli:auth: Add encode_pw_buffer_from_str()Andreas Schneider1-0/+15
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-07-28libcli:auth: Remove trailing spaces from proto.hAndreas Schneider1-21/+21
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-09-18CVE-2020-1472(ZeroLogon): libcli/auth: add ↵Stefan Metzmacher1-0/+1
netlogon_creds_is_random_challenge() to avoid weak values This is the check Windows is using, so we won't generate challenges, which are rejected by Windows DCs (and future Samba DCs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-09-18CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()Stefan Metzmacher1-0/+2
It's good to have just a single isolated function that will generate random challenges, in future we can add some logic in order to avoid weak values, which are likely to be rejected by a server. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2019-12-10smbdes: remove old unused DES builtin-cryptoIsaac Boukris1-1/+0
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10session: convert sess_crypt_blob to use gnutlsIsaac Boukris1-2/+2
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert des_crypt112_16 to use gnutlsIsaac Boukris1-3/+6
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert des_crypt112 to use gnutlsIsaac Boukris1-1/+2
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert E_old_pw_hash to use gnutlsIsaac Boukris1-1/+1
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert des_crypt128() to use gnutlsIsaac Boukris1-1/+1
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert E_P24() and SMBOWFencrypt to use gnutlsIsaac Boukris1-5/+5
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: remove D_P16() (not used)Isaac Boukris1-1/+0
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert E_P16() to use gnutlsIsaac Boukris1-1/+1
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert sam_rid_crypt() to use gnutlsIsaac Boukris1-1/+2
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10SMBsesskeygen_lm_sess_key: use gnutls and return NTSTATUSIsaac Boukris1-3/+3
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10netlogon_creds_des_encrypt/decrypt_LMKey: use gnutls and return NTSTATUSIsaac Boukris1-2/+4
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IVIsaac Boukris1-0/+4
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-19libcli:auth: Remove unused E_md5hash()Andreas Schneider1-8/+0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-14libcli:auth: Return NTSTATUS for netlogon_creds_client_authenticator()Andreas Schneider1-2/+3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-14libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()Andreas Schneider1-4/+4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-14libcli:auth: Return NTSTATUS for SMBOWFencrypt_ntv2()Andreas Schneider1-2/+3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-08-21libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt()Andrew Bartlett1-1/+3
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2019-08-21libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt()Andreas Schneider1-1/+3
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus() Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26libcli:auth: Return WERROR for encode_wkssvc_join_password_buffer()Andreas Schneider1-4/+4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26libcli:auth: Add encode_rc4_passwd_buffer()Andreas Schneider1-0/+7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()Andreas Schneider1-2/+2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()Andreas Schneider1-2/+2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()Andreas Schneider1-1/+2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-27libcli:auth: Return NTSTATUS for netlogon_creds_arcfour_crypt()Andreas Schneider1-1/+3
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-27libcli:auth: Return NTSTATUS for netlogon_creds_decrypt_samlogon_logon()Andreas Schneider1-3/+3
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 08:02:04 +0000