summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_passwd.c
AgeCommit message (Collapse)AuthorFilesLines
2024-11-06s4: s/the the\b/the/ in miscellaneous commentsDouglas Bagnall1-1/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
2024-09-26s4:libnet: make use of dcerpc_binding_handle_transport_session_key() in ↵Stefan Metzmacher1-10/+25
libnet_passwd.c Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26s4:libnet: add struct dcerpc_binding_handle helper variables in libnet_passwd.cStefan Metzmacher1-5/+15
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
2023-06-30crypto: Rely on GnuTLS 3.6.13 and gnutls_pbkdf2()Andrew Bartlett1-4/+0
This removes a lot of inline #ifdef and means this feature is always tested. We can do this as we have chosen GnuTLS 3.6.13 as the new minimum version. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2022-12-14s4:libnet: correctly handle gnutls_pbkdf2() errorsStefan Metzmacher1-1/+4
We should not ignore the error nor should we map GNUTLS_E_UNWANTED_ALGORITHM to NT_STATUS_WRONG_PASSWORD, instead we use NT_STATUS_CRYPTO_SYSTEM_INVALID as in most other places in the same file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Dec 14 13:35:20 UTC 2022 on sn-devel-184
2022-12-14s4:libnet: fix error string for failing samr_ChangePasswordUser4()Stefan Metzmacher1-1/+1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
2022-12-13CVE-2022-37966 s4:libnet: add support LIBNET_SET_PASSWORD_SAMR_HANDLE_18 to ↵Stefan Metzmacher1-0/+73
set nthash only BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-12-13CVE-2022-37966 s4:libnet: initialize libnet_SetPassword() arguments ↵Stefan Metzmacher1-0/+2
explicitly to zero by default. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-10-25s4:libnet: If we successfully changed the password we are doneAndreas Schneider1-14/+18
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
2022-10-25s3:rpcclient: Pass salt down to init_samr_CryptPasswordAES()Andreas Schneider1-6/+7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
2022-07-28s4:libnet: Add support for samr_ChangePasswordUser4()Andreas Schneider1-0/+116
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-07-28s4:libnet: Move code using RC4 into its own functionAndreas Schneider1-86/+123
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-07-28s4:libnet: Remove unused code in libnet_ChangePassword_samr()Andreas Schneider1-50/+0
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-08-03s4:libnet: Allow libnet_SetPassword() for encrypted SMB connectionsAndreas Schneider1-11/+40
This is needed for smbtorture to join a domain in FIPS mode. FYI: The correct way would be to join using LDAP as the s3 code is doing it. But this requires a bigger rewrite. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-08-03s4:libnet: Remove trailing whitespacesAndreas Schneider1-12/+12
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10smbdes: convert E_old_pw_hash to use gnutlsIsaac Boukris1-5/+25
Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26s4:libnet: Use GnuTLS RC4 in libnet_ChangePassword_samr()Andreas Schneider1-6/+104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_23()Andreas Schneider1-1/+28
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26s4:libnet: Use GnuTLS RC4 in libnet_SetPassword_samr_handle_24()Andreas Schneider1-1/+28
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_25()Andreas Schneider1-34/+9
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26s4:libnet: Use encode_rc4_passwd_buffer() in libnet_SetPassword_samr_handle_26()Andreas Schneider1-36/+11
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-27lib/crypto: move gnutls error wrapper to own subsystemAndrew Bartlett1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2019-06-24s3:libnet: Use gnutls_error_to_ntstatus() in libnet_passwdAndreas Schneider1-6/+7
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-21s4:libnet: Use GnuTLS MD5 for samr passwordsAndreas Schneider1-13/+64
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-12-09CVE-2013-4408:s3:Ensure LookupNames replies arrays are range checked.Jeremy Allison1-1/+9
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185 Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Jeremy Allison <jra@samba.org>
2013-06-19build: Build with system md5.h on OpenIndianaAndrew Bartlett1-2/+2
This changes (again...) our system md5 detection to cope with how OpenIndiana does md5. I'm becoming increasingly convinced this isn't worth our while (we should have just done samba_md5...), but for now this change seems to work on FreeBSD, OpenIndiana and Linux with libbsd. This needs us to rename struct MD5Context -> MD5_CTX, but we provide a config.h define to rename the type bad if MD5_CTX does not exist (it does however exist in the md5.h from libbsd). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
2010-04-15s4:libnet_passwd: check for NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE for ↵Stefan Metzmacher1-1/+1
SetPassword metze
2010-04-15s4:libnet_passwd: check for NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE in the ↵Stefan Metzmacher1-3/+3
ChangePassword calls metze
2010-03-29s4:libnet/libnet_passwd.c: add explicit check for NTSTATUS r.out.resultStefan Metzmacher1-0/+36
metze
2010-03-12s4:libnet/libnet_passwd.c: make use of dcerpc_binding_handle stubsStefan Metzmacher1-13/+13
metze
2010-03-10s4:libnet - change variables to "unsigned" where neededMatthias Dieter Wallnöfer1-1/+1
2009-12-25s4-net: Fix 'talloc_free with references ...' errorKamen Mazdrashki1-4/+4
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-11-06s4:libnet_passwd - fix pointer typeMatthias Dieter Wallnöfer1-1/+1
2009-06-18s4:libnet Allow 'net password change' to work on expired passwordsAndrew Bartlett1-1/+5
We need to pass down flags to the DCE/RPC layer to allow fallback to anonymous connections, as we can't log in with an expired password. The anonymous connection can then change the password with SAMR. Andrew Bartlett
2009-05-25fixed the client side password change codeAndrew Tridgell1-61/+25
The client side code was not falling back to older routines correctly as it didn't check for the operation range error appropriately. It also used the old rpc semantics.
2008-12-05s4-samr: fix samr callers after SAMR_FIELD_PASSWORD change.Günther Deschner1-2/+2
Guenther
2008-11-28s4-samr: fix samr passwdord_expired callers.Günther Deschner1-3/+2
Guenther
2008-11-10s4-samr: merge samr_LookupDomain from s3 idl. (fixme: python)Günther Deschner1-1/+3
Guenther
2008-11-10s4-samr: merge samr_LookupNames from s3 idl. (fixme: python)Günther Deschner1-3/+6
Guenther
2008-11-10s4-samr: merge samr_ChangePasswordUser3 from s3 idl.Günther Deschner1-0/+4
Guenther
2008-09-24Move source4/lib/crypto to lib/crypto.Jelmer Vernooij1-1/+1
2007-10-10r24557: rename 'dcerpc_table_' -> 'ndr_table_'Stefan Metzmacher1-2/+2
metze (This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r22669: fix uninitialized element which was causing a crash with 'net ↵Stefan Metzmacher1-0/+1
password set' metze (This used to be commit 9bbe4733562a8fc6fe49377a47e482a14a6efc61)
2007-10-10r19934: - allow to pass a samr_UserInfo21 struct to be passed to ↵Stefan Metzmacher1-28/+48
libnet_SetPassword() - as the SetUserInfo2() levels 26/25 and 24/23 have the same encryption but 26 and 24 change only the password and 25 and 23 take a info21 and change the password, we now use 26 with fallback to 24 or 25 with fallback to 23. - use samr_SetUserInfo2() to match what w2k3 does (works also against nt4) - pass the info21 to libnet_SetPassword() to set acct_flags and full_name together with the password (to match what w2k3 does) metze (This used to be commit 1b86af32f3069cc75ae645698d3f92a0798e38f7)
2007-10-10r18609: error_string should not contain newlines.Günther Deschner1-24/+24
Guenther (This used to be commit 556666756418ad50c533199c736fe3696a7e20cb)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+0
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14464: Don't include ndr_BASENAME.h files unless strictly required, insteadJelmer Vernooij1-0/+1
try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-10 22:53:20 +0000