2023-03-31 10:43:11 +02:00
/*
2004-12-10 20:07:04 +00:00
samba - - Unix SMB / CIFS implementation .
Client credentials structure
2006-05-03 14:15:31 +00:00
Copyright ( C ) Jelmer Vernooij 2004 - 2006
2005-03-24 03:32:25 +00:00
Copyright ( C ) Andrew Bartlett < abartlet @ samba . org > 2005
2004-12-10 20:07:04 +00:00
2004-04-04 16:24:08 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 02:07:03 +00:00
the Free Software Foundation ; either version 3 of the License , or
2004-04-04 16:24:08 +00:00
( at your option ) any later version .
2023-03-31 10:43:11 +02:00
2004-04-04 16:24:08 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2023-03-31 10:43:11 +02:00
2004-04-04 16:24:08 +00:00
You should have received a copy of the GNU General Public License
2007-07-10 02:07:03 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2004-04-04 16:24:08 +00:00
*/
2006-03-14 01:29:56 +00:00
# ifndef __CREDENTIALS_H__
# define __CREDENTIALS_H__
2004-04-04 16:24:08 +00:00
2015-11-20 09:31:35 +01:00
# include "../lib/util/time.h"
2008-10-11 21:05:38 +02:00
# include "../lib/util/data_blob.h"
2006-03-16 17:51:04 +00:00
# include "librpc/gen_ndr/misc.h"
2013-07-31 12:41:40 +02:00
struct cli_credentials ;
2005-09-26 15:59:43 +00:00
struct ccache_container ;
2008-12-29 20:24:57 +01:00
struct tevent_context ;
2011-10-09 23:27:44 +11:00
struct netlogon_creds_CredentialState ;
2013-07-31 12:41:40 +02:00
struct ldb_context ;
struct ldb_message ;
struct loadparm_context ;
struct ccache_container ;
struct gssapi_creds_container ;
struct smb_krb5_context ;
struct keytab_container ;
2014-10-03 06:32:39 +13:00
struct db_context ;
2020-05-26 09:32:44 +02:00
enum smb_signing_setting ;
2020-05-28 16:10:52 +02:00
enum smb_encryption_setting ;
2005-09-26 15:59:43 +00:00
2005-03-21 02:08:38 +00:00
/* In order of priority */
2023-03-31 10:43:11 +02:00
enum credentials_obtained {
2005-04-10 10:11:36 +00:00
CRED_UNINITIALISED = 0 , /* We don't even have a guess yet */
2019-11-06 17:37:45 +01:00
CRED_SMB_CONF , /* Current value should be used, which comes from smb.conf */
2005-03-21 02:08:38 +00:00
CRED_CALLBACK , /* Callback should be used to obtain value */
2007-03-07 04:20:10 +00:00
CRED_GUESS_ENV , /* Current value should be used, which was guessed */
2005-08-29 04:30:22 +00:00
CRED_GUESS_FILE , /* A guess from a file (or file pointed at in env variable) */
2006-05-03 14:15:31 +00:00
CRED_CALLBACK_RESULT , /* Value was obtained from a callback */
2005-03-21 02:08:38 +00:00
CRED_SPECIFIED /* Was explicitly specified on the command-line */
} ;
2006-01-28 12:15:24 +00:00
enum credentials_use_kerberos {
2020-08-20 09:40:41 +02:00
/** Sometimes trying kerberos just does 'bad things', so don't */
CRED_USE_KERBEROS_DISABLED = 0 ,
/** Default, we try kerberos if available */
CRED_USE_KERBEROS_DESIRED ,
/** Sometimes administrators are paranoid, so always do kerberos */
CRED_USE_KERBEROS_REQUIRED ,
2006-01-28 12:15:24 +00:00
} ;
2020-08-20 10:18:08 +02:00
enum credentials_client_protection {
CRED_CLIENT_PROTECTION_DEFAULT = - 1 ,
CRED_CLIENT_PROTECTION_PLAIN = 0 ,
CRED_CLIENT_PROTECTION_SIGN ,
CRED_CLIENT_PROTECTION_ENCRYPT ,
} ;
2010-09-16 14:12:37 +10:00
enum credentials_krb_forwardable {
CRED_AUTO_KRB_FORWARDABLE = 0 , /* Default, follow library defaults */
CRED_NO_KRB_FORWARDABLE , /* not forwardable */
CRED_FORCE_KRB_FORWARDABLE /* forwardable */
} ;
2005-10-14 04:04:52 +00:00
# define CLI_CRED_NTLM2 0x01
# define CLI_CRED_NTLMv2_AUTH 0x02
# define CLI_CRED_LANMAN_AUTH 0x04
# define CLI_CRED_NTLM_AUTH 0x08
2006-01-28 12:15:24 +00:00
# define CLI_CRED_CLEAR_AUTH 0x10 /* TODO: Push cleartext auth with this flag */
2005-10-14 04:04:52 +00:00
2008-04-02 04:53:27 +02:00
const char * cli_credentials_get_workstation ( struct cli_credentials * cred ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_workstation ( struct cli_credentials * cred ,
const char * val ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
bool cli_credentials_is_anonymous ( struct cli_credentials * cred ) ;
struct cli_credentials * cli_credentials_init ( TALLOC_CTX * mem_ctx ) ;
2020-09-04 12:21:21 +02:00
struct cli_credentials * cli_credentials_init_server ( TALLOC_CTX * mem_ctx ,
struct loadparm_context * lp_ctx ) ;
2008-04-02 04:53:27 +02:00
void cli_credentials_set_anonymous ( struct cli_credentials * cred ) ;
bool cli_credentials_wrong_password ( struct cli_credentials * cred ) ;
const char * cli_credentials_get_password ( struct cli_credentials * cred ) ;
2020-09-01 15:33:18 +02:00
const char * cli_credentials_get_password_and_obtained ( struct cli_credentials * cred ,
enum credentials_obtained * obtained ) ;
2023-03-31 10:43:11 +02:00
void cli_credentials_get_ntlm_username_domain ( struct cli_credentials * cred , TALLOC_CTX * mem_ctx ,
const char * * username ,
2008-04-02 04:53:27 +02:00
const char * * domain ) ;
2023-03-31 10:43:11 +02:00
NTSTATUS cli_credentials_get_ntlm_response ( struct cli_credentials * cred , TALLOC_CTX * mem_ctx ,
2008-04-02 04:53:27 +02:00
int * flags ,
2015-11-20 09:29:11 +01:00
DATA_BLOB challenge ,
const NTTIME * server_timestamp ,
DATA_BLOB target_info ,
2023-03-31 10:43:11 +02:00
DATA_BLOB * _lm_response , DATA_BLOB * _nt_response ,
2008-04-02 04:53:27 +02:00
DATA_BLOB * _lm_session_key , DATA_BLOB * _session_key ) ;
const char * cli_credentials_get_realm ( struct cli_credentials * cred ) ;
const char * cli_credentials_get_username ( struct cli_credentials * cred ) ;
2020-08-31 18:52:44 +02:00
const char * cli_credentials_get_username_and_obtained ( struct cli_credentials * cred ,
enum credentials_obtained * obtained ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_krb5_context ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
struct smb_krb5_context * * smb_krb5_context ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_ccache ( struct cli_credentials * cred ,
2008-12-29 20:24:57 +01:00
struct tevent_context * event_ctx ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
2010-02-25 16:16:33 +11:00
struct ccache_container * * ccc ,
const char * * error_string ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_named_ccache ( struct cli_credentials * cred ,
2010-02-20 11:44:41 +11:00
struct tevent_context * event_ctx ,
struct loadparm_context * lp_ctx ,
char * ccache_name ,
2010-02-25 16:16:33 +11:00
struct ccache_container * * ccc , const char * * error_string ) ;
2012-10-31 17:58:20 +11:00
bool cli_credentials_failed_kerberos_login ( struct cli_credentials * cred ,
const char * principal ,
unsigned int * count ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_keytab ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
struct keytab_container * * _ktc ) ;
const char * cli_credentials_get_domain ( struct cli_credentials * cred ) ;
2023-12-06 13:26:43 +01:00
const char * cli_credentials_get_domain_and_obtained (
struct cli_credentials * cred ,
enum credentials_obtained * obtained ) ;
2009-04-06 22:54:44 +10:00
struct netlogon_creds_CredentialState * cli_credentials_get_netlogon_creds ( struct cli_credentials * cred ) ;
2008-04-02 04:53:27 +02:00
void cli_credentials_set_machine_account_pending ( struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ) ;
2021-04-01 17:02:10 +02:00
bool cli_credentials_set_conf ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ) ;
2016-12-29 15:26:00 +01:00
char * cli_credentials_get_principal ( struct cli_credentials * cred , TALLOC_CTX * mem_ctx ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_server_gss_creds ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
struct gssapi_creds_container * * _gcc ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_get_client_gss_creds ( struct cli_credentials * cred ,
2008-12-29 20:24:57 +01:00
struct tevent_context * event_ctx ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
2010-02-25 16:16:33 +11:00
struct gssapi_creds_container * * _gcc ,
const char * * error_string ) ;
2013-09-16 09:38:09 -07:00
void cli_credentials_set_forced_sasl_mech ( struct cli_credentials * creds ,
const char * sasl_mech ) ;
2020-08-19 15:46:11 +02:00
bool cli_credentials_set_kerberos_state ( struct cli_credentials * creds ,
enum credentials_use_kerberos kerberos_state ,
enum credentials_obtained obtained ) ;
2010-09-16 14:12:37 +10:00
void cli_credentials_set_krb_forwardable ( struct cli_credentials * creds ,
enum credentials_krb_forwardable krb_forwardable ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_domain ( struct cli_credentials * cred ,
const char * val ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
2009-01-25 05:32:30 +01:00
bool cli_credentials_set_domain_callback ( struct cli_credentials * cred ,
const char * ( * domain_cb ) ( struct cli_credentials * ) ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_username ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
const char * val , enum credentials_obtained obtained ) ;
2009-01-25 05:32:30 +01:00
bool cli_credentials_set_username_callback ( struct cli_credentials * cred ,
const char * ( * username_cb ) ( struct cli_credentials * ) ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_principal ( struct cli_credentials * cred ,
const char * val ,
2009-01-25 05:32:30 +01:00
enum credentials_obtained obtained ) ;
bool cli_credentials_set_principal_callback ( struct cli_credentials * cred ,
const char * ( * principal_cb ) ( struct cli_credentials * ) ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_password ( struct cli_credentials * cred ,
const char * val ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
struct cli_credentials * cli_credentials_init_anon ( TALLOC_CTX * mem_ctx ) ;
void cli_credentials_parse_string ( struct cli_credentials * credentials , const char * data , enum credentials_obtained obtained ) ;
2013-08-09 10:15:05 +02:00
struct samr_Password * cli_credentials_get_nt_hash ( struct cli_credentials * cred ,
TALLOC_CTX * mem_ctx ) ;
2015-02-09 09:04:42 +01:00
struct samr_Password * cli_credentials_get_old_nt_hash ( struct cli_credentials * cred ,
TALLOC_CTX * mem_ctx ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_realm ( struct cli_credentials * cred ,
const char * val ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
void cli_credentials_set_secure_channel_type ( struct cli_credentials * cred ,
enum netr_SchannelType secure_channel_type ) ;
2010-05-17 13:41:01 +10:00
void cli_credentials_set_password_last_changed_time ( struct cli_credentials * cred ,
time_t last_change_time ) ;
2017-09-07 12:34:34 +02:00
void cli_credentials_set_netlogon_creds (
struct cli_credentials * cred ,
const struct netlogon_creds_CredentialState * netlogon_creds ) ;
2023-03-31 10:43:11 +02:00
NTSTATUS cli_credentials_set_krb5_context ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct smb_krb5_context * smb_krb5_context ) ;
NTSTATUS cli_credentials_set_stored_principal ( struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ,
const char * serviceprincipal ) ;
NTSTATUS cli_credentials_set_machine_account ( struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ) ;
2014-10-03 06:32:39 +13:00
/**
* Fill in credentials for the machine trust account , from the
* secrets . ldb or passed in handle to secrets . tdb ( perhaps in CTDB ) .
*
* This version is used in parts of the code that can link in the
* CTDB dbwrap backend , by passing down the already open handle .
*
* @ param cred Credentials structure to fill in
* @ param db_ctx dbwrap context for secrets . tdb
* @ retval NTSTATUS error detailing any failure
*/
NTSTATUS cli_credentials_set_machine_account_db_ctx ( struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ,
struct db_context * db_ctx ) ;
2008-04-02 04:53:27 +02:00
bool cli_credentials_authentication_requested ( struct cli_credentials * cred ) ;
2021-04-27 16:15:30 +02:00
bool cli_credentials_guess ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_bind_dn ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
const char * bind_dn ) ;
const char * cli_credentials_get_bind_dn ( struct cli_credentials * cred ) ;
bool cli_credentials_parse_file ( struct cli_credentials * cred , const char * file , enum credentials_obtained obtained ) ;
2016-12-29 15:26:00 +01:00
char * cli_credentials_get_unparsed_name ( struct cli_credentials * credentials , TALLOC_CTX * mem_ctx ) ;
2008-04-02 04:53:27 +02:00
bool cli_credentials_set_password_callback ( struct cli_credentials * cred ,
const char * ( * password_cb ) ( struct cli_credentials * ) ) ;
enum netr_SchannelType cli_credentials_get_secure_channel_type ( struct cli_credentials * cred ) ;
2010-05-17 13:41:01 +10:00
time_t cli_credentials_get_password_last_changed_time ( struct cli_credentials * cred ) ;
2008-04-02 04:53:27 +02:00
void cli_credentials_set_kvno ( struct cli_credentials * cred ,
int kvno ) ;
2014-12-16 13:58:11 +00:00
bool cli_credentials_set_utf16_password ( struct cli_credentials * cred ,
const DATA_BLOB * password_utf16 ,
enum credentials_obtained obtained ) ;
2015-01-30 16:20:27 +00:00
bool cli_credentials_set_old_utf16_password ( struct cli_credentials * cred ,
const DATA_BLOB * password_utf16 ) ;
2016-12-14 10:02:10 +01:00
void cli_credentials_set_password_will_be_nt_hash ( struct cli_credentials * cred ,
bool val ) ;
2023-03-31 10:44:16 +02:00
bool cli_credentials_is_password_nt_hash ( struct cli_credentials * cred ) ;
2008-04-02 04:53:27 +02:00
bool cli_credentials_set_nt_hash ( struct cli_credentials * cred ,
2023-03-31 10:43:11 +02:00
const struct samr_Password * nt_hash ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
2015-02-09 09:04:42 +01:00
bool cli_credentials_set_old_nt_hash ( struct cli_credentials * cred ,
const struct samr_Password * nt_hash ) ;
2008-05-05 12:58:15 +10:00
bool cli_credentials_set_ntlm_response ( struct cli_credentials * cred ,
2021-12-18 10:40:36 +01:00
const DATA_BLOB * lm_response ,
const DATA_BLOB * lm_session_key ,
const DATA_BLOB * nt_response ,
const DATA_BLOB * nt_session_key ,
2008-05-05 12:58:15 +10:00
enum credentials_obtained obtained ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_set_keytab_name ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
2023-03-31 10:43:11 +02:00
const char * keytab_name ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
2020-08-20 10:50:30 +02:00
bool cli_credentials_set_gensec_features ( struct cli_credentials * creds ,
uint32_t gensec_features ,
enum credentials_obtained obtained ) ;
2008-04-02 04:53:27 +02:00
uint32_t cli_credentials_get_gensec_features ( struct cli_credentials * creds ) ;
2023-03-31 10:43:11 +02:00
int cli_credentials_set_ccache ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
2023-03-31 10:43:11 +02:00
const char * name ,
2010-02-25 16:16:33 +11:00
enum credentials_obtained obtained ,
const char * * error_string ) ;
2008-04-02 04:53:27 +02:00
bool cli_credentials_parse_password_file ( struct cli_credentials * credentials , const char * file , enum credentials_obtained obtained ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_parse_password_fd ( struct cli_credentials * credentials ,
2008-04-02 04:53:27 +02:00
int fd , enum credentials_obtained obtained ) ;
2023-03-31 10:43:11 +02:00
void cli_credentials_invalidate_ccache ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
enum credentials_obtained obtained ) ;
void cli_credentials_set_salt_principal ( struct cli_credentials * cred , const char * principal ) ;
2011-04-22 11:22:50 +02:00
void cli_credentials_set_impersonate_principal ( struct cli_credentials * cred ,
const char * principal ,
const char * self_service ) ;
2010-03-03 13:24:52 +11:00
void cli_credentials_set_target_service ( struct cli_credentials * cred , const char * principal ) ;
2023-12-21 12:00:46 +13:00
char * cli_credentials_get_salt_principal ( struct cli_credentials * cred , TALLOC_CTX * mem_ctx ) ;
2010-03-03 13:24:52 +11:00
const char * cli_credentials_get_impersonate_principal ( struct cli_credentials * cred ) ;
2011-04-22 11:22:50 +02:00
const char * cli_credentials_get_self_service ( struct cli_credentials * cred ) ;
2010-03-03 13:24:52 +11:00
const char * cli_credentials_get_target_service ( struct cli_credentials * cred ) ;
2008-04-02 04:53:27 +02:00
enum credentials_use_kerberos cli_credentials_get_kerberos_state ( struct cli_credentials * creds ) ;
2013-09-16 09:38:09 -07:00
const char * cli_credentials_get_forced_sasl_mech ( struct cli_credentials * cred ) ;
2010-09-16 14:12:37 +10:00
enum credentials_krb_forwardable cli_credentials_get_krb_forwardable ( struct cli_credentials * creds ) ;
2023-03-31 10:43:11 +02:00
NTSTATUS cli_credentials_set_secrets ( struct cli_credentials * cred ,
2008-04-02 04:53:27 +02:00
struct loadparm_context * lp_ctx ,
struct ldb_context * ldb ,
const char * base ,
2023-03-31 10:43:11 +02:00
const char * filter ,
2010-02-20 11:44:41 +11:00
char * * error_string ) ;
2008-04-02 04:53:27 +02:00
int cli_credentials_get_kvno ( struct cli_credentials * cred ) ;
2006-03-14 01:29:56 +00:00
2011-10-09 23:27:44 +11:00
bool cli_credentials_set_username_callback ( struct cli_credentials * cred ,
const char * ( * username_cb ) ( struct cli_credentials * ) ) ;
2024-03-13 17:50:56 +01:00
enum credentials_obtained cli_credentials_get_principal_obtained ( struct cli_credentials * cred ) ;
2011-10-09 23:27:44 +11:00
/**
* Obtain the client principal for this credentials context .
* @ param cred credentials context
* @ retval The username set on this context .
* @ note Return value will never be NULL except by programmer error .
*/
2016-12-29 15:26:00 +01:00
char * cli_credentials_get_principal_and_obtained ( struct cli_credentials * cred , TALLOC_CTX * mem_ctx , enum credentials_obtained * obtained ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_principal ( struct cli_credentials * cred ,
const char * val ,
2011-10-09 23:27:44 +11:00
enum credentials_obtained obtained ) ;
bool cli_credentials_set_principal_callback ( struct cli_credentials * cred ,
const char * ( * principal_cb ) ( struct cli_credentials * ) ) ;
/**
* Obtain the ' old ' password for this credentials context ( used for join accounts ) .
* @ param cred credentials context
* @ retval If set , the cleartext password , otherwise NULL
*/
const char * cli_credentials_get_old_password ( struct cli_credentials * cred ) ;
2023-03-31 10:43:11 +02:00
bool cli_credentials_set_old_password ( struct cli_credentials * cred ,
const char * val ,
2011-10-09 23:27:44 +11:00
enum credentials_obtained obtained ) ;
bool cli_credentials_set_domain_callback ( struct cli_credentials * cred ,
const char * ( * domain_cb ) ( struct cli_credentials * ) ) ;
bool cli_credentials_set_realm_callback ( struct cli_credentials * cred ,
const char * ( * realm_cb ) ( struct cli_credentials * ) ) ;
bool cli_credentials_set_workstation_callback ( struct cli_credentials * cred ,
const char * ( * workstation_cb ) ( struct cli_credentials * ) ) ;
2013-07-31 12:52:17 +02:00
void cli_credentials_set_callback_data ( struct cli_credentials * cred ,
void * callback_data ) ;
void * _cli_credentials_callback_data ( struct cli_credentials * cred ) ;
# define cli_credentials_callback_data(_cred, _type) \
talloc_get_type_abort ( _cli_credentials_callback_data ( _cred ) , _type )
# define cli_credentials_callback_data_void(_cred) \
_cli_credentials_callback_data ( _cred )
2020-05-26 09:32:44 +02:00
bool cli_credentials_set_smb_signing ( struct cli_credentials * cred ,
enum smb_signing_setting signing_state ,
enum credentials_obtained obtained ) ;
enum smb_signing_setting
cli_credentials_get_smb_signing ( struct cli_credentials * cred ) ;
2020-05-28 16:31:35 +02:00
bool cli_credentials_set_smb_ipc_signing ( struct cli_credentials * cred ,
enum smb_signing_setting ipc_signing_state ,
enum credentials_obtained obtained ) ;
enum smb_signing_setting
cli_credentials_get_smb_ipc_signing ( struct cli_credentials * cred ) ;
2020-05-28 16:10:52 +02:00
bool cli_credentials_set_smb_encryption ( struct cli_credentials * cred ,
enum smb_encryption_setting encryption_state ,
enum credentials_obtained obtained ) ;
enum smb_encryption_setting
cli_credentials_get_smb_encryption ( struct cli_credentials * cred ) ;
2019-08-07 11:36:28 +02:00
bool cli_credentials_set_cmdline_callbacks ( struct cli_credentials * cred ) ;
2020-12-10 16:48:16 +01:00
void cli_credentials_dump ( struct cli_credentials * creds ) ;
2011-10-09 23:27:44 +11:00
/**
2023-03-31 10:43:11 +02:00
* Return attached NETLOGON credentials
2011-10-09 23:27:44 +11:00
*/
struct netlogon_creds_CredentialState * cli_credentials_get_netlogon_creds ( struct cli_credentials * cred ) ;
2010-10-11 04:05:37 +02:00
2017-06-21 08:10:30 +12:00
NTSTATUS netlogon_creds_session_encrypt (
struct netlogon_creds_CredentialState * state ,
DATA_BLOB data ) ;
2023-11-17 17:41:53 +13:00
/**
* Kerberos FAST handling
*/
NTSTATUS cli_credentials_set_krb5_fast_armor_credentials ( struct cli_credentials * creds ,
struct cli_credentials * armor_creds ,
bool require_fast_armor ) ;
struct cli_credentials * cli_credentials_get_krb5_fast_armor_credentials ( struct cli_credentials * creds ) ;
bool cli_credentials_get_krb5_require_fast_armor ( struct cli_credentials * creds ) ;
2023-12-21 14:06:26 +13:00
/**
* Group Managed Service Account helper
*/
2024-02-02 14:40:24 +13:00
/*
* All current callers set " for_keytab = true " , but if we start using
* this for getting a TGT we need the logic to ignore a very new
* key
*/
2023-12-21 14:06:26 +13:00
NTSTATUS cli_credentials_set_gmsa_passwords ( struct cli_credentials * creds ,
const DATA_BLOB * managed_password_blob ,
2024-02-02 14:40:24 +13:00
bool for_keytab ,
2023-12-21 14:06:26 +13:00
const char * * error_string ) ;
2006-03-14 01:29:56 +00:00
# endif /* __CREDENTIALS_H__ */