sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code
119,893 Commits 60 Branches 1,145 Tags 453 MiB
83b1c21dd0
Commit Graph

44 Commits

Author SHA1 Message Date
Andreas Schneider
bcf7808d3a libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in decode_wkssvc_join_password_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:24 +00:00
Andreas Schneider
85e2a3c96a libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in encode_wkssvc_join_password_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:24 +00:00
Andreas Schneider
576bcf6155 libcli:auth: Return WERROR for encode_wkssvc_join_password_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:24 +00:00
Andreas Schneider
06d46c447e libcli:auth: Add encode_rc4_passwd_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:23 +00:00
Andreas Schneider
79ca72ec3d libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:23 +00:00
Andreas Schneider
89f8b028e2 libcli:auth: Rename encode_or_decode_arc4_passwd_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:23 +00:00
Andreas Schneider
dea160820a libcli:auth: Use samba_gnutls_arcfour_confounded_md5() for rc4 passwd buffer 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:23 +00:00
Andreas Schneider
57dd415ba4 libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-07-26 01:48:22 +00:00
Andreas Schneider
d4494648dd libcli:auth: Use gnutls_error_to_werror() in smbencrypt 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-06-27 12:54:22 +00:00
Andreas Schneider
d22aa6fcc2 libcli:auth: Use 'bool ok' in ntv2_owf_gen() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
6f4c027094 libcli:auth: Use GnuTLS MD5 HMAC in SMBsesskeygen_ntv2() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
e1c04866a8 libcli:auth: Use GnuTLS MD5 HMAC in SMBOWFencrypt_ntv2() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
a2f88720d2 libcli:auth: Use GnuTLS MD5 HMAC in ntv2_owf_gen() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
023e6b4f04 libcli:auth: Use GnuTLS MD5 in decode_wkssvc_join_password_buffer() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
10a1caa46d libcli:auth: Use GnuTLS MD5 in encode_or_decode_arc4_passwd_buffer() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
2463d1111f libcli:auth: Use GnuTLS MD5 in encode_wkssvc_join_password_buffer() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
152cd8b426 libcli:auth: Use GnuTLS MD5 in encode_or_decode_arc4_passwd_buffer() 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Andreas Schneider
45a4a9078c libcli:auth: Use GnuTLS MD5 for E_md5hash() in smbcrypt 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2019-05-21 00:03:20 +00:00
Stefan Metzmacher
1b48c8515e libcli/auth: add const to set_pw_in_buffer() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2017-06-27 16:57:46 +02:00
Stefan Metzmacher
423e95b430 CVE-2016-2111: libcli/auth: add NTLMv2_RESPONSE_verify_netlogon_creds() helper function 
This is the function that prevents spoofing like
Microsoft's CVE-2015-0005.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2016-04-12 19:25:24 +02:00
Stefan Metzmacher
4c4829634f CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
 2016-04-12 19:25:23 +02:00
Stefan Metzmacher
6e5d9c2a3d libcli/auth: use WERR_INVALID_PASSWORD instead of WERR_BAD_PASSWORD 
The values are the same, but WERR_INVALID_PASSWORD matches the documentation.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-03-27 01:26:17 +01:00
Andrew Bartlett
fc13489c91 build: Build with system md5.h on OpenIndiana 
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5.  I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.

This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
 2013-06-19 21:32:36 +02:00
Jeremy Allison
aca444cbfc Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen(). 
The code in SMBNTLMv2encrypt_hash() should not be requesting case
changes on the domain name.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104
 2012-08-24 21:39:41 +02:00
Stefan Metzmacher
d727fcc867 libcli/auth: add some const to SMBNTencrypt_hash() and SMBNTencrypt() 
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Sep 14 19:49:24 CEST 2011 on sn-devel-104
 2011-09-14 19:49:24 +02:00
Michael Adam
cd1d75c7a4 libcli/auth/smbencrypt: in E_deshash, use talloc_stackframe instead of "#if _SAMBA_BUILD_ == 3" and talloc_tos() 
talloc_stackframe() is used in other shared components already,
and if the stack is a talloc_pool, then in most cases, it should
also not be more expensive than directly using talloc_tos().

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu May 12 12:52:02 CEST 2011 on sn-devel-104
 2011-05-12 12:52:02 +02:00
Jeremy Allison
df023b8657 Tidy up some missing checks for NULL in strlcpy. 2011-05-04 12:12:15 -07:00
Jeremy Allison
017e0c8d95 Fix simple uses of safe_strcpy -> strlcpy. Easy ones where we just remove -1. 2011-05-04 12:12:13 -07:00
Christian Ambach
96a49d23a4 libcli: allow exclusion of netbios name in NTLMV2 blob 
when no hostname is given, leave away the MsvAvNbComputerName part
of the ntlmv2 blob

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2011-04-14 01:32:22 +02:00
Volker Lendecke
111f4ec8b7 s3: Use talloc_tos() in the S3 build 
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Apr 13 09:30:55 CEST 2011 on sn-devel-104
 2011-04-13 09:30:55 +02:00
Andrew Bartlett
bf431fbedb libcli/auth Use convert_string_error to check LM hash calculation. 
This allows us to know if the LM hash was built correctly or not.

NOTE: talloc_tos() is not available in the common code at this time.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2011-04-13 14:47:08 +10:00
Jeremy Allison
52602e4f5a Fix inspired by work done by David Disseldorp for bug #8040 - smbclient segfaults when a Cyrillic netbios name or workgroup is configured. 
Change msrpc_gen to return NTSTATUS and ensure everywhere this is
used it is correctly checked to return that status.

Jeremy.
 2011-03-28 23:12:07 +02:00
Volker Lendecke
8db0374251 s3: Fix Coverity ID 682: NEGATIVE_RETURNS 2011-03-27 22:22:10 +02:00
Andrew Tridgell
15e84a9a09 charcnv: removed the allow_badcharcnv and allow_bad_conv options to convert_string*() 
we shouldn't accept bad multi-byte strings, it just hides problems

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
 2011-03-24 01:47:26 +01:00
Volker Lendecke
be05d71b9e Simplify E_md5hash a bit 2010-01-07 11:07:55 +01:00
Günther Deschner
83023462f9 libcli/auth: remove trailing whitespace. 
Guenther
 2009-09-16 18:00:16 +02:00
Günther Deschner
2287849074 s4: fix the build after ntlmssp header change. 
Guenther
 2009-08-28 11:37:44 +02:00
Günther Deschner
b7a5e7a5d6 libcli/auth: remove unused NTLMSSP_NAME_TYPE_ flags. 
Guenther
 2009-08-28 10:09:19 +02:00
Andrew Bartlett
f666da6940 Add const to cast, to fix warning 2009-06-18 13:49:25 +10:00
Volker Lendecke
2146310fb7 Fix a couple of warnings 2009-04-23 14:35:50 +02:00
Andrew Bartlett
5095d7b1c8 Rework Samba4 to use the new common libcli/auth code 
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.

Andrew Bartlett
 2009-04-14 16:23:44 +10:00
Andrew Bartlett
6c8f7e4005 Port Samba4 to the new combined libcli/auth functions 
For example, some of the new shared functionality was previously in the wkssvc
torture test.

Andrew Bartlett
 2009-04-14 16:23:41 +10:00
Andrew Bartlett
fd3be5c4e5 Merge smbencrypt.c between Samba3 and Samba4 2009-04-14 14:19:42 +10:00
Andrew Bartlett
927a8b3304 Move libcli/auth to the top level 2009-04-14 14:19:39 +10:00