summaryrefslogtreecommitdiff
path: root/auth/credentials/credentials.h
Commit message (Collapse)AuthorAgeFilesLines
* cli_credentials: Apply some constVolker Lendecke2017-09-161-2/+3
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 16 12:28:17 CEST 2017 on sn-devel-144
* pycredentials: Add support for netr_crypt_passwordGary Lockyer2017-06-221-0/+4
| | | | | | | | | | Add code to encrypt a netr_CryptPassword structure with the current session key. This allows the making of Netr_ServerPasswordSet2 calls from python. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/credentials: remove const where we always return a talloc stringStefan Metzmacher2017-01-101-3/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth/credentials: add cli_credentials_set_password_will_be_nt_hash() and the ↵Stefan Metzmacher2016-12-201-0/+2
| | | | | | | related logic Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/credentials: also do a shallow copy of the krb5_ccache.Stefan Metzmacher2016-07-221-3/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()Stefan Metzmacher2016-04-121-0/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* CVE-2016-2110: auth/credentials: pass server_timestamp to ↵Stefan Metzmacher2016-04-121-1/+3
| | | | | | | | | cli_credentials_get_ntlm_response() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* auth/credentials: add cli_credentials_set_old_utf16_password()Stefan Metzmacher2015-03-121-0/+2
| | | | | | | This is required to set the previous trust account password. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* auth/credentials: add cli_credentials_[g|s]et_old_nt_hash()Stefan Metzmacher2015-03-121-0/+4
| | | | | | | | The machine and trust accounts it's important to retry netr_Authenticate3() with the previous (old) nt_hash. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* auth/credentials: add cli_credentials_set_utf16_password()Stefan Metzmacher2014-12-191-0/+3
| | | | | | | | | | | | | | We need a way to initialize the cli_credentials from the raw utf16 blob, which might not be completely valid utf16, which means the conversion from CH_UTF16MUNGED to CH_UTF8 might loose information. This would result in an invalid nt_hash, when we convert back from CH_UTF8 to CH_UTF16LE. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* credentials: Allow the secret.tdb handle to be passed in to ↵Andrew Bartlett2014-10-171-0/+16
| | | | | | | | | | | | cli_credentials_set_machine_account() This adds a new wrapper, cli_credentials_set_machine_account_db_ctx() Andrew Bartlett Change-Id: Ia2cceefede4ba9cf7f8de41986daf9372c19d997 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth/credentials: Add cli_credentials_{set,get}_forced_sasl_mech()Andrew Bartlett2013-09-161-0/+3
| | | | | | | | | | This will allow us to force the use of only DIGEST-MD5, for example, which is useful to avoid hitting GSSAPI, SPNEGO or NTLM when talking to OpenLDAP and Cyrus-SASL. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
* auth/credentials: make sure cli_credentials_get_nt_hash() always returns a ↵Stefan Metzmacher2013-08-121-2/+2
| | | | | | | | talloc object Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/credentials: keep cli_credentials privateStefan Metzmacher2013-08-051-93/+8
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/credentials: add cli_credentials_shallow_copy()Stefan Metzmacher2013-08-051-0/+3
| | | | | | | | This is useful for testing. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth/credentials: add cli_credentials_[set_]callback_data*Stefan Metzmacher2013-08-051-0/+8
| | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth: added cli_credentials_failed_kerberos_login()Andrew Tridgell2012-11-011-0/+3
| | | | | | | | this is used to support retrying kerberos connections after removing a ccache entry, to cope with a server being re-built while our client still has a valid service ticket Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* auth/credentials Declare remaining functions are public interfaces and put ↵Andrew Bartlett2011-10-111-0/+37
| | | | | | | | | into credentials.h This is in preperation for this file being used by s3, and recognises that these are all reasonable, public interfaces but were not declared as such in the past. Andrew Bartlett
* auth: move credentials layer to the top levelAndrew Bartlett2011-10-111-0/+300
This will allow gensec_start.c to move to the top level. This does not change what code uses the cli_credentials code, but allows the gensec code to be more broadly. Andrew Bartlett
View Lorry Controller Status