summaryrefslogtreecommitdiff
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
* libcli:smb: Do not use gnutls_aead_cipher_encryptv2() with GnuTLS 3.6.10Andreas Schneider2019-11-041-2/+6
| | | | | | | | | | The gnutls_aead_cipher_encryptv2() implementation was released with a bug. This wont be fixed before 3.6.11. See https://gitlab.com/gnutls/gnutls/merge_requests/1085 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* tstream_npa: Set local server name in auth requestsSamuel Cabrero2019-10-182-2/+3
| | | | | | Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli smb smb1cli_trans: fix ubsan warningGary Lockyer2019-10-161-2/+4
| | | | | | | | | | | | Fix ubsan warning null pointer passed as argument 2 when the source pointer is NULL. The calls to memcpy are now guarded by an if (len > 0) Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Oct 16 18:00:31 UTC 2019 on sn-devel-184
* libcli:smb: Use gnutls_aead_cipher_decryptv2() for AES GCM or CCMAndreas Schneider2019-10-081-2/+27
| | | | | | | | | | | This is a new call which has been added with GnuTLS 3.6.10 and will recuduce memory allocations and copying of data. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Oct 8 14:12:44 UTC 2019 on sn-devel-184
* libcli:smb: Use gnutls_aead_cipher_encryptv2() for AES GCM or CCMAndreas Schneider2019-10-081-2/+30
| | | | | | | | This is a new call which has been added with GnuTLS 3.6.10 and will recuduce memory allocations and copying of data. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
* libcli/auth: add gnutls test for aes-128-cfb8 cipher bugGünther Deschner2019-10-072-0/+248
| | | | | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Oct 7 09:31:35 UTC 2019 on sn-devel-184
* libcli/auth: add test for gensec_schannel codeGünther Deschner2019-10-072-0/+313
| | | | | | | | Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: add netlogon_creds_cli_LogonGetDomainInfo()Stefan Metzmacher2019-09-202-1/+297
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* libcli/auth: clang: Fix 'Value stored to 'status' is never read'Noel Power2019-08-271-1/+1
| | | | | | | | | | | | Fixes: libcli/auth/netlogon_creds_cli.c:2622:2: warning: Value stored to 'status' is never read <--[clang] status = netlogon_creds_decrypt_samlogon_validation(&state->tmp_creds, ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 warning generated. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* libcli:smb: Prefer AES-GCM over AES-CCM with GnuTLSAndreas Schneider2019-08-271-6/+3
| | | | | | | | | | | The AES-GCM implementation in GnuTLS is faster. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_encrypt_pdu()Andreas Schneider2019-08-271-3/+2
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use smb2_signing_key in smb2_signing_encrypt_pdu()Andreas Schneider2019-08-273-22/+18
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adaped to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_decrypt_pdu()Andreas Schneider2019-08-271-3/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use smb2_signing_key in smb2_signing_decrypt_pdu()Andreas Schneider2019-08-273-21/+17
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adaped to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_decrypt_pdu()Andreas Schneider2019-08-271-45/+125
| | | | | | | | | | | This requires GnuTLS >= 3.4.0. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_encrypt_pdu()Andreas Schneider2019-08-271-45/+124
| | | | | | | | | | | This requires GnuTLS >= 3.4.0. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu()Andrew Bartlett2019-08-211-4/+4
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_check_pdu()Andreas Schneider2019-08-211-0/+38
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu()Andrew Bartlett2019-08-211-2/+2
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_sign_pdu()Andreas Schneider2019-08-211-0/+33
| | | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted by Andrew Bartlett to followup from earlier patch to allow compile without GnuTLS over the whole series. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use a smb2_signing_key for storing the decryption keyAndreas Schneider2019-08-211-7/+16
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use a smb2_signing_key for storing the encryption keyAndreas Schneider2019-08-211-10/+19
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Add gnutls_aead_cipher_hd_t to smb2_signing_key structureAndreas Schneider2019-08-212-0/+8
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Use GnuTLS for AES constantsAndreas Schneider2019-08-211-5/+2
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted to remove Samba AES support Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Define SMB2_AES_128_CCM_NONCE_SIZEAndreas Schneider2019-08-211-0/+3
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth Check NTSTATUS from netlogon_creds_aes_{en,de}crypt()Andrew Bartlett2019-08-211-23/+53
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt()Andrew Bartlett2019-08-212-8/+11
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_decrypt()Andreas Schneider2019-08-211-1/+40
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt()Andreas Schneider2019-08-212-8/+11
| | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Adapted by Andrew Bartlett to use gnutls_error_to_ntstatus() Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_encrypt()Andreas Schneider2019-08-211-0/+36
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Use netlogon_creds_aes_encrypt() in netlogon_creds_step_crypt()Andreas Schneider2019-08-211-5/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Revert "libcli:auth: Use generate_secret_buffer() for netlogon challenge"Andreas Schneider2019-08-141-2/+1
| | | | | | This reverts commit c3ba556f52b15dd80efc26e4fb8f43ce2ee3a7f0. Reviewed-by: Alexander Bokovoy <ab@samba.org>
* libcli:auth: Use generate_secret_buffer() for netlogon challengeAndreas Schneider2019-08-121-1/+2
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184
* libcli:smb: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonceAndreas Schneider2019-08-121-2/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:smb: Add forward declaration for gnutls_hmac_hd_tAndreas Schneider2019-08-101-3/+3
| | | | | | | | | This file is basically included everywhere. So use a forward declaration for gnutls_hmac_hd_t. This way we don't have to link everthing against gnutls to get access to the header path. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:lib/http: move to the toplevelRalph Boehme2019-08-078-0/+2312
| | | | | | | This is going to be used from the s3 RPC server soon... Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Samuel Cabrero <scabrero@suse.de>
* libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_IDStefan Metzmacher2019-08-011-0/+17
| | | | | | | | | | | | | | Note: Unlike the current documentation, the utf16 string is not null-terminated, that matches Windows Server 1903 as a client. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055 RN: Add the target server name of SMB 3.1.1 connections as a hint to load balancers or servers with "multi-tenancy" support. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
* libcli/smb: add new COMPRESSION and NETNAME negotiate context idsStefan Metzmacher2019-08-011-0/+2
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14055 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Aurelien Aptel <aaptel@suse.com>
* libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in ↵Andreas Schneider2019-07-261-47/+24
| | | | | | | | | decode_wkssvc_join_password_buffer() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Use samba_gnutls_arcfour_confounded_md5() in ↵Andreas Schneider2019-07-261-46/+23
| | | | | | | | | encode_wkssvc_join_password_buffer() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Add test for (encode|decode)_wkssvc_join_password_bufferAndreas Schneider2019-07-261-0/+129
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Return WERROR for encode_wkssvc_join_password_buffer()Andreas Schneider2019-07-262-10/+18
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Add test for encode_rc4_passwd_buffer()Andreas Schneider2019-07-261-0/+31
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Add encode_rc4_passwd_buffer()Andreas Schneider2019-07-262-0/+49
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()Andreas Schneider2019-07-263-8/+9
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()Andreas Schneider2019-07-263-8/+6
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Use samba_gnutls_arcfour_confounded_md5() for rc4 passwd bufferAndreas Schneider2019-07-261-30/+9
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Add test for decoding an RC4 password bufferAndreas Schneider2019-07-262-0/+186
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()Andreas Schneider2019-07-262-3/+10
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libcls/nbt: clang: Fix 'initialization value is never read'Noel Power2019-07-241-1/+1
| | | | | | | | | | | | Fixes: libcli/nbt/nbtsocket.c:65:27: warning: Value stored to 'req' during its initialization is never read <--[clang] struct nbt_name_request *req = nbtsock->send_queue; ^~~ ~~~~~~~~~~~~~~~~~~~ 1 warning generated. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
View Lorry Controller Status