mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:kdc/db-glue: fix supported_enctypes samba_kdc_trust_message2entry()
This avoids writing invalid memory, because num_keys was calculated in a wrong way... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
This commit is contained in:
parent
6da86012a2
commit
01c02340c1
@ -872,7 +872,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
|
|||||||
int ret, trust_direction_flags;
|
int ret, trust_direction_flags;
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
struct AuthenticationInformationArray *auth_array;
|
struct AuthenticationInformationArray *auth_array;
|
||||||
uint32_t supported_enctypes = ENCTYPE_ARCFOUR_HMAC;
|
uint32_t supported_enctypes = ENC_RC4_HMAC_MD5;
|
||||||
|
|
||||||
if (dsdb_functional_level(kdc_db_ctx->samdb) >= DS_DOMAIN_FUNCTION_2008) {
|
if (dsdb_functional_level(kdc_db_ctx->samdb) >= DS_DOMAIN_FUNCTION_2008) {
|
||||||
supported_enctypes = ldb_msg_find_attr_as_uint(msg,
|
supported_enctypes = ldb_msg_find_attr_as_uint(msg,
|
||||||
@ -1015,7 +1015,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (supported_enctypes & ENCTYPE_ARCFOUR_HMAC) {
|
if (supported_enctypes & ENC_RC4_HMAC_MD5) {
|
||||||
mdfour(_password_hash.hash, password_utf16.data, password_utf16.length);
|
mdfour(_password_hash.hash, password_utf16.data, password_utf16.length);
|
||||||
if (password_hash == NULL) {
|
if (password_hash == NULL) {
|
||||||
num_keys += 1;
|
num_keys += 1;
|
||||||
@ -1047,7 +1047,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
} else if (auth_array->array[i].AuthType == TRUST_AUTH_TYPE_NT4OWF) {
|
} else if (auth_array->array[i].AuthType == TRUST_AUTH_TYPE_NT4OWF) {
|
||||||
if (supported_enctypes & ENCTYPE_ARCFOUR_HMAC) {
|
if (supported_enctypes & ENC_RC4_HMAC_MD5) {
|
||||||
password_hash = &auth_array->array[i].AuthInfo.nt4owf.password;
|
password_hash = &auth_array->array[i].AuthInfo.nt4owf.password;
|
||||||
num_keys += 1;
|
num_keys += 1;
|
||||||
}
|
}
|
||||||
@ -1085,7 +1085,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (supported_enctypes & ENCTYPE_AES256_CTS_HMAC_SHA1_96) {
|
if (supported_enctypes & ENC_HMAC_SHA1_96_AES256) {
|
||||||
ret = krb5_string_to_key_data_salt(context,
|
ret = krb5_string_to_key_data_salt(context,
|
||||||
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
|
||||||
cleartext_data,
|
cleartext_data,
|
||||||
@ -1100,7 +1100,7 @@ static krb5_error_code samba_kdc_trust_message2entry(krb5_context context,
|
|||||||
entry_ex->entry.keys.len++;
|
entry_ex->entry.keys.len++;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (supported_enctypes & ENCTYPE_AES128_CTS_HMAC_SHA1_96) {
|
if (supported_enctypes & ENC_HMAC_SHA1_96_AES128) {
|
||||||
ret = krb5_string_to_key_data_salt(context,
|
ret = krb5_string_to_key_data_salt(context,
|
||||||
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
|
||||||
cleartext_data,
|
cleartext_data,
|
||||||
|
Loading…
Reference in New Issue
Block a user