1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

libcli:auth Check return code of netlogon_creds_aes_encrypt()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Nov 14 09:25:36 UTC 2019 on sn-devel-184
This commit is contained in:
Andrew Bartlett 2019-11-14 11:16:09 +13:00 committed by Andreas Schneider
parent 32e75bb4cc
commit 0361a26e39
2 changed files with 21 additions and 7 deletions

View File

@ -37,10 +37,16 @@ static NTSTATUS netlogon_creds_step_crypt(struct netlogon_creds_CredentialState
const struct netr_Credential *in,
struct netr_Credential *out)
{
NTSTATUS status;
if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
memcpy(out->data, in->data, sizeof(out->data));
netlogon_creds_aes_encrypt(creds, out->data, sizeof(out->data));
status = netlogon_creds_aes_encrypt(creds,
out->data,
sizeof(out->data));
if (!NT_STATUS_IS_OK(status)) {
return status;
}
} else {
des_crypt112(out->data, in->data, creds->session_key, 1);
}

View File

@ -1995,9 +1995,13 @@ static void netlogon_creds_cli_ServerPasswordSet_locked(struct tevent_req *subre
if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_PASSWORD_SET2) {
if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
netlogon_creds_aes_encrypt(&state->tmp_creds,
state->samr_crypt_password.data,
516);
status = netlogon_creds_aes_encrypt(&state->tmp_creds,
state->samr_crypt_password.data,
516);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerPasswordSet_cleanup(req, status);
return;
}
} else {
status = netlogon_creds_arcfour_crypt(&state->tmp_creds,
state->samr_crypt_password.data,
@ -3707,9 +3711,13 @@ static void netlogon_creds_cli_SendToSam_locked(struct tevent_req *subreq)
ZERO_STRUCT(state->rep_auth);
if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
netlogon_creds_aes_encrypt(&state->tmp_creds,
state->opaque.data,
state->opaque.length);
status = netlogon_creds_aes_encrypt(&state->tmp_creds,
state->opaque.data,
state->opaque.length);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_SendToSam_cleanup(req, status);
return;
}
} else {
status = netlogon_creds_arcfour_crypt(&state->tmp_creds,
state->opaque.data,