mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c
This will avoid getting rejected by the server if we generate a weak challenge. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
parent
355efadc6a
commit
46642fd32d
@ -1177,8 +1177,7 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
|
||||
|
||||
TALLOC_FREE(state->creds);
|
||||
|
||||
generate_random_buffer(state->client_challenge.data,
|
||||
sizeof(state->client_challenge.data));
|
||||
netlogon_creds_random_challenge(&state->client_challenge);
|
||||
|
||||
subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
|
||||
state->binding_handle,
|
||||
|
Loading…
Reference in New Issue
Block a user