From 7b3ddd1a0bb41fe84c115555113362044620e484 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 24 Apr 2013 16:00:44 +0200 Subject: [PATCH] s3:netlogon: make use of netlogon_creds_decrypt_samlogon_logon() Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider --- source3/rpc_server/netlogon/srv_netlog_nt.c | 43 ++++++++++----------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index 6a6c125da9a..4f66dfe0de5 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1467,6 +1467,15 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, struct auth_context *auth_context = NULL; const char *fn; +#ifdef DEBUG_PASSWORD + logon = netlogon_creds_shallow_copy_logon(p->mem_ctx, + r->in.logon_level, + r->in.logon); + if (logon == NULL) { + logon = r->in.logon; + } +#endif + switch (p->opnum) { case NDR_NETR_LOGONSAMLOGON: fn = "_netr_LogonSamLogon"; @@ -1547,6 +1556,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, status = NT_STATUS_OK; + netlogon_creds_decrypt_samlogon_logon(creds, + r->in.logon_level, + logon); + switch (r->in.logon_level) { case NetlogonNetworkInformation: case NetlogonNetworkTransitiveInformation: @@ -1592,32 +1605,16 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, uint8_t chal[8]; #ifdef DEBUG_PASSWORD - DEBUG(100,("lm owf password:")); - dump_data(100, logon->password->lmpassword.hash, 16); + if (logon != r->in.logon) { + DEBUG(100,("lm owf password:")); + dump_data(100, + r->in.logon->password->lmpassword.hash, 16); - DEBUG(100,("nt owf password:")); - dump_data(100, logon->password->ntpassword.hash, 16); -#endif - if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - netlogon_creds_aes_decrypt(creds, - logon->password->lmpassword.hash, - 16); - netlogon_creds_aes_decrypt(creds, - logon->password->ntpassword.hash, - 16); - } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { - netlogon_creds_arcfour_crypt(creds, - logon->password->lmpassword.hash, - 16); - netlogon_creds_arcfour_crypt(creds, - logon->password->ntpassword.hash, - 16); - } else { - netlogon_creds_des_decrypt(creds, &logon->password->lmpassword); - netlogon_creds_des_decrypt(creds, &logon->password->ntpassword); + DEBUG(100,("nt owf password:")); + dump_data(100, + r->in.logon->password->ntpassword.hash, 16); } -#ifdef DEBUG_PASSWORD DEBUG(100,("decrypt of lm owf password:")); dump_data(100, logon->password->lmpassword.hash, 16);