1
0
mirror of https://github.com/samba-team/samba.git synced 2025-08-29 13:49:30 +03:00

s4:rpc_server/netlogon: make use of netlogon_creds_decrypt_samr_CryptPassword

This will make it easier to implement netr_ServerAuthenticateKerberos() later...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit f1c1b8661a)
This commit is contained in:
Stefan Metzmacher
2024-10-28 16:30:19 +01:00
committed by Jule Anger
parent 51dca749dd
commit 9f36351814

View File

@ -1073,6 +1073,10 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
DATA_BLOB dec_blob = data_blob_null;
DATA_BLOB enc_blob = data_blob_null;
struct samr_CryptPassword password_buf;
enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
dcesrv_call_auth_info(dce_call, &auth_type, &auth_level);
nt_status = dcesrv_netr_creds_server_step_check(dce_call,
mem_ctx,
@ -1090,16 +1094,10 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
memcpy(password_buf.data, r->in.new_password->data, 512);
SIVAL(password_buf.data, 512, r->in.new_password->length);
if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
nt_status = netlogon_creds_aes_decrypt(creds,
password_buf.data,
516);
} else {
nt_status = netlogon_creds_arcfour_crypt(creds,
password_buf.data,
516);
}
nt_status = netlogon_creds_decrypt_samr_CryptPassword(creds,
&password_buf,
auth_type,
auth_level);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}