sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

session: convert sess_crypt_blob to use gnutls

Browse Source 
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Isaac Boukris 2019-11-21 14:02:03 +01:00 committed by Andrew Bartlett
parent dcc33103d5
commit a75ca8d5d5
8 changed files with 108 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libcli/auth/proto.h
View File

@ -90,8 +90,8 @@ union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
/* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c */
void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
bool forward);
int sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
enum samba_gnutls_direction encrypt);
DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key);
char *sess_decrypt_string(TALLOC_CTX *mem_ctx,
DATA_BLOB *blob, const DATA_BLOB *session_key);

42
libcli/auth/session.c
View File

@ -29,10 +29,10 @@
before calling, the out blob must be initialised to be the same size
as the in blob
*/
void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
bool forward)
int sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
enum samba_gnutls_direction encrypt)
{
int i, k;
int i, k, rc;
for (i=0,k=0;
i<in->length;
@ -47,10 +47,14 @@ void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *sessi
}
memcpy(key, &session_key->data[k], 7);
des_crypt56(bout, bin, key, forward?1:0);
rc = des_crypt56_gnutls(bout, bin, key, encrypt);
if (rc != 0) {
return rc;
}
memcpy(&out->data[i], bout, MIN(8, in->length-i));
}
return 0;
}
@ -67,6 +71,7 @@ DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key)
DATA_BLOB ret, src;
int slen = strlen(str);
int dlen = (slen+7) & ~7;
int rc;
src = data_blob(NULL, 8+dlen);
if (!src.data) {
@ -84,9 +89,13 @@ DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key)
memset(src.data+8, 0, dlen);
memcpy(src.data+8, str, slen);
sess_crypt_blob(&ret, &src, session_key, true);
rc = sess_crypt_blob(&ret, &src, session_key, SAMBA_GNUTLS_ENCRYPT);
data_blob_free(&src);
if (rc != 0) {
data_blob_free(&ret);
return data_blob(NULL, 0);
}
return ret;
}
@ -100,7 +109,7 @@ char *sess_decrypt_string(TALLOC_CTX *mem_ctx,
DATA_BLOB *blob, const DATA_BLOB *session_key)
{
DATA_BLOB out;
int slen;
int rc, slen;
char *ret;
if (blob->length < 8) {
@ -112,7 +121,11 @@ char *sess_decrypt_string(TALLOC_CTX *mem_ctx,
return NULL;
}
sess_crypt_blob(&out, blob, session_key, false);
rc = sess_crypt_blob(&out, blob, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
data_blob_free(&out);
return NULL;
}
if (IVAL(out.data, 4) != 1) {
DEBUG(0,("Unexpected revision number %d in session crypted string\n",
@ -149,6 +162,7 @@ DATA_BLOB sess_encrypt_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob_in, const DATA_
{
DATA_BLOB ret, src;
int dlen = (blob_in->length+7) & ~7;
int rc;
src = data_blob_talloc(mem_ctx, NULL, 8+dlen);
if (!src.data) {
@ -166,9 +180,13 @@ DATA_BLOB sess_encrypt_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob_in, const DATA_
memset(src.data+8, 0, dlen);
memcpy(src.data+8, blob_in->data, blob_in->length);
sess_crypt_blob(&ret, &src, session_key, true);
rc = sess_crypt_blob(&ret, &src, session_key, SAMBA_GNUTLS_ENCRYPT);
data_blob_free(&src);
if (rc != 0) {
data_blob_free(&ret);
return data_blob(NULL, 0);
}
return ret;
}
@ -180,7 +198,7 @@ NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DAT
DATA_BLOB *ret)
{
DATA_BLOB out;
int slen;
int rc, slen;
if (blob->length < 8) {
DEBUG(0, ("Unexpected length %d in session crypted secret (BLOB)\n",
@ -193,7 +211,11 @@ NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DAT
return NT_STATUS_NO_MEMORY;
}
sess_crypt_blob(&out, blob, session_key, false);
rc = sess_crypt_blob(&out, blob, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
data_blob_free(&out);
return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
if (IVAL(out.data, 4) != 1) {
DEBUG(2,("Unexpected revision number %d in session crypted secret (BLOB)\n",

7
libcli/auth/tests/test_gnutls.c
View File

@ -494,11 +494,14 @@ static void torture_gnutls_sess_crypt_blob(void **state)
};
DATA_BLOB crypt = data_blob(NULL, 24);
DATA_BLOB decrypt = data_blob(NULL, 24);
int rc;
sess_crypt_blob(&crypt, &clear, &key, true);
rc = sess_crypt_blob(&crypt, &clear, &key, SAMBA_GNUTLS_ENCRYPT);
assert_int_equal(rc, 0);
assert_memory_equal(crypt.data, crypt_expected, 24);
sess_crypt_blob(&decrypt, &crypt, &key, false);
rc = sess_crypt_blob(&decrypt, &crypt, &key, SAMBA_GNUTLS_DECRYPT);
assert_int_equal(rc, 0);
assert_memory_equal(decrypt.data, clear.data, 24);
}

7
source3/rpc_server/netlogon/srv_netlog_nt.c
View File

@ -1220,7 +1220,12 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx,
status = NT_STATUS_NO_MEMORY;
goto out;
}
sess_crypt_blob(&out, &in, &session_key, true);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
if (rc != 0) {
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
goto out;
}
memcpy(info18.nt_pwd.hash, out.data, out.length);
info18.nt_pwd_active = true;

27
source3/rpc_server/samr/srv_samr_nt.c
View File

@ -4422,6 +4422,8 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
DATA_BLOB *session_key,
struct samu *pwd)
{
int rc;
if (id18 == NULL) {
DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
return NT_STATUS_INVALID_PARAMETER;
@ -4440,7 +4442,11 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
in = data_blob_const(id18->nt_pwd.hash, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, session_key, false);
rc = sess_crypt_blob(&out, &in, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) {
return NT_STATUS_ACCESS_DENIED;
@ -4456,7 +4462,11 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
in = data_blob_const(id18->lm_pwd.hash, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, session_key, false);
rc = sess_crypt_blob(&out, &in, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) {
return NT_STATUS_ACCESS_DENIED;
@ -4498,6 +4508,7 @@ static NTSTATUS set_user_info_21(struct samr_UserInfo21 *id21,
struct samu *pwd)
{
NTSTATUS status;
int rc;
if (id21 == NULL) {
DEBUG(5, ("set_user_info_21: NULL id21\n"));
@ -4528,7 +4539,11 @@ static NTSTATUS set_user_info_21(struct samr_UserInfo21 *id21,
in = data_blob_const(id21->nt_owf_password.array, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, session_key, false);
rc = sess_crypt_blob(&out, &in, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED);
pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
@ -4551,7 +4566,11 @@ static NTSTATUS set_user_info_21(struct samr_UserInfo21 *id21,
in = data_blob_const(id21->lm_owf_password.array, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, session_key, false);
rc = sess_crypt_blob(&out, &in, session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED);
pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);

25
source3/rpcclient/cmd_samr.c
View File

@ -3133,6 +3133,7 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
uint8_t password_expired = 0;
struct dcerpc_binding_handle *b = cli->binding_handle;
TALLOC_CTX *frame = NULL;
int rc;
if (argc < 4) {
printf("Usage: %s username level password [password_expired]\n",
@ -3175,7 +3176,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
status = NT_STATUS_NO_MEMORY;
goto done;
}
sess_crypt_blob(&out, &in, &session_key, true);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
if (rc != 0) {
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
memcpy(nt_hash, out.data, out.length);
}
{
@ -3186,7 +3191,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
status = NT_STATUS_NO_MEMORY;
goto done;
}
sess_crypt_blob(&out, &in, &session_key, true);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
if (rc != 0) {
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
memcpy(lm_hash, out.data, out.length);
}
@ -3223,7 +3232,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
status = NT_STATUS_NO_MEMORY;
goto done;
}
sess_crypt_blob(&out, &in, &session_key, true);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
if (rc != 0) {
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
info.info21.nt_owf_password.array =
(uint16_t *)talloc_memdup(frame, out.data, 16);
}
@ -3231,7 +3244,11 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
DATA_BLOB in,out;
in = data_blob_const(lm_hash, 16);
out = data_blob_talloc_zero(frame, 16);
sess_crypt_blob(&out, &in, &session_key, true);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
if (rc != 0) {
status = gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
info.info21.lm_owf_password.array =
(uint16_t *)talloc_memdup(frame, out.data, 16);
if (out.data == NULL) {

13
source4/rpc_server/samr/samr_password.c
View File

@ -740,6 +740,7 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
DATA_BLOB session_key = data_blob(NULL, 0);
DATA_BLOB in, out;
NTSTATUS nt_status = NT_STATUS_OK;
int rc;
nt_status = dcesrv_transport_session_key(dce_call, &session_key);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_USER_SESSION_KEY)) {
@ -764,7 +765,11 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
in = data_blob_const(lm_pwd_hash, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, &session_key, false);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
d_lm_pwd_hash = (struct samr_Password *) out.data;
}
@ -772,7 +777,11 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
in = data_blob_const(nt_pwd_hash, 16);
out = data_blob_talloc_zero(mem_ctx, 16);
sess_crypt_blob(&out, &in, &session_key, false);
rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_DECRYPT);
if (rc != 0) {
return gnutls_error_to_ntstatus(rc,
NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
}
d_nt_pwd_hash = (struct samr_Password *) out.data;
}

16
source4/torture/rpc/samr.c
View File

@ -1007,14 +1007,14 @@ static bool test_SetUserPass_18(struct dcerpc_pipe *p, struct torture_context *t
DATA_BLOB in,out;
in = data_blob_const(nt_hash, 16);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
memcpy(u.info18.nt_pwd.hash, out.data, out.length);
}
{
DATA_BLOB in,out;
in = data_blob_const(lm_hash, 16);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
memcpy(u.info18.lm_pwd.hash, out.data, out.length);
}
@ -1096,7 +1096,7 @@ static bool test_SetUserPass_21(struct dcerpc_pipe *p, struct torture_context *t
in = data_blob_const(u.info21.lm_owf_password.array,
u.info21.lm_owf_password.length);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
u.info21.lm_owf_password.array = (uint16_t *)out.data;
}
@ -1105,7 +1105,7 @@ static bool test_SetUserPass_21(struct dcerpc_pipe *p, struct torture_context *t
in = data_blob_const(u.info21.nt_owf_password.array,
u.info21.nt_owf_password.length);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
u.info21.nt_owf_password.array = (uint16_t *)out.data;
}
@ -1272,14 +1272,14 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
DATA_BLOB in,out;
in = data_blob_const(u.info18.nt_pwd.hash, 16);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
memcpy(u.info18.nt_pwd.hash, out.data, out.length);
}
{
DATA_BLOB in,out;
in = data_blob_const(u.info18.lm_pwd.hash, 16);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
memcpy(u.info18.lm_pwd.hash, out.data, out.length);
}
@ -1290,7 +1290,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
in = data_blob_const(u.info21.lm_owf_password.array,
u.info21.lm_owf_password.length);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
u.info21.lm_owf_password.array = (uint16_t *)out.data;
}
if (fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) {
@ -1298,7 +1298,7 @@ static bool test_SetUserPass_level_ex(struct dcerpc_pipe *p,
in = data_blob_const(u.info21.nt_owf_password.array,
u.info21.nt_owf_password.length);
out = data_blob_talloc_zero(tctx, 16);
sess_crypt_blob(&out, &in, &session_key, true);
sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
u.info21.nt_owf_password.array = (uint16_t *)out.data;
}
break;