1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()

It's good to have just a single isolated function that will generate
random challenges, in future we can add some logic in order to
avoid weak values, which are likely to be rejected by a server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
Stefan Metzmacher 2020-09-16 16:04:57 +02:00
parent 380938b00f
commit b813cdcac3
2 changed files with 8 additions and 0 deletions

View File

@ -33,6 +33,12 @@
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
void netlogon_creds_random_challenge(struct netr_Credential *challenge)
{
ZERO_STRUCTP(challenge);
generate_random_buffer(challenge->data, sizeof(challenge->data));
}
static NTSTATUS netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds,
const struct netr_Credential *in,
struct netr_Credential *out)

View File

@ -13,6 +13,8 @@
/* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/credentials.c */
void netlogon_creds_random_challenge(struct netr_Credential *challenge);
NTSTATUS netlogon_creds_des_encrypt_LMKey(struct netlogon_creds_CredentialState *creds,
struct netr_LMSessionKey *key);
NTSTATUS netlogon_creds_des_decrypt_LMKey(struct netlogon_creds_CredentialState *creds,