1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

libcli/auth: make use of netlogon_creds_{de,en}crypt_samr_Password

This will make it easier to implement netr_ServerAuthenticateKerberos() later...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Stefan Metzmacher 2024-10-28 17:19:09 +01:00 committed by Douglas Bagnall
parent 2bd77ff731
commit e92d0509d6

View File

@ -2375,8 +2375,10 @@ static void netlogon_creds_cli_ServerPasswordSet_locked(struct tevent_req *subre
return;
}
} else {
status = netlogon_creds_des_encrypt(&state->tmp_creds,
&state->samr_password);
status = netlogon_creds_encrypt_samr_Password(&state->tmp_creds,
&state->samr_password,
state->auth_type,
state->auth_level);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerPasswordSet_cleanup(req, status);
return;
@ -3518,8 +3520,6 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq
struct netlogon_creds_cli_ServerGetTrustInfo_state);
NTSTATUS status;
NTSTATUS result;
const struct samr_Password zero = {};
bool cmp;
bool ok;
/*
@ -3545,25 +3545,21 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq
return;
}
cmp = mem_equal_const_time(state->new_owf_password.hash,
zero.hash, sizeof(zero.hash));
if (!cmp) {
status = netlogon_creds_des_decrypt(&state->tmp_creds,
&state->new_owf_password);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return;
}
status = netlogon_creds_decrypt_samr_Password(&state->tmp_creds,
&state->new_owf_password,
state->auth_type,
state->auth_level);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return;
}
cmp = mem_equal_const_time(state->old_owf_password.hash,
zero.hash, sizeof(zero.hash));
if (!cmp) {
status = netlogon_creds_des_decrypt(&state->tmp_creds,
&state->old_owf_password);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return;
}
status = netlogon_creds_decrypt_samr_Password(&state->tmp_creds,
&state->old_owf_password,
state->auth_type,
state->auth_level);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return;
}
*state->creds = state->tmp_creds;