sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

libcli/auth: make use of netlogon_creds_{de,en}crypt_samr_Password

Browse Source 
This will make it easier to implement netr_ServerAuthenticateKerberos() later...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Stefan Metzmacher 2024-10-28 17:19:09 +01:00 committed by Douglas Bagnall
parent 2bd77ff731
commit e92d0509d6
1 changed files with 18 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
libcli/auth/netlogon_creds_cli.c
View File

@ -2375,8 +2375,10 @@ static void netlogon_creds_cli_ServerPasswordSet_locked(struct tevent_req *subre
return; return;
} }
} else { } else {
status = netlogon_creds_des_encrypt(&state->tmp_creds, status = netlogon_creds_encrypt_samr_Password(&state->tmp_creds,
&state->samr_password); &state->samr_password,
state->auth_type,
state->auth_level);
if (tevent_req_nterror(req, status)) { if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerPasswordSet_cleanup(req, status); netlogon_creds_cli_ServerPasswordSet_cleanup(req, status);
return; return;
@ -3518,8 +3520,6 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq
struct netlogon_creds_cli_ServerGetTrustInfo_state); struct netlogon_creds_cli_ServerGetTrustInfo_state);
NTSTATUS status; NTSTATUS status;
NTSTATUS result; NTSTATUS result;
const struct samr_Password zero = {};
bool cmp;
bool ok; bool ok;
/* /*
@ -3545,26 +3545,22 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq
return; return;
} }
cmp = mem_equal_const_time(state->new_owf_password.hash, status = netlogon_creds_decrypt_samr_Password(&state->tmp_creds,
zero.hash, sizeof(zero.hash)); &state->new_owf_password,
if (!cmp) { state->auth_type,
status = netlogon_creds_des_decrypt(&state->tmp_creds, state->auth_level);
&state->new_owf_password);
if (tevent_req_nterror(req, status)) { if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status); netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return; return;
} }
} status = netlogon_creds_decrypt_samr_Password(&state->tmp_creds,
cmp = mem_equal_const_time(state->old_owf_password.hash, &state->old_owf_password,
zero.hash, sizeof(zero.hash)); state->auth_type,
if (!cmp) { state->auth_level);
status = netlogon_creds_des_decrypt(&state->tmp_creds,
&state->old_owf_password);
if (tevent_req_nterror(req, status)) { if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status); netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, status);
return; return;
} }
}
*state->creds = state->tmp_creds; *state->creds = state->tmp_creds;
status = netlogon_creds_cli_store(state->context, status = netlogon_creds_cli_store(state->context,