From 97f9ec9431ebf22ae06f61c97c183e04b59d6e7f Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 29 May 2019 17:16:26 +0200 Subject: [PATCH 009/187] s3:rpc_client: Return NTSTATUS for init_samr_CryptPasswordEx() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit 7915a48e53c8f72ba56da2f433427b961feeb16f) --- source3/lib/netapi/user.c | 9 ++++--- source3/libnet/libnet_join.c | 9 ++++--- source3/rpc_client/init_samr.c | 27 +++++++++++++++------ source3/rpc_client/init_samr.h | 6 ++--- source3/rpc_server/netlogon/srv_netlog_nt.c | 9 ++++--- source3/rpcclient/cmd_samr.c | 5 +++- 6 files changed, 44 insertions(+), 21 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 2136ef47ee6..827b7902040 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -313,9 +313,12 @@ static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, user_info.info25.info = info21; - init_samr_CryptPasswordEx(uX->usriX_password, - session_key, - &user_info.info25.password); + status = init_samr_CryptPasswordEx(uX->usriX_password, + session_key, + &user_info.info25.password); + if (!NT_STATUS_IS_OK(status)) { + return status; + } status = dcerpc_samr_SetUserInfo2(b, talloc_tos(), user_handle, diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index abf8672d050..eb8e0ea17f7 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1553,9 +1553,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, */ old_timeout = rpccli_set_timeout(pipe_hnd, 600000); - init_samr_CryptPasswordEx(r->in.machine_password, - &session_key, - &crypt_pwd_ex); + status = init_samr_CryptPasswordEx(r->in.machine_password, + &session_key, + &crypt_pwd_ex); + if (!NT_STATUS_IS_OK(status)) { + goto error; + } user_info.info26.password = crypt_pwd_ex; user_info.info26.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c index 8b41ec2f10f..5f6cbc5d3c7 100644 --- a/source3/rpc_client/init_samr.c +++ b/source3/rpc_client/init_samr.c @@ -22,6 +22,7 @@ #include "../lib/crypto/arcfour.h" #include "rpc_client/init_samr.h" +#include "lib/crypto/gnutls_helpers.h" #include #include @@ -29,9 +30,9 @@ inits a samr_CryptPasswordEx structure *************************************************************************/ -void init_samr_CryptPasswordEx(const char *pwd, - DATA_BLOB *session_key, - struct samr_CryptPasswordEx *pwd_buf) +NTSTATUS init_samr_CryptPasswordEx(const char *pwd, + DATA_BLOB *session_key, + struct samr_CryptPasswordEx *pwd_buf) { /* samr_CryptPasswordEx */ @@ -39,42 +40,52 @@ void init_samr_CryptPasswordEx(const char *pwd, gnutls_hash_hd_t hash_hnd = NULL; uint8_t confounder[16]; DATA_BLOB confounded_session_key = data_blob(NULL, 16); + NTSTATUS status; + bool ok; int rc; - encode_pw_buffer(pwbuf, pwd, STR_UNICODE); + ok = encode_pw_buffer(pwbuf, pwd, STR_UNICODE); + if (!ok) { + status = NT_STATUS_INTERNAL_ERROR; + goto out; + } generate_random_buffer((uint8_t *)confounder, 16); rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5); if (rc < 0) { + status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED); goto out; } rc = gnutls_hash(hash_hnd, confounder, 16); if (rc < 0) { gnutls_hash_deinit(hash_hnd, NULL); + status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED); goto out; } rc = gnutls_hash(hash_hnd, session_key->data, session_key->length); if (rc < 0) { gnutls_hash_deinit(hash_hnd, NULL); + status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED); goto out; } gnutls_hash_deinit(hash_hnd, confounded_session_key.data); arcfour_crypt_blob(pwbuf, 516, &confounded_session_key); - ZERO_ARRAY_LEN(confounded_session_key.data, - confounded_session_key.length); - data_blob_free(&confounded_session_key); + data_blob_clear_free(&confounded_session_key); memcpy(&pwbuf[516], confounder, 16); ZERO_ARRAY(confounder); memcpy(pwd_buf->data, pwbuf, sizeof(pwbuf)); ZERO_ARRAY(pwbuf); + + status = NT_STATUS_OK; out: - return; + data_blob_clear_free(&confounded_session_key); + return status; } /************************************************************************* diff --git a/source3/rpc_client/init_samr.h b/source3/rpc_client/init_samr.h index 4214ab55a04..3f0dc847dd2 100644 --- a/source3/rpc_client/init_samr.h +++ b/source3/rpc_client/init_samr.h @@ -22,9 +22,9 @@ /* The following definitions come from rpc_client/init_samr.c */ -void init_samr_CryptPasswordEx(const char *pwd, - DATA_BLOB *session_key, - struct samr_CryptPasswordEx *pwd_buf); +NTSTATUS init_samr_CryptPasswordEx(const char *pwd, + DATA_BLOB *session_key, + struct samr_CryptPasswordEx *pwd_buf); NTSTATUS init_samr_CryptPassword(const char *pwd, DATA_BLOB *session_key, struct samr_CryptPassword *pwd_buf); diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index c9aaa90cbb9..d5267bf7062 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1226,9 +1226,12 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, infolevel = UserInternal5InformationNew; - init_samr_CryptPasswordEx(cr->creds.password, - &session_key, - &info26.password); + status = init_samr_CryptPasswordEx(cr->creds.password, + &session_key, + &info26.password); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } info26.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; info->info26 = info26; diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index ccaec1ada40..b1b7c06515c 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -3067,7 +3067,10 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(status)) { return status; } - init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex); + status = init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex); + if (!NT_STATUS_IS_OK(status)) { + return status; + } nt_lm_owf_gen(param, nt_hash, lm_hash); switch (level) { -- 2.23.0