95 lines
2.9 KiB
Diff
95 lines
2.9 KiB
Diff
From 6546e97d27e45db9cbfd2f7d8c4838b2fd8d6a6a Mon Sep 17 00:00:00 2001
|
|
From: Andreas Schneider <asn@samba.org>
|
|
Date: Thu, 4 Jul 2019 16:22:48 +0200
|
|
Subject: [PATCH 012/187] s3:rpc_client: Use
|
|
samba_gnutls_arcfour_confounded_md5 in init_samr_CryptPasswordEx
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
|
|
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
(cherry picked from commit 2075019ca90d7d474003c87b2f0202239891eba5)
|
|
---
|
|
source3/rpc_client/init_samr.c | 50 ++++++++++------------------------
|
|
1 file changed, 15 insertions(+), 35 deletions(-)
|
|
|
|
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
|
|
index 5f6cbc5d3c7..3968dfea99f 100644
|
|
--- a/source3/rpc_client/init_samr.c
|
|
+++ b/source3/rpc_client/init_samr.c
|
|
@@ -36,56 +36,36 @@ NTSTATUS init_samr_CryptPasswordEx(const char *pwd,
|
|
{
|
|
/* samr_CryptPasswordEx */
|
|
|
|
- uint8_t pwbuf[532];
|
|
- gnutls_hash_hd_t hash_hnd = NULL;
|
|
- uint8_t confounder[16];
|
|
- DATA_BLOB confounded_session_key = data_blob(NULL, 16);
|
|
- NTSTATUS status;
|
|
+ uint8_t _confounder[16] = {0};
|
|
+ DATA_BLOB confounder = data_blob_const(_confounder, 16);
|
|
+ uint8_t pwbuf[532] = {0};
|
|
+ DATA_BLOB encrypt_pwbuf = data_blob_const(pwbuf, 516);
|
|
bool ok;
|
|
int rc;
|
|
|
|
ok = encode_pw_buffer(pwbuf, pwd, STR_UNICODE);
|
|
if (!ok) {
|
|
- status = NT_STATUS_INTERNAL_ERROR;
|
|
- goto out;
|
|
+ return NT_STATUS_INTERNAL_ERROR;
|
|
}
|
|
|
|
- generate_random_buffer((uint8_t *)confounder, 16);
|
|
+ generate_random_buffer(_confounder, sizeof(_confounder));
|
|
|
|
- rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
|
|
+ rc = samba_gnutls_arcfour_confounded_md5(&confounder,
|
|
+ session_key,
|
|
+ &encrypt_pwbuf,
|
|
+ SAMBA_GNUTLS_ENCRYPT);
|
|
if (rc < 0) {
|
|
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
- goto out;
|
|
+ ZERO_ARRAY(_confounder);
|
|
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
}
|
|
|
|
- rc = gnutls_hash(hash_hnd, confounder, 16);
|
|
- if (rc < 0) {
|
|
- gnutls_hash_deinit(hash_hnd, NULL);
|
|
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
- goto out;
|
|
- }
|
|
- rc = gnutls_hash(hash_hnd, session_key->data, session_key->length);
|
|
- if (rc < 0) {
|
|
- gnutls_hash_deinit(hash_hnd, NULL);
|
|
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
- goto out;
|
|
- }
|
|
-
|
|
- gnutls_hash_deinit(hash_hnd, confounded_session_key.data);
|
|
-
|
|
- arcfour_crypt_blob(pwbuf, 516, &confounded_session_key);
|
|
- data_blob_clear_free(&confounded_session_key);
|
|
-
|
|
- memcpy(&pwbuf[516], confounder, 16);
|
|
- ZERO_ARRAY(confounder);
|
|
+ memcpy(&pwbuf[516], confounder.data, confounder.length);
|
|
+ ZERO_ARRAY(_confounder);
|
|
|
|
memcpy(pwd_buf->data, pwbuf, sizeof(pwbuf));
|
|
ZERO_ARRAY(pwbuf);
|
|
|
|
- status = NT_STATUS_OK;
|
|
-out:
|
|
- data_blob_clear_free(&confounded_session_key);
|
|
- return status;
|
|
+ return NT_STATUS_OK;
|
|
}
|
|
|
|
/*************************************************************************
|
|
--
|
|
2.23.0
|
|
|