samba/SOURCES/0074-libcli-auth-Use-generate_secret_buffer-for-netlogon-.patch
2021-10-08 16:37:00 +00:00

35 lines
1.3 KiB
Diff

From 34c4199f21f5d2dfbf3d732fd4da7be390ce095b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 31 Jul 2019 15:44:24 +0200
Subject: [PATCH 074/187] libcli:auth: Use generate_secret_buffer() for
netlogon challenge
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184
(cherry picked from commit c3ba556f52b15dd80efc26e4fb8f43ce2ee3a7f0)
---
libcli/auth/netlogon_creds_cli.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 50a5f50a57d..18143ca36d0 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,7 +1177,8 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
TALLOC_FREE(state->creds);
- generate_random_buffer(state->client_challenge.data,
+ /* We need to use a CSPRNG which reseeds for generating session keys. */
+ generate_secret_buffer(state->client_challenge.data,
sizeof(state->client_challenge.data));
subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
--
2.23.0