79 lines
2.8 KiB
Diff
79 lines
2.8 KiB
Diff
From a5149014cc8a0da7b8c664a465f6108c390d127d Mon Sep 17 00:00:00 2001
|
|
From: Andrew Bartlett <abartlet@samba.org>
|
|
Date: Fri, 16 Aug 2019 12:34:28 +1200
|
|
Subject: [PATCH 092/187] libcli:auth Return NTSTATUS from
|
|
netlogon_creds_aes_decrypt()
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
(cherry picked from commit 8ec796f1a1daa444bba06f34a50d2b62ee4a2ef9)
|
|
---
|
|
libcli/auth/credentials.c | 15 ++++++++-------
|
|
libcli/auth/proto.h | 4 +++-
|
|
2 files changed, 11 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
|
|
index cfeab6efdcd..955e08b7385 100644
|
|
--- a/libcli/auth/credentials.c
|
|
+++ b/libcli/auth/credentials.c
|
|
@@ -346,7 +346,7 @@ NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds
|
|
/*
|
|
AES decrypt a password buffer using the session key
|
|
*/
|
|
-void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
|
|
+NTSTATUS netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len)
|
|
{
|
|
#ifdef HAVE_GNUTLS_AES_CFB8
|
|
gnutls_cipher_hd_t cipher_hnd = NULL;
|
|
@@ -370,18 +370,17 @@ void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
&key,
|
|
&iv);
|
|
if (rc < 0) {
|
|
- DBG_ERR("ERROR: gnutls_cipher_init: %s\n",
|
|
- gnutls_strerror(rc));
|
|
- return;
|
|
+ return gnutls_error_to_ntstatus(rc,
|
|
+ NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
}
|
|
|
|
rc = gnutls_cipher_decrypt(cipher_hnd, data, len);
|
|
gnutls_cipher_deinit(cipher_hnd);
|
|
if (rc < 0) {
|
|
- DBG_ERR("ERROR: gnutls_cipher_decrypt: %s\n",
|
|
- gnutls_strerror(rc));
|
|
- return;
|
|
+ return gnutls_error_to_ntstatus(rc,
|
|
+ NT_STATUS_CRYPTO_SYSTEM_INVALID);
|
|
}
|
|
+
|
|
#else /* NOT HAVE_GNUTLS_AES_CFB8 */
|
|
AES_KEY key;
|
|
uint8_t iv[AES_BLOCK_SIZE] = {0};
|
|
@@ -390,6 +389,8 @@ void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, ui
|
|
|
|
aes_cfb8_encrypt(data, data, len, &key, iv, AES_DECRYPT);
|
|
#endif /* HAVE_GNUTLS_AES_CFB8 */
|
|
+
|
|
+ return NT_STATUS_OK;
|
|
}
|
|
|
|
/*****************************************************************
|
|
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
|
|
index 639a50425e5..714652bdb76 100644
|
|
--- a/libcli/auth/proto.h
|
|
+++ b/libcli/auth/proto.h
|
|
@@ -21,7 +21,9 @@ NTSTATUS netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *cre
|
|
NTSTATUS netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds,
|
|
uint8_t *data,
|
|
size_t len);
|
|
-void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len);
|
|
+NTSTATUS netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds,
|
|
+ uint8_t *data,
|
|
+ size_t len);
|
|
|
|
/*****************************************************************
|
|
The above functions are common to the client and server interface
|
|
--
|
|
2.23.0
|
|
|