diff options
author | Stefan Metzmacher <metze@samba.org> | 2013-04-24 16:00:44 +0200 |
---|---|---|
committer | Andreas Schneider <asn@samba.org> | 2013-08-05 10:30:01 +0200 |
commit | 7b3ddd1a0bb41fe84c115555113362044620e484 (patch) | |
tree | 3c47a95d0473ec98cbf86a510e8ab6bee062cdcf | |
parent | 9d548318da11247ffe8acf505cdb5299090c16f0 (diff) | |
download | samba-7b3ddd1a0bb41fe84c115555113362044620e484.tar.gz samba-7b3ddd1a0bb41fe84c115555113362044620e484.tar.bz2 samba-7b3ddd1a0bb41fe84c115555113362044620e484.zip |
s3:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r-- | source3/rpc_server/netlogon/srv_netlog_nt.c | 45 |
1 files changed, 21 insertions, 24 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index 6a6c125da9..4f66dfe0de 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1467,6 +1467,15 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, struct auth_context *auth_context = NULL; const char *fn; +#ifdef DEBUG_PASSWORD + logon = netlogon_creds_shallow_copy_logon(p->mem_ctx, + r->in.logon_level, + r->in.logon); + if (logon == NULL) { + logon = r->in.logon; + } +#endif + switch (p->opnum) { case NDR_NETR_LOGONSAMLOGON: fn = "_netr_LogonSamLogon"; @@ -1547,6 +1556,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, status = NT_STATUS_OK; + netlogon_creds_decrypt_samlogon_logon(creds, + r->in.logon_level, + logon); + switch (r->in.logon_level) { case NetlogonNetworkInformation: case NetlogonNetworkTransitiveInformation: @@ -1592,32 +1605,16 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, uint8_t chal[8]; #ifdef DEBUG_PASSWORD - DEBUG(100,("lm owf password:")); - dump_data(100, logon->password->lmpassword.hash, 16); - - DEBUG(100,("nt owf password:")); - dump_data(100, logon->password->ntpassword.hash, 16); -#endif - if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - netlogon_creds_aes_decrypt(creds, - logon->password->lmpassword.hash, - 16); - netlogon_creds_aes_decrypt(creds, - logon->password->ntpassword.hash, - 16); - } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { - netlogon_creds_arcfour_crypt(creds, - logon->password->lmpassword.hash, - 16); - netlogon_creds_arcfour_crypt(creds, - logon->password->ntpassword.hash, - 16); - } else { - netlogon_creds_des_decrypt(creds, &logon->password->lmpassword); - netlogon_creds_des_decrypt(creds, &logon->password->ntpassword); + if (logon != r->in.logon) { + DEBUG(100,("lm owf password:")); + dump_data(100, + r->in.logon->password->lmpassword.hash, 16); + + DEBUG(100,("nt owf password:")); + dump_data(100, + r->in.logon->password->ntpassword.hash, 16); } -#ifdef DEBUG_PASSWORD DEBUG(100,("decrypt of lm owf password:")); dump_data(100, logon->password->lmpassword.hash, 16); |