summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-06-05 03:14:59 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:29 -0500
commitae067cdaf70c7725237ec58b5e23bc6f525594c2 (patch)
treeed48a2f95f0114771c32a5bc5feafbfdd56a628d
parent306fcbd06340af692cc9b2c76334de672e4006a5 (diff)
downloadsamba-ae067cdaf70c7725237ec58b5e23bc6f525594c2.tar.gz
samba-ae067cdaf70c7725237ec58b5e23bc6f525594c2.tar.bz2
samba-ae067cdaf70c7725237ec58b5e23bc6f525594c2.zip
r1024: Use samr_Password for the machine password here - this ensures we can
never pass in something of the wrong length. Andrew Bartlett (This used to be commit d6999ea9c07d8652b0d63147e7294bc35e7063fe)
-rw-r--r--source4/libcli/auth/credentials.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c
index e0989eff4b..1d4db74633 100644
--- a/source4/libcli/auth/credentials.c
+++ b/source4/libcli/auth/credentials.c
@@ -31,7 +31,7 @@
static void creds_init_64bit(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
- const uint8_t machine_password[16])
+ const struct samr_Password *machine_password)
{
uint32_t sum[2];
uint8_t sum2[8];
@@ -44,7 +44,7 @@ static void creds_init_64bit(struct creds_CredentialState *creds,
ZERO_STRUCT(creds->session_key);
- des_crypt128(creds->session_key, sum2, machine_password);
+ des_crypt128(creds->session_key, sum2, machine_password->hash);
des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1);
des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1);
@@ -60,7 +60,7 @@ static void creds_init_64bit(struct creds_CredentialState *creds,
static void creds_init_128bit(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
- const uint8_t machine_password[16])
+ const struct samr_Password *machine_password)
{
unsigned char zero[4], tmp[16];
HMACMD5Context ctx;
@@ -70,13 +70,13 @@ static void creds_init_128bit(struct creds_CredentialState *creds,
memset(zero, 0, sizeof(zero));
- hmac_md5_init_rfc2104(machine_password, 16, &ctx);
+ hmac_md5_init_rfc2104(machine_password->hash, sizeof(machine_password->hash), &ctx);
MD5Init(&md5);
MD5Update(&md5, zero, sizeof(zero));
MD5Update(&md5, client_challenge->data, 8);
MD5Update(&md5, server_challenge->data, 8);
MD5Final(tmp, &md5);
- hmac_md5_update(tmp, 16, &ctx);
+ hmac_md5_update(tmp, sizeof(tmp), &ctx);
hmac_md5_final(creds->session_key, &ctx);
creds->client = *client_challenge;
@@ -169,7 +169,7 @@ next comes the client specific functions
void creds_client_init(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
- const uint8_t machine_password[16],
+ const struct samr_Password *machine_password,
struct netr_Credential *initial_credential,
uint32_t negotiate_flags)
{
@@ -178,7 +178,7 @@ void creds_client_init(struct creds_CredentialState *creds,
dump_data_pw("Client chall", client_challenge->data, sizeof(client_challenge->data));
dump_data_pw("Server chall", server_challenge->data, sizeof(server_challenge->data));
- dump_data_pw("Machine Pass", machine_password, 16);
+ dump_data_pw("Machine Pass", machine_password->hash, sizeof(machine_password->hash));
if (negotiate_flags & NETLOGON_NEG_128BIT) {
creds_init_128bit(creds, client_challenge, server_challenge, machine_password);
@@ -236,7 +236,7 @@ next comes the server specific functions
void creds_server_init(struct creds_CredentialState *creds,
const struct netr_Credential *client_challenge,
const struct netr_Credential *server_challenge,
- const uint8_t machine_password[16],
+ const struct samr_Password *machine_password,
struct netr_Credential *initial_credential,
uint32_t negotiate_flags)
{