summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2012-11-29 21:35:04 +0100
committerStefan Metzmacher <metze@samba.org>2012-12-09 19:39:07 +0100
commit1362d542df715aa31e9b818ee8783b5ee35f8870 (patch)
tree601d687f60dcf3de3d8a4ab531a16251c71df133
parent64345018cda744d16b123d6ef5c4a982340484dc (diff)
downloadsamba-1362d542df715aa31e9b818ee8783b5ee35f8870.tar.gz
samba-1362d542df715aa31e9b818ee8783b5ee35f8870.tar.bz2
samba-1362d542df715aa31e9b818ee8783b5ee35f8870.zip
s3-rpc_server: support AES decryption in netr_ServerPasswordSet2 server.
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r--source3/rpc_server/netlogon/srv_netlog_nt.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index d992a65561..5fc2756963 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1332,7 +1332,12 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
memcpy(password_buf.data, r->in.new_password->data, 512);
SIVAL(password_buf.data, 512, r->in.new_password->length);
- netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
+
+ if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
+ netlogon_creds_aes_decrypt(creds, password_buf.data, 516);
+ } else {
+ netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
+ }
if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) {
TALLOC_FREE(creds);