summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-04-24 16:00:18 +0200
committerAndreas Schneider <asn@samba.org>2013-08-05 10:30:01 +0200
commit9d548318da11247ffe8acf505cdb5299090c16f0 (patch)
tree996454f93fc3a9dcfbc65d236d7aea91f7309ebc
parent2ea749a1a43a6539b01d36dbe0402a99619444e1 (diff)
downloadsamba-9d548318da11247ffe8acf505cdb5299090c16f0.tar.gz
samba-9d548318da11247ffe8acf505cdb5299090c16f0.tar.bz2
samba-9d548318da11247ffe8acf505cdb5299090c16f0.zip
s4:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c28
1 files changed, 6 insertions, 22 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index d463e85af1..5cc3b34dbf 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -629,29 +629,15 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
user_info = talloc_zero(mem_ctx, struct auth_usersupplied_info);
NT_STATUS_HAVE_NO_MEMORY(user_info);
+ netlogon_creds_decrypt_samlogon_logon(creds,
+ r->in.logon_level,
+ r->in.logon);
+
switch (r->in.logon_level) {
case NetlogonInteractiveInformation:
case NetlogonServiceInformation:
case NetlogonInteractiveTransitiveInformation:
case NetlogonServiceTransitiveInformation:
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_decrypt(creds,
- r->in.logon->password->lmpassword.hash,
- sizeof(r->in.logon->password->lmpassword.hash));
- netlogon_creds_aes_decrypt(creds,
- r->in.logon->password->ntpassword.hash,
- sizeof(r->in.logon->password->ntpassword.hash));
- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds,
- r->in.logon->password->lmpassword.hash,
- sizeof(r->in.logon->password->lmpassword.hash));
- netlogon_creds_arcfour_crypt(creds,
- r->in.logon->password->ntpassword.hash,
- sizeof(r->in.logon->password->ntpassword.hash));
- } else {
- netlogon_creds_des_decrypt(creds, &r->in.logon->password->lmpassword);
- netlogon_creds_des_decrypt(creds, &r->in.logon->password->ntpassword);
- }
/* TODO: we need to deny anonymous access here */
nt_status = auth_context_create(mem_ctx,
@@ -705,11 +691,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
case NetlogonGenericInformation:
{
if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_decrypt(creds,
- r->in.logon->generic->data, r->in.logon->generic->length);
+ /* OK */
} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds,
- r->in.logon->generic->data, r->in.logon->generic->length);
+ /* OK */
} else {
/* Using DES to verify kerberos tickets makes no sense */
return NT_STATUS_INVALID_PARAMETER;