summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2012-12-11 23:53:22 +0100
committerGünther Deschner <gd@samba.org>2012-12-16 01:34:01 +0100
commitd8461992dbc6005f02240cf1eae8a56ba4c55148 (patch)
treeab9cbbba22404203e31d3f909815a7dd39328ebf
parentbe43456c94d0ed3786020223aac31e1908028caf (diff)
downloadsamba-d8461992dbc6005f02240cf1eae8a56ba4c55148.tar.gz
samba-d8461992dbc6005f02240cf1eae8a56ba4c55148.tar.bz2
samba-d8461992dbc6005f02240cf1eae8a56ba4c55148.zip
s4-rpc_server: use netlogon_creds_encrypt_samlogon().
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Sun Dec 16 01:34:01 CET 2012 on sn-devel-104
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c37
1 files changed, 3 insertions, 34 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 3eaf0d4e1d..d463e85af1 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -619,7 +619,6 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
struct auth_usersupplied_info *user_info;
struct auth_user_info_dc *user_info_dc;
NTSTATUS nt_status;
- static const char zeros[16];
struct netr_SamBaseInfo *sam;
struct netr_SamInfo2 *sam2;
struct netr_SamInfo3 *sam3;
@@ -817,39 +816,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
return NT_STATUS_INVALID_INFO_CLASS;
}
- /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- /* It appears that level 6 is not individually encrypted */
- if ((r->in.validation_level != 6) &&
- memcmp(sam->key.key, zeros, sizeof(sam->key.key)) != 0) {
- /* This key is sent unencrypted without the ARCFOUR or AES flag set */
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds,
- sam->key.key,
- sizeof(sam->key.key));
- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds,
- sam->key.key,
- sizeof(sam->key.key));
- }
- }
-
- /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- /* It appears that level 6 is not individually encrypted */
- if ((r->in.validation_level != 6) &&
- memcmp(sam->LMSessKey.key, zeros, sizeof(sam->LMSessKey.key)) != 0) {
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_encrypt(creds,
- sam->LMSessKey.key,
- sizeof(sam->LMSessKey.key));
- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds,
- sam->LMSessKey.key,
- sizeof(sam->LMSessKey.key));
- } else {
- netlogon_creds_des_encrypt_LMKey(creds,
- &sam->LMSessKey);
- }
- }
+ netlogon_creds_encrypt_samlogon_validation(creds,
+ r->in.validation_level,
+ r->out.validation);
/* TODO: Describe and deal with these flags */
*r->out.flags = 0;