diff options
author | Günther Deschner <gd@samba.org> | 2012-12-14 14:17:22 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2012-12-15 21:50:36 +0100 |
commit | 563cc67ac65c2061971c4b02ac7037e00f1f9ae8 (patch) | |
tree | 045d5c72b6dfd2f4edede8a14324609ab24248d0 /libcli/auth | |
parent | 6127ba853b8288be60adc70bc0ea084f26e216f7 (diff) | |
download | samba-563cc67ac65c2061971c4b02ac7037e00f1f9ae8.tar.gz samba-563cc67ac65c2061971c4b02ac7037e00f1f9ae8.tar.bz2 samba-563cc67ac65c2061971c4b02ac7037e00f1f9ae8.zip |
libcli/auth: rename netlogon_creds_decrypt_samlogon() to netlogon_creds_decrypt_samlogon_validation().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli/auth')
-rw-r--r-- | libcli/auth/credentials.c | 9 | ||||
-rw-r--r-- | libcli/auth/proto.h | 6 |
2 files changed, 9 insertions, 6 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 63407e7988..d5bf1a6387 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -485,9 +485,9 @@ NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState } } -void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *creds, - uint16_t validation_level, - union netr_Validation *validation) +void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, + uint16_t validation_level, + union netr_Validation *validation) { static const char zeros[16]; @@ -521,6 +521,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred if (validation_level == 6) { /* they aren't encrypted! */ } else if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { + /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ if (memcmp(base->key.key, zeros, sizeof(base->key.key)) != 0) { netlogon_creds_aes_decrypt(creds, @@ -535,6 +536,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred sizeof(base->LMSessKey.key)); } } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { + /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ if (memcmp(base->key.key, zeros, sizeof(base->key.key)) != 0) { netlogon_creds_arcfour_crypt(creds, @@ -549,6 +551,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred sizeof(base->LMSessKey.key)); } } else { + /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ if (memcmp(base->LMSessKey.key, zeros, sizeof(base->LMSessKey.key)) != 0) { netlogon_creds_des_decrypt_LMKey(creds, diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index b9d91d04ea..15900d470b 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -57,9 +57,9 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState *creds, struct netr_Authenticator *received_authenticator, struct netr_Authenticator *return_authenticator) ; -void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *creds, - uint16_t validation_level, - union netr_Validation *validation) ; +void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, + uint16_t validation_level, + union netr_Validation *validation); /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c */ |