diff options
| author | Günther Deschner <gd@samba.org> | 2012-12-07 12:38:16 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2012-12-09 19:39:08 +0100 |
| commit | f6cb8049b2fe62054d254a006b8a39f000d1d1d5 (patch) | |
| tree | c5b87795f026ca158a53bd99926a0efa15e04517 /libcli/auth | |
| parent | be296a21fc509cacaedb5aad0c3ca4ccd44b4a62 (diff) | |
| download | samba-f6cb8049b2fe62054d254a006b8a39f000d1d1d5.tar.gz samba-f6cb8049b2fe62054d254a006b8a39f000d1d1d5.tar.bz2 samba-f6cb8049b2fe62054d254a006b8a39f000d1d1d5.zip | |
libcli/auth: support AES decryption in netlogon_creds_decrypt_samlogon().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'libcli/auth')
| -rw-r--r-- | libcli/auth/credentials.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 77df7f765a..63407e7988 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -520,6 +520,20 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred /* find and decyrpt the session keys, return in parameters above */ if (validation_level == 6) { /* they aren't encrypted! */ + } else if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { + if (memcmp(base->key.key, zeros, + sizeof(base->key.key)) != 0) { + netlogon_creds_aes_decrypt(creds, + base->key.key, + sizeof(base->key.key)); + } + + if (memcmp(base->LMSessKey.key, zeros, + sizeof(base->LMSessKey.key)) != 0) { + netlogon_creds_aes_decrypt(creds, + base->LMSessKey.key, + sizeof(base->LMSessKey.key)); + } } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { if (memcmp(base->key.key, zeros, sizeof(base->key.key)) != 0) { |