diff options
author | Günther Deschner <gd@samba.org> | 2012-12-11 23:53:22 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2012-12-16 01:34:01 +0100 |
commit | d8461992dbc6005f02240cf1eae8a56ba4c55148 (patch) | |
tree | ab9cbbba22404203e31d3f909815a7dd39328ebf /source4/rpc_server/netlogon | |
parent | be43456c94d0ed3786020223aac31e1908028caf (diff) | |
download | samba-d8461992dbc6005f02240cf1eae8a56ba4c55148.tar.gz samba-d8461992dbc6005f02240cf1eae8a56ba4c55148.tar.bz2 samba-d8461992dbc6005f02240cf1eae8a56ba4c55148.zip |
s4-rpc_server: use netlogon_creds_encrypt_samlogon().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Sun Dec 16 01:34:01 CET 2012 on sn-devel-104
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 37 |
1 files changed, 3 insertions, 34 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 3eaf0d4e1d..d463e85af1 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -619,7 +619,6 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal struct auth_usersupplied_info *user_info; struct auth_user_info_dc *user_info_dc; NTSTATUS nt_status; - static const char zeros[16]; struct netr_SamBaseInfo *sam; struct netr_SamInfo2 *sam2; struct netr_SamInfo3 *sam3; @@ -817,39 +816,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal return NT_STATUS_INVALID_INFO_CLASS; } - /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - /* It appears that level 6 is not individually encrypted */ - if ((r->in.validation_level != 6) && - memcmp(sam->key.key, zeros, sizeof(sam->key.key)) != 0) { - /* This key is sent unencrypted without the ARCFOUR or AES flag set */ - if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - netlogon_creds_aes_encrypt(creds, - sam->key.key, - sizeof(sam->key.key)); - } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { - netlogon_creds_arcfour_crypt(creds, - sam->key.key, - sizeof(sam->key.key)); - } - } - - /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - /* It appears that level 6 is not individually encrypted */ - if ((r->in.validation_level != 6) && - memcmp(sam->LMSessKey.key, zeros, sizeof(sam->LMSessKey.key)) != 0) { - if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { - netlogon_creds_aes_encrypt(creds, - sam->LMSessKey.key, - sizeof(sam->LMSessKey.key)); - } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { - netlogon_creds_arcfour_crypt(creds, - sam->LMSessKey.key, - sizeof(sam->LMSessKey.key)); - } else { - netlogon_creds_des_encrypt_LMKey(creds, - &sam->LMSessKey); - } - } + netlogon_creds_encrypt_samlogon_validation(creds, + r->in.validation_level, + r->out.validation); /* TODO: Describe and deal with these flags */ *r->out.flags = 0; |