summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/netlogon/srv_netlog_nt.c45
1 files changed, 21 insertions, 24 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index 6a6c125da9..4f66dfe0de 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1467,6 +1467,15 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
struct auth_context *auth_context = NULL;
const char *fn;
+#ifdef DEBUG_PASSWORD
+ logon = netlogon_creds_shallow_copy_logon(p->mem_ctx,
+ r->in.logon_level,
+ r->in.logon);
+ if (logon == NULL) {
+ logon = r->in.logon;
+ }
+#endif
+
switch (p->opnum) {
case NDR_NETR_LOGONSAMLOGON:
fn = "_netr_LogonSamLogon";
@@ -1547,6 +1556,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
status = NT_STATUS_OK;
+ netlogon_creds_decrypt_samlogon_logon(creds,
+ r->in.logon_level,
+ logon);
+
switch (r->in.logon_level) {
case NetlogonNetworkInformation:
case NetlogonNetworkTransitiveInformation:
@@ -1592,32 +1605,16 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
uint8_t chal[8];
#ifdef DEBUG_PASSWORD
- DEBUG(100,("lm owf password:"));
- dump_data(100, logon->password->lmpassword.hash, 16);
-
- DEBUG(100,("nt owf password:"));
- dump_data(100, logon->password->ntpassword.hash, 16);
-#endif
- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
- netlogon_creds_aes_decrypt(creds,
- logon->password->lmpassword.hash,
- 16);
- netlogon_creds_aes_decrypt(creds,
- logon->password->ntpassword.hash,
- 16);
- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
- netlogon_creds_arcfour_crypt(creds,
- logon->password->lmpassword.hash,
- 16);
- netlogon_creds_arcfour_crypt(creds,
- logon->password->ntpassword.hash,
- 16);
- } else {
- netlogon_creds_des_decrypt(creds, &logon->password->lmpassword);
- netlogon_creds_des_decrypt(creds, &logon->password->ntpassword);
+ if (logon != r->in.logon) {
+ DEBUG(100,("lm owf password:"));
+ dump_data(100,
+ r->in.logon->password->lmpassword.hash, 16);
+
+ DEBUG(100,("nt owf password:"));
+ dump_data(100,
+ r->in.logon->password->ntpassword.hash, 16);
}
-#ifdef DEBUG_PASSWORD
DEBUG(100,("decrypt of lm owf password:"));
dump_data(100, logon->password->lmpassword.hash, 16);