From 64df8e7e0b732afd26e944fc53bbbfbe174f88d8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 22 Sep 2004 12:17:51 +0000 Subject: r2515: Fixes from smbtorture - these session keys are not individually encrypted. Andrew Bartlett (This used to be commit 131420b45e88cb72090c9b28a53295edfa364cfe) --- source4/rpc_server/netlogon/dcerpc_netlogon.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index b6182d31c6..1451e17464 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -604,8 +604,10 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, } /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - if (memcmp(sam->key.key, zeros, - sizeof(sam->key.key)) != 0) { + /* It appears that level 6 is not individually encrypted */ + if ((r->in.validation_level != 6) + && memcmp(sam->key.key, zeros, + sizeof(sam->key.key)) != 0) { creds_arcfour_crypt(pipe_state->creds, sam->key.key, sizeof(sam->key.key)); @@ -619,8 +621,10 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, } /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - if (memcmp(sam->LMSessKey.key, zeros, - sizeof(sam->LMSessKey.key)) != 0) { + /* It appears that level 6 is not individually encrypted */ + if ((r->in.validation_level != 6) + && memcmp(sam->LMSessKey.key, zeros, + sizeof(sam->LMSessKey.key)) != 0) { creds_arcfour_crypt(pipe_state->creds, sam->LMSessKey.key, sizeof(sam->LMSessKey.key)); -- cgit