From 563cc67ac65c2061971c4b02ac7037e00f1f9ae8 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Fri, 14 Dec 2012 14:17:22 +0100
Subject: libcli/auth: rename netlogon_creds_decrypt_samlogon() to
 netlogon_creds_decrypt_samlogon_validation().
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 libcli/auth/credentials.c | 9 ++++++---
 libcli/auth/proto.h       | 6 +++---
 2 files changed, 9 insertions(+), 6 deletions(-)

(limited to 'libcli')

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index 63407e7988..d5bf1a6387 100644
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -485,9 +485,9 @@ NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState
 	}
 }
 
-void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *creds,
-			    uint16_t validation_level,
-			    union netr_Validation *validation)
+void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds,
+						uint16_t validation_level,
+						union netr_Validation *validation)
 {
 	static const char zeros[16];
 
@@ -521,6 +521,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred
 	if (validation_level == 6) {
 		/* they aren't encrypted! */
 	} else if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
+		/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
 		if (memcmp(base->key.key, zeros,
 			   sizeof(base->key.key)) != 0) {
 			netlogon_creds_aes_decrypt(creds,
@@ -535,6 +536,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred
 					    sizeof(base->LMSessKey.key));
 		}
 	} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
+		/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
 		if (memcmp(base->key.key, zeros,
 			   sizeof(base->key.key)) != 0) {
 			netlogon_creds_arcfour_crypt(creds,
@@ -549,6 +551,7 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred
 					    sizeof(base->LMSessKey.key));
 		}
 	} else {
+		/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
 		if (memcmp(base->LMSessKey.key, zeros,
 			   sizeof(base->LMSessKey.key)) != 0) {
 			netlogon_creds_des_decrypt_LMKey(creds,
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
index b9d91d04ea..15900d470b 100644
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -57,9 +57,9 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
 NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState *creds,
 				 struct netr_Authenticator *received_authenticator,
 				 struct netr_Authenticator *return_authenticator) ;
-void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *creds,
-			    uint16_t validation_level,
-			    union netr_Validation *validation) ;
+void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds,
+						uint16_t validation_level,
+						union netr_Validation *validation);
 
 /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c  */
 
-- 
cgit