From 7b3ddd1a0bb41fe84c115555113362044620e484 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 24 Apr 2013 16:00:44 +0200
Subject: s3:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 source3/rpc_server/netlogon/srv_netlog_nt.c | 45 ++++++++++++++---------------
 1 file changed, 21 insertions(+), 24 deletions(-)

(limited to 'source3/rpc_server')

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index 6a6c125da9..4f66dfe0de 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1467,6 +1467,15 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 	struct auth_context *auth_context = NULL;
 	const char *fn;
 
+#ifdef DEBUG_PASSWORD
+	logon = netlogon_creds_shallow_copy_logon(p->mem_ctx,
+						  r->in.logon_level,
+						  r->in.logon);
+	if (logon == NULL) {
+		logon = r->in.logon;
+	}
+#endif
+
 	switch (p->opnum) {
 		case NDR_NETR_LOGONSAMLOGON:
 			fn = "_netr_LogonSamLogon";
@@ -1547,6 +1556,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 
 	status = NT_STATUS_OK;
 
+	netlogon_creds_decrypt_samlogon_logon(creds,
+					      r->in.logon_level,
+					      logon);
+
 	switch (r->in.logon_level) {
 	case NetlogonNetworkInformation:
 	case NetlogonNetworkTransitiveInformation:
@@ -1592,32 +1605,16 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 		uint8_t chal[8];
 
 #ifdef DEBUG_PASSWORD
-		DEBUG(100,("lm owf password:"));
-		dump_data(100, logon->password->lmpassword.hash, 16);
-
-		DEBUG(100,("nt owf password:"));
-		dump_data(100, logon->password->ntpassword.hash, 16);
-#endif
-		if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-			netlogon_creds_aes_decrypt(creds,
-						   logon->password->lmpassword.hash,
-						   16);
-			netlogon_creds_aes_decrypt(creds,
-						   logon->password->ntpassword.hash,
-						   16);
-		} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
-			netlogon_creds_arcfour_crypt(creds,
-						     logon->password->lmpassword.hash,
-						     16);
-			netlogon_creds_arcfour_crypt(creds,
-						     logon->password->ntpassword.hash,
-						     16);
-		} else {
-			netlogon_creds_des_decrypt(creds, &logon->password->lmpassword);
-			netlogon_creds_des_decrypt(creds, &logon->password->ntpassword);
+		if (logon != r->in.logon) {
+			DEBUG(100,("lm owf password:"));
+			dump_data(100,
+				  r->in.logon->password->lmpassword.hash, 16);
+
+			DEBUG(100,("nt owf password:"));
+			dump_data(100,
+				  r->in.logon->password->ntpassword.hash, 16);
 		}
 
-#ifdef DEBUG_PASSWORD
 		DEBUG(100,("decrypt of lm owf password:"));
 		dump_data(100, logon->password->lmpassword.hash, 16);
 
-- 
cgit