rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0010-libcli-auth-Return-NTSTATUS-for-encode_or_decode_arc.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420
  1.   b6b438351cef67652d9aed43112618d18092527e
  2.   SOURCES
  3.   0010-libcli-auth-Return-NTSTATUS-for-encode_or_decode_arc.patch
Blob History Raw
b6b438 
From 6125794925d054da191cf6c21a76ceb904848710 Mon Sep 17 00:00:00 2001
b6b438 
From: Andreas Schneider <asn@samba.org>
b6b438 
Date: Wed, 29 May 2019 14:57:52 +0200
b6b438 
Subject: [PATCH 010/187] libcli:auth: Return NTSTATUS for
b6b438 
 encode_or_decode_arc4_passwd_buffer()
b6b438
b6b438 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
b6b438
b6b438 
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438 
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
b6b438 
(cherry picked from commit 57dd415ba49b9621deddf604a5bf148c10ebc37e)
b6b438 
---
b6b438 
 libcli/auth/proto.h                   |  3 ++-
b6b438 
 libcli/auth/smbencrypt.c              | 10 ++++++++--
b6b438 
 source3/rpc_server/samr/srv_samr_nt.c | 10 ++++++++--
b6b438 
 3 files changed, 18 insertions(+), 5 deletions(-)
b6b438
b6b438 
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
b6b438 
index afd7f0d148d..651f1139cf5 100644
b6b438 
--- a/libcli/auth/proto.h
b6b438 
+++ b/libcli/auth/proto.h
b6b438 
@@ -184,7 +184,8 @@ bool decode_pw_buffer(TALLOC_CTX *ctx,
b6b438 
 /***********************************************************
b6b438 
  Decode an arc4 encrypted password change buffer.
b6b438 
 ************************************************************/
b6b438 
-void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_BLOB *psession_key);
b6b438 
+NTSTATUS encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532],
b6b438 
+					     const DATA_BLOB *psession_key);
b6b438
b6b438 
 /***********************************************************
b6b438 
  encode a password buffer with an already unicode password.  The
b6b438 
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
b6b438 
index a74ccf09b02..ae97f3cc93e 100644
b6b438 
--- a/libcli/auth/smbencrypt.c
b6b438 
+++ b/libcli/auth/smbencrypt.c
b6b438 
@@ -843,27 +843,32 @@ bool decode_pw_buffer(TALLOC_CTX *ctx,
b6b438 
  Decode an arc4 encrypted password change buffer.
b6b438 
 ************************************************************/
b6b438
b6b438 
-void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_BLOB *psession_key)
b6b438 
+NTSTATUS encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532],
b6b438 
+					     const DATA_BLOB *psession_key)
b6b438 
 {
b6b438 
 	gnutls_hash_hd_t hash_hnd = NULL;
b6b438 
 	unsigned char key_out[16];
b6b438 
+	NTSTATUS status;
b6b438 
 	int rc;
b6b438
b6b438 
 	/* Confounder is last 16 bytes. */
b6b438
b6b438 
 	rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
b6b438 
 	if (rc < 0) {
b6b438 
+		status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
b6b438 
 		goto out;
b6b438 
 	}
b6b438
b6b438 
 	rc = gnutls_hash(hash_hnd, &pw_buf[516], 16);
b6b438 
 	if (rc < 0) {
b6b438 
 		gnutls_hash_deinit(hash_hnd, NULL);
b6b438 
+		status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
b6b438 
 		goto out;
b6b438 
 	}
b6b438 
 	rc = gnutls_hash(hash_hnd, psession_key->data, psession_key->length);
b6b438 
 	if (rc < 0) {
b6b438 
 		gnutls_hash_deinit(hash_hnd, NULL);
b6b438 
+		status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
b6b438 
 		goto out;
b6b438 
 	}
b6b438 
 	gnutls_hash_deinit(hash_hnd, key_out);
b6b438 
@@ -873,8 +878,9 @@ void encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532], const DATA_B
b6b438
b6b438 
 	ZERO_ARRAY(key_out);
b6b438
b6b438 
+	status = NT_STATUS_OK;
b6b438 
 out:
b6b438 
-	return;
b6b438 
+	return status;
b6b438 
 }
b6b438
b6b438 
 /***********************************************************
b6b438 
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
b6b438 
index 124d6d38cd7..c2be8bfc19a 100644
b6b438 
--- a/source3/rpc_server/samr/srv_samr_nt.c
b6b438 
+++ b/source3/rpc_server/samr/srv_samr_nt.c
b6b438 
@@ -5185,9 +5185,12 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
b6b438 
 			if(!NT_STATUS_IS_OK(status)) {
b6b438 
 				break;
b6b438 
 			}
b6b438 
-			encode_or_decode_arc4_passwd_buffer(
b6b438 
+			status = encode_or_decode_arc4_passwd_buffer(
b6b438 
 				info->info25.password.data,
b6b438 
 				&session_key);
b6b438 
+			if (!NT_STATUS_IS_OK(status)) {
b6b438 
+				break;
b6b438 
+			}
b6b438
b6b438 
 			dump_data(100, info->info25.password.data, 532);
b6b438
b6b438 
@@ -5201,9 +5204,12 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
b6b438 
 			if(!NT_STATUS_IS_OK(status)) {
b6b438 
 				break;
b6b438 
 			}
b6b438 
-			encode_or_decode_arc4_passwd_buffer(
b6b438 
+			status = encode_or_decode_arc4_passwd_buffer(
b6b438 
 				info->info26.password.data,
b6b438 
 				&session_key);
b6b438 
+			if (!NT_STATUS_IS_OK(status)) {
b6b438 
+				break;
b6b438 
+			}
b6b438
b6b438 
 			dump_data(100, info->info26.password.data, 516);
b6b438
b6b438 
--
b6b438 
2.23.0
b6b438

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation