|
|
b6b438 |
From 9913d8e981dd39fd1f7e260644f35aa6718c9bd2 Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Wed, 16 Jan 2019 13:15:08 +0100
|
|
|
b6b438 |
Subject: [PATCH 013/187] s3:rpc_client: Use GnuTLS RC4 in
|
|
|
b6b438 |
init_samr_CryptPassword()
|
|
|
b6b438 |
|
|
|
b6b438 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 95db9a81db093488e625b4ef385a184a5e517ede)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
source3/rpc_client/init_samr.c | 23 +++++++++++++++++++++--
|
|
|
b6b438 |
1 file changed, 21 insertions(+), 2 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
|
|
|
b6b438 |
index 3968dfea99f..0eb50c54525 100644
|
|
|
b6b438 |
--- a/source3/rpc_client/init_samr.c
|
|
|
b6b438 |
+++ b/source3/rpc_client/init_samr.c
|
|
|
b6b438 |
@@ -19,7 +19,6 @@
|
|
|
b6b438 |
|
|
|
b6b438 |
#include "includes.h"
|
|
|
b6b438 |
#include "../libcli/auth/libcli_auth.h"
|
|
|
b6b438 |
-#include "../lib/crypto/arcfour.h"
|
|
|
b6b438 |
#include "rpc_client/init_samr.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
@@ -77,13 +76,33 @@ NTSTATUS init_samr_CryptPassword(const char *pwd,
|
|
|
b6b438 |
struct samr_CryptPassword *pwd_buf)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
/* samr_CryptPassword */
|
|
|
b6b438 |
+ gnutls_cipher_hd_t cipher_hnd = NULL;
|
|
|
b6b438 |
+ gnutls_datum_t sess_key = {
|
|
|
b6b438 |
+ .data = session_key->data,
|
|
|
b6b438 |
+ .size = session_key->length,
|
|
|
b6b438 |
+ };
|
|
|
b6b438 |
bool ok;
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
ok = encode_pw_buffer(pwd_buf->data, pwd, STR_UNICODE);
|
|
|
b6b438 |
if (!ok) {
|
|
|
b6b438 |
return NT_STATUS_INTERNAL_ERROR;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- arcfour_crypt_blob(pwd_buf->data, 516, session_key);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ rc = gnutls_cipher_init(&cipher_hnd,
|
|
|
b6b438 |
+ GNUTLS_CIPHER_ARCFOUR_128,
|
|
|
b6b438 |
+ &sess_key,
|
|
|
b6b438 |
+ NULL);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+ rc = gnutls_cipher_encrypt(cipher_hnd,
|
|
|
b6b438 |
+ pwd_buf->data,
|
|
|
b6b438 |
+ 516);
|
|
|
b6b438 |
+ gnutls_cipher_deinit(cipher_hnd);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
return NT_STATUS_OK;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|