|
|
b6b438 |
From 15ca4ae322f88f797c571ad7801a9e44a6262d73 Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Fri, 5 Jul 2019 10:09:32 +0200
|
|
|
b6b438 |
Subject: [PATCH 014/187] libcli:auth: Use
|
|
|
b6b438 |
samba_gnutls_arcfour_confounded_md5() for rc4 passwd buffer
|
|
|
b6b438 |
|
|
|
b6b438 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit dea160820a393be51985a4e761a3f73da83972e7)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
libcli/auth/smbencrypt.c | 39 +++++++++------------------------------
|
|
|
b6b438 |
1 file changed, 9 insertions(+), 30 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
index ae97f3cc93e..17c1e1f69ff 100644
|
|
|
b6b438 |
--- a/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
+++ b/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
@@ -846,41 +846,20 @@ bool decode_pw_buffer(TALLOC_CTX *ctx,
|
|
|
b6b438 |
NTSTATUS encode_or_decode_arc4_passwd_buffer(unsigned char pw_buf[532],
|
|
|
b6b438 |
const DATA_BLOB *psession_key)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
- gnutls_hash_hd_t hash_hnd = NULL;
|
|
|
b6b438 |
- unsigned char key_out[16];
|
|
|
b6b438 |
- NTSTATUS status;
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
/* Confounder is last 16 bytes. */
|
|
|
b6b438 |
+ DATA_BLOB confounder = data_blob_const(&pw_buf[516], 16);
|
|
|
b6b438 |
+ DATA_BLOB pw_data = data_blob_const(pw_buf, 516);
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
- rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
|
|
|
b6b438 |
+ rc = samba_gnutls_arcfour_confounded_md5(&confounder,
|
|
|
b6b438 |
+ psession_key,
|
|
|
b6b438 |
+ &pw_data,
|
|
|
b6b438 |
+ SAMBA_GNUTLS_DECRYPT);
|
|
|
b6b438 |
if (rc < 0) {
|
|
|
b6b438 |
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
|
b6b438 |
- goto out;
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
- rc = gnutls_hash(hash_hnd, &pw_buf[516], 16);
|
|
|
b6b438 |
- if (rc < 0) {
|
|
|
b6b438 |
- gnutls_hash_deinit(hash_hnd, NULL);
|
|
|
b6b438 |
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
|
b6b438 |
- goto out;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- rc = gnutls_hash(hash_hnd, psession_key->data, psession_key->length);
|
|
|
b6b438 |
- if (rc < 0) {
|
|
|
b6b438 |
- gnutls_hash_deinit(hash_hnd, NULL);
|
|
|
b6b438 |
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_HASH_NOT_SUPPORTED);
|
|
|
b6b438 |
- goto out;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
- gnutls_hash_deinit(hash_hnd, key_out);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- /* arc4 with key_out. */
|
|
|
b6b438 |
- arcfour_crypt(pw_buf, key_out, 516);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- ZERO_ARRAY(key_out);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
- status = NT_STATUS_OK;
|
|
|
b6b438 |
-out:
|
|
|
b6b438 |
- return status;
|
|
|
b6b438 |
+ return NT_STATUS_OK;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/***********************************************************
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|