rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0022-s4-libnet-Use-GnuTLS-RC4-in-libnet_SetPassword_samr_.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420 c9s-sig-storage-samba-421
  1.   b6b438351cef67652d9aed43112618d18092527e
  2.   SOURCES
  3.   0022-s4-libnet-Use-GnuTLS-RC4-in-libnet_SetPassword_samr_.patch
Blob History Raw
b6b438 
From 5b0f5925814742ca8b7e772f1a7f4558b770c45b Mon Sep 17 00:00:00 2001
b6b438 
From: Andreas Schneider <asn@samba.org>
b6b438 
Date: Fri, 1 Feb 2019 13:38:21 +0100
b6b438 
Subject: [PATCH 022/187] s4:libnet: Use GnuTLS RC4 in
b6b438 
 libnet_SetPassword_samr_handle_24()
b6b438
b6b438 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031
b6b438
b6b438 
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438 
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
b6b438 
(cherry picked from commit 18937f9ceb5aca23899555c5a34fe359f6fcb126)
b6b438 
---
b6b438 
 source4/libnet/libnet_passwd.c | 29 ++++++++++++++++++++++++++++-
b6b438 
 1 file changed, 28 insertions(+), 1 deletion(-)
b6b438
b6b438 
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
b6b438 
index b2105121523..064ef98879a 100644
b6b438 
--- a/source4/libnet/libnet_passwd.c
b6b438 
+++ b/source4/libnet/libnet_passwd.c
b6b438 
@@ -386,6 +386,9 @@ static NTSTATUS libnet_SetPassword_samr_handle_24(struct libnet_context *ctx, TA
b6b438 
 	struct samr_SetUserInfo2 sui;
b6b438 
 	union samr_UserInfo u_info;
b6b438 
 	DATA_BLOB session_key;
b6b438 
+	gnutls_cipher_hd_t cipher_hnd = NULL;
b6b438 
+	gnutls_datum_t enc_session_key;
b6b438 
+	int rc;
b6b438
b6b438 
 	if (r->samr_handle.in.info21) {
b6b438 
 		return NT_STATUS_INVALID_PARAMETER_MIX;
b6b438 
@@ -404,7 +407,28 @@ static NTSTATUS libnet_SetPassword_samr_handle_24(struct libnet_context *ctx, TA
b6b438 
 		return status;
b6b438 
 	}
b6b438
b6b438 
-	arcfour_crypt_blob(u_info.info24.password.data, 516, &session_key);
b6b438 
+	enc_session_key = (gnutls_datum_t) {
b6b438 
+		.data = session_key.data,
b6b438 
+		.size = session_key.length,
b6b438 
+	};
b6b438 
+
b6b438 
+	rc = gnutls_cipher_init(&cipher_hnd,
b6b438 
+				GNUTLS_CIPHER_ARCFOUR_128,
b6b438 
+				&enc_session_key,
b6b438 
+				NULL);
b6b438 
+	if (rc < 0) {
b6b438 
+		status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
b6b438 
+		goto out;
b6b438 
+	}
b6b438 
+
b6b438 
+	rc = gnutls_cipher_encrypt(cipher_hnd,
b6b438 
+				   u_info.info24.password.data,
b6b438 
+				   516);
b6b438 
+	gnutls_cipher_deinit(cipher_hnd);
b6b438 
+	if (rc < 0) {
b6b438 
+		status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
b6b438 
+		goto out;
b6b438 
+	}
b6b438
b6b438 
 	sui.in.user_handle = r->samr_handle.in.user_handle;
b6b438 
 	sui.in.info = &u_info;
b6b438 
@@ -421,6 +445,9 @@ static NTSTATUS libnet_SetPassword_samr_handle_24(struct libnet_context *ctx, TA
b6b438 
 					  "SetUserInfo2 level 24 for [%s] failed: %s",
b6b438 
 					  r->samr_handle.in.account_name, nt_errstr(status));
b6b438 
 	}
b6b438 
+
b6b438 
+out:
b6b438 
+	data_blob_clear(&session_key);
b6b438 
 	return status;
b6b438 
 }
b6b438
b6b438 
--
b6b438 
2.23.0
b6b438

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation