Tree - rpms/samba - CentOS Git server

rpms / samba

Blame SOURCES/0031-s3-libsmb-Use-GnuTLS-RC4-in-clirap.patch

Blob History Raw

		b6b438	`From c7e79b33a10a8e393df78fd7adf60a5a3dbebcc6 Mon Sep 17 00:00:00 2001`
		b6b438	`From: Andreas Schneider <asn@samba.org>`
		b6b438	`Date: Tue, 15 Jan 2019 18:14:17 +0100`
		b6b438	`Subject: [PATCH 031/187] s3:libsmb: Use GnuTLS RC4 in clirap`
		b6b438
		b6b438	`BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031`
		b6b438
		b6b438	`Signed-off-by: Andreas Schneider <asn@samba.org>`
		b6b438	`Reviewed-by: Andrew Bartlett <abartlet@samba.org>`
		b6b438	`(cherry picked from commit 0947d8388def40b01b322d0deee4dba386983410)`
		b6b438	`---`
		b6b438	`source3/libsmb/clirap.c \| 27 +++++++++++++++++++++++++--`
		b6b438	`1 file changed, 25 insertions(+), 2 deletions(-)`
		b6b438
		b6b438	`diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c`
		b6b438	`index b4b40ebdab4..c0b9dcdff39 100644`
		b6b438	`--- a/source3/libsmb/clirap.c`
		b6b438	`+++ b/source3/libsmb/clirap.c`
		b6b438	`@@ -22,7 +22,6 @@`
		b6b438	`#include "includes.h"`
		b6b438	`#include "../libcli/auth/libcli_auth.h"`
		b6b438	`#include "../librpc/gen_ndr/rap.h"`
		b6b438	`-#include "../lib/crypto/arcfour.h"`
		b6b438	`#include "../lib/util/tevent_ntstatus.h"`
		b6b438	`#include "async_smb.h"`
		b6b438	`#include "libsmb/libsmb.h"`
		b6b438	`@@ -31,6 +30,9 @@`
		b6b438	`#include "../libcli/smb/smbXcli_base.h"`
		b6b438	`#include "cli_smb2_fnum.h"`
		b6b438
		b6b438	`+#include <gnutls/gnutls.h>`
		b6b438	`+#include <gnutls/crypto.h>`
		b6b438	`+`
		b6b438	`#define PIPE_LANMAN "\\PIPE\\LANMAN"`
		b6b438
		b6b438	`/****************************************************************************`
		b6b438	`@@ -508,6 +510,12 @@ bool cli_oem_change_password(struct cli_state cli, const char user, const char`
		b6b438	`char *rparam = NULL;`
		b6b438	`char *rdata = NULL;`
		b6b438	`unsigned int rprcnt, rdrcnt;`
		b6b438	`+ gnutls_cipher_hd_t cipher_hnd = NULL;`
		b6b438	`+ gnutls_datum_t old_pw_key = {`
		b6b438	`+ .data = old_pw_hash,`
		b6b438	`+ .size = sizeof(old_pw_hash),`
		b6b438	`+ };`
		b6b438	`+ int rc;`
		b6b438
		b6b438	`if (strlen(user) >= sizeof(fstring)-1) {`
		b6b438	`DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user));`
		b6b438	`@@ -539,7 +547,22 @@ bool cli_oem_change_password(struct cli_state cli, const char user, const char`
		b6b438	`DEBUG(100,("make_oem_passwd_hash\n"));`
		b6b438	`dump_data(100, data, 516);`
		b6b438	`#endif`
		b6b438	`- arcfour_crypt( (unsigned char )data, (unsigned char )old_pw_hash, 516);`
		b6b438	`+ rc = gnutls_cipher_init(&cipher_hnd,`
		b6b438	`+ GNUTLS_CIPHER_ARCFOUR_128,`
		b6b438	`+ &old_pw_key,`
		b6b438	`+ NULL);`
		b6b438	`+ if (rc < 0) {`
		b6b438	`+ DBG_ERR("gnutls_cipher_init failed: %s\n",`
		b6b438	`+ gnutls_strerror(rc));`
		b6b438	`+ return false;`
		b6b438	`+ }`
		b6b438	`+ rc = gnutls_cipher_encrypt(cipher_hnd,`
		b6b438	`+ data,`
		b6b438	`+ 516);`
		b6b438	`+ gnutls_cipher_deinit(cipher_hnd);`
		b6b438	`+ if (rc < 0) {`
		b6b438	`+ return false;`
		b6b438	`+ }`
		b6b438
		b6b438	`/*`
		b6b438	`* Now place the old password hash in the data.`
		b6b438	`--`
		b6b438	`2.23.0`
		b6b438

rpms / samba

Source Code

Blame SOURCES/0031-s3-libsmb-Use-GnuTLS-RC4-in-clirap.patch