rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0045-s4-torture-Use-GnuTLS-RC4-in-test_OemChangePasswordU.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420 c9s-sig-storage-samba-421
  1.   b6b438351cef67652d9aed43112618d18092527e
  2.   SOURCES
  3.   0045-s4-torture-Use-GnuTLS-RC4-in-test_OemChangePasswordU.patch
Blob History Raw
b6b438 
From 752f6efc6ac65cba6b8ebf125b19a6685a0d40c2 Mon Sep 17 00:00:00 2001
b6b438 
From: Andreas Schneider <asn@samba.org>
b6b438 
Date: Wed, 24 Jul 2019 16:49:53 +0200
b6b438 
Subject: [PATCH 045/187] s4:torture: Use GnuTLS RC4 in
b6b438 
 test_OemChangePasswordUser2
b6b438
b6b438 
This uses STR_ASCII for password encoding!
b6b438
b6b438 
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438 
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
b6b438 
(cherry picked from commit b512b5974494fe41010800f60df0f248b8ea850e)
b6b438 
---
b6b438 
 source4/torture/rpc/samr.c | 34 ++++++++++++++++++++++++++++++----
b6b438 
 1 file changed, 30 insertions(+), 4 deletions(-)
b6b438
b6b438 
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
b6b438 
index 530c457bbd9..eb032905dc8 100644
b6b438 
--- a/source4/torture/rpc/samr.c
b6b438 
+++ b/source4/torture/rpc/samr.c
b6b438 
@@ -2032,6 +2032,11 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
b6b438 
 	char *newpass;
b6b438 
 	struct dcerpc_binding_handle *b = p->binding_handle;
b6b438 
 	uint8_t old_lm_hash[16], new_lm_hash[16];
b6b438 
+	gnutls_cipher_hd_t cipher_hnd = NULL;
b6b438 
+	gnutls_datum_t session_key = {
b6b438 
+		.data = old_lm_hash,
b6b438 
+		.size = 16
b6b438 
+	};
b6b438
b6b438 
 	struct samr_GetDomPwInfo dom_pw_info;
b6b438 
 	struct samr_PwInfo info;
b6b438 
@@ -2065,7 +2070,13 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
b6b438 
 	E_deshash(newpass, new_lm_hash);
b6b438
b6b438 
 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
b6b438 
-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);
b6b438 
+
b6b438 
+	gnutls_cipher_init(&cipher_hnd,
b6b438 
+			   GNUTLS_CIPHER_ARCFOUR_128,
b6b438 
+			   &session_key,
b6b438 
+			   NULL);
b6b438 
+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);
b6b438 
+	gnutls_cipher_deinit(cipher_hnd);
b6b438 
 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
b6b438
b6b438 
 	r.in.server = &server;
b6b438 
@@ -2092,7 +2103,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
b6b438 
 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
b6b438 
 	/* Break the old password */
b6b438 
 	old_lm_hash[0]++;
b6b438 
-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);
b6b438 
+	gnutls_cipher_init(&cipher_hnd,
b6b438 
+			   GNUTLS_CIPHER_ARCFOUR_128,
b6b438 
+			   &session_key,
b6b438 
+			   NULL);
b6b438 
+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);
b6b438 
+	gnutls_cipher_deinit(cipher_hnd);
b6b438 
 	/* unbreak it for the next operation */
b6b438 
 	old_lm_hash[0]--;
b6b438 
 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
b6b438 
@@ -2116,7 +2132,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
b6b438 
 	}
b6b438
b6b438 
 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
b6b438 
-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);
b6b438 
+	gnutls_cipher_init(&cipher_hnd,
b6b438 
+			   GNUTLS_CIPHER_ARCFOUR_128,
b6b438 
+			   &session_key,
b6b438 
+			   NULL);
b6b438 
+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);
b6b438 
+	gnutls_cipher_deinit(cipher_hnd);
b6b438
b6b438 
 	r.in.server = &server;
b6b438 
 	r.in.account = &account;
b6b438 
@@ -2192,7 +2213,12 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
b6b438 
 	E_deshash(newpass, new_lm_hash);
b6b438
b6b438 
 	encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
b6b438 
-	arcfour_crypt(lm_pass.data, old_lm_hash, 516);
b6b438 
+	gnutls_cipher_init(&cipher_hnd,
b6b438 
+			   GNUTLS_CIPHER_ARCFOUR_128,
b6b438 
+			   &session_key,
b6b438 
+			   NULL);
b6b438 
+	gnutls_cipher_encrypt(cipher_hnd, lm_pass.data, 516);
b6b438 
+	gnutls_cipher_deinit(cipher_hnd);
b6b438 
 	E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
b6b438
b6b438 
 	r.in.server = &server;
b6b438 
--
b6b438 
2.23.0
b6b438

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation