|
|
b6b438 |
From 2558252a6fc918cfe5e9bdfc0d7b98a1324ab61b Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
Date: Fri, 16 Aug 2019 14:15:45 +1200
|
|
|
b6b438 |
Subject: [PATCH 096/187] s4-rpc_server: Check NTSTATUS return value from
|
|
|
b6b438 |
netlogon_creds_aes_decrypt()
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 1e427f55d71350b25a8a26e94a5cb7895d8efdf6)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
source4/rpc_server/netlogon/dcerpc_netlogon.c | 21 ++++++++++++-------
|
|
|
b6b438 |
1 file changed, 13 insertions(+), 8 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
|
|
|
b6b438 |
index ac745e32b02..49a075137ff 100644
|
|
|
b6b438 |
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
|
|
|
b6b438 |
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
|
|
|
b6b438 |
@@ -747,14 +747,17 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
|
|
|
b6b438 |
SIVAL(password_buf.data, 512, r->in.new_password->length);
|
|
|
b6b438 |
|
|
|
b6b438 |
if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
|
|
|
b6b438 |
- netlogon_creds_aes_decrypt(creds, password_buf.data, 516);
|
|
|
b6b438 |
+ nt_status = netlogon_creds_aes_decrypt(creds,
|
|
|
b6b438 |
+ password_buf.data,
|
|
|
b6b438 |
+ 516);
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
nt_status = netlogon_creds_arcfour_crypt(creds,
|
|
|
b6b438 |
password_buf.data,
|
|
|
b6b438 |
516);
|
|
|
b6b438 |
- if (!NT_STATUS_IS_OK(nt_status)) {
|
|
|
b6b438 |
- return nt_status;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ if (!NT_STATUS_IS_OK(nt_status)) {
|
|
|
b6b438 |
+ return nt_status;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
switch (creds->secure_channel_type) {
|
|
|
b6b438 |
@@ -2803,14 +2806,16 @@ static NTSTATUS dcesrv_netr_NetrLogonSendToSam(struct dcesrv_call_state *dce_cal
|
|
|
b6b438 |
|
|
|
b6b438 |
/* Buffer is meant to be 16-bit aligned */
|
|
|
b6b438 |
if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
|
|
|
b6b438 |
- netlogon_creds_aes_decrypt(creds, r->in.opaque_buffer, r->in.buffer_len);
|
|
|
b6b438 |
+ nt_status = netlogon_creds_aes_decrypt(creds,
|
|
|
b6b438 |
+ r->in.opaque_buffer,
|
|
|
b6b438 |
+ r->in.buffer_len);
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
nt_status = netlogon_creds_arcfour_crypt(creds,
|
|
|
b6b438 |
r->in.opaque_buffer,
|
|
|
b6b438 |
r->in.buffer_len);
|
|
|
b6b438 |
- if (!NT_STATUS_IS_OK(nt_status)) {
|
|
|
b6b438 |
- return nt_status;
|
|
|
b6b438 |
- }
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+ if (!NT_STATUS_IS_OK(nt_status)) {
|
|
|
b6b438 |
+ return nt_status;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
decrypted_blob.data = r->in.opaque_buffer;
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|