|
|
b6b438 |
From 8075ae29c9e3e0af99f035883f4ddc545d5e328b Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Wed, 13 Nov 2019 09:39:19 +0100
|
|
|
b6b438 |
Subject: [PATCH 146/187] libcli:auth: Check return value of
|
|
|
b6b438 |
netlogon_creds_init_128bit()
|
|
|
b6b438 |
|
|
|
b6b438 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 2c21cd6d49d56611acb2f364473d8c2e73e74545)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
libcli/auth/credentials.c | 14 ++++++++++----
|
|
|
b6b438 |
1 file changed, 10 insertions(+), 4 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
|
|
|
b6b438 |
index baa436df71b..1c01930a9d9 100644
|
|
|
b6b438 |
--- a/libcli/auth/credentials.c
|
|
|
b6b438 |
+++ b/libcli/auth/credentials.c
|
|
|
b6b438 |
@@ -580,6 +580,8 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
|
|
|
b6b438 |
{
|
|
|
b6b438 |
|
|
|
b6b438 |
struct netlogon_creds_CredentialState *creds = talloc_zero(mem_ctx, struct netlogon_creds_CredentialState);
|
|
|
b6b438 |
+ NTSTATUS status;
|
|
|
b6b438 |
+
|
|
|
b6b438 |
|
|
|
b6b438 |
if (!creds) {
|
|
|
b6b438 |
return NULL;
|
|
|
b6b438 |
@@ -604,8 +606,6 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
if (negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
|
|
|
b6b438 |
- NTSTATUS status;
|
|
|
b6b438 |
-
|
|
|
b6b438 |
status = netlogon_creds_init_hmac_sha256(creds,
|
|
|
b6b438 |
client_challenge,
|
|
|
b6b438 |
server_challenge,
|
|
|
b6b438 |
@@ -615,8 +615,14 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
|
|
|
b6b438 |
return NULL;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
} else if (negotiate_flags & NETLOGON_NEG_STRONG_KEYS) {
|
|
|
b6b438 |
- netlogon_creds_init_128bit(creds, client_challenge, server_challenge,
|
|
|
b6b438 |
- machine_password);
|
|
|
b6b438 |
+ status = netlogon_creds_init_128bit(creds,
|
|
|
b6b438 |
+ client_challenge,
|
|
|
b6b438 |
+ server_challenge,
|
|
|
b6b438 |
+ machine_password);
|
|
|
b6b438 |
+ if (!NT_STATUS_IS_OK(status)) {
|
|
|
b6b438 |
+ talloc_free(creds);
|
|
|
b6b438 |
+ return NULL;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
netlogon_creds_init_64bit(creds, client_challenge, server_challenge,
|
|
|
b6b438 |
machine_password);
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|