b6b438
From 86c2e733c461f0311eac38eb5cef1eb245aa584c Mon Sep 17 00:00:00 2001
b6b438
From: Andreas Schneider <asn@samba.org>
b6b438
Date: Wed, 13 Nov 2019 09:44:32 +0100
b6b438
Subject: [PATCH 148/187] libcli:auth: Check return status of
b6b438
 netlogon_creds_first_step()
b6b438
b6b438
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195
b6b438
b6b438
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
b6b438
(cherry picked from commit 0ed92e3e60684bfb02b01479d985535d525a5be5)
b6b438
---
b6b438
 libcli/auth/credentials.c | 24 +++++++++++++++++++-----
b6b438
 1 file changed, 19 insertions(+), 5 deletions(-)
b6b438
b6b438
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
b6b438
index 36d0368d198..359ba8c4b90 100644
b6b438
--- a/libcli/auth/credentials.c
b6b438
+++ b/libcli/auth/credentials.c
b6b438
@@ -174,15 +174,17 @@ static NTSTATUS netlogon_creds_init_hmac_sha256(struct netlogon_creds_Credential
b6b438
 	return NT_STATUS_OK;
b6b438
 }
b6b438
 
b6b438
-static void netlogon_creds_first_step(struct netlogon_creds_CredentialState *creds,
b6b438
-				      const struct netr_Credential *client_challenge,
b6b438
-				      const struct netr_Credential *server_challenge)
b6b438
+static NTSTATUS netlogon_creds_first_step(struct netlogon_creds_CredentialState *creds,
b6b438
+					  const struct netr_Credential *client_challenge,
b6b438
+					  const struct netr_Credential *server_challenge)
b6b438
 {
b6b438
 	netlogon_creds_step_crypt(creds, client_challenge, &creds->client);
b6b438
 
b6b438
 	netlogon_creds_step_crypt(creds, server_challenge, &creds->server);
b6b438
 
b6b438
 	creds->seed = creds->client;
b6b438
+
b6b438
+	return NT_STATUS_OK;
b6b438
 }
b6b438
 
b6b438
 /*
b6b438
@@ -470,7 +472,13 @@ struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *me
b6b438
 		}
b6b438
 	}
b6b438
 
b6b438
-	netlogon_creds_first_step(creds, client_challenge, server_challenge);
b6b438
+	status = netlogon_creds_first_step(creds,
b6b438
+					   client_challenge,
b6b438
+					   server_challenge);
b6b438
+	if (!NT_STATUS_IS_OK(status)) {
b6b438
+		talloc_free(creds);
b6b438
+		return NULL;
b6b438
+	}
b6b438
 
b6b438
 	dump_data_pw("Session key", creds->session_key, 16);
b6b438
 	dump_data_pw("Credential ", creds->client.data, 8);
b6b438
@@ -643,7 +651,13 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
b6b438
 		}
b6b438
 	}
b6b438
 
b6b438
-	netlogon_creds_first_step(creds, client_challenge, server_challenge);
b6b438
+	status = netlogon_creds_first_step(creds,
b6b438
+					   client_challenge,
b6b438
+					   server_challenge);
b6b438
+	if (!NT_STATUS_IS_OK(status)) {
b6b438
+		talloc_free(creds);
b6b438
+		return NULL;
b6b438
+	}
b6b438
 
b6b438
 	dump_data_pw("Session key", creds->session_key, 16);
b6b438
 	dump_data_pw("Client Credential ", creds->client.data, 8);
b6b438
-- 
b6b438
2.23.0
b6b438