rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0154-libcli-auth-Check-return-code-of-netlogon_creds_step.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420 c9s-sig-storage-samba-421
  1.   d028719cc75bf00b7052616ba5f30c5eae46612b
  2.   SOURCES
  3.   0154-libcli-auth-Check-return-code-of-netlogon_creds_step.patch
Blob History Raw
b6b438 
From 760fc5d0b41a6c12c79f19ec2834925cbd651b80 Mon Sep 17 00:00:00 2001
b6b438 
From: Andreas Schneider <asn@samba.org>
b6b438 
Date: Wed, 13 Nov 2019 10:13:53 +0100
b6b438 
Subject: [PATCH 154/187] libcli:auth: Check return code of
b6b438 
 netlogon_creds_step_crypt()
b6b438
b6b438 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195
b6b438
b6b438 
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438 
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
b6b438 
(cherry picked from commit 32e75bb4cca994af80bb8440009446e4a0ff5d40)
b6b438 
---
b6b438 
 libcli/auth/credentials.c | 36 +++++++++++++++++++++++++++++-------
b6b438 
 1 file changed, 29 insertions(+), 7 deletions(-)
b6b438
b6b438 
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
b6b438 
index 3dd50a11bce..c78f2012bf2 100644
b6b438 
--- a/libcli/auth/credentials.c
b6b438 
+++ b/libcli/auth/credentials.c
b6b438 
@@ -33,9 +33,9 @@
b6b438 
 #include <gnutls/gnutls.h>
b6b438 
 #include <gnutls/crypto.h>
b6b438
b6b438 
-static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds,
b6b438 
-				      const struct netr_Credential *in,
b6b438 
-				      struct netr_Credential *out)
b6b438 
+static NTSTATUS netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds,
b6b438 
+					  const struct netr_Credential *in,
b6b438 
+					  struct netr_Credential *out)
b6b438 
 {
b6b438 
 	if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
b6b438 
 		memcpy(out->data, in->data, sizeof(out->data));
b6b438 
@@ -44,6 +44,8 @@ static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *cre
b6b438 
 	} else {
b6b438 
 		des_crypt112(out->data, in->data, creds->session_key, 1);
b6b438 
 	}
b6b438 
+
b6b438 
+	return NT_STATUS_OK;
b6b438 
 }
b6b438
b6b438 
 /*
b6b438 
@@ -178,9 +180,21 @@ static NTSTATUS netlogon_creds_first_step(struct netlogon_creds_CredentialState
b6b438 
 					  const struct netr_Credential *client_challenge,
b6b438 
 					  const struct netr_Credential *server_challenge)
b6b438 
 {
b6b438 
-	netlogon_creds_step_crypt(creds, client_challenge, &creds->client);
b6b438 
+	NTSTATUS status;
b6b438
b6b438 
-	netlogon_creds_step_crypt(creds, server_challenge, &creds->server);
b6b438 
+	status = netlogon_creds_step_crypt(creds,
b6b438 
+					   client_challenge,
b6b438 
+					   &creds->client);
b6b438 
+	if (!NT_STATUS_IS_OK(status)) {
b6b438 
+		return status;
b6b438 
+	}
b6b438 
+
b6b438 
+	status = netlogon_creds_step_crypt(creds,
b6b438 
+					   server_challenge,
b6b438 
+					   &creds->server);
b6b438 
+	if (!NT_STATUS_IS_OK(status)) {
b6b438 
+		return status;
b6b438 
+	}
b6b438
b6b438 
 	creds->seed = creds->client;
b6b438
b6b438 
@@ -204,7 +218,12 @@ static NTSTATUS netlogon_creds_step(struct netlogon_creds_CredentialState *creds
b6b438
b6b438 
 	DEBUG(5,("\tseed+time   %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
b6b438
b6b438 
-	netlogon_creds_step_crypt(creds, &time_cred, &creds->client);
b6b438 
+	status = netlogon_creds_step_crypt(creds,
b6b438 
+					   &time_cred,
b6b438 
+					   &creds->client);
b6b438 
+	if (!NT_STATUS_IS_OK(status)) {
b6b438 
+		return status;
b6b438 
+	}
b6b438
b6b438 
 	DEBUG(5,("\tCLIENT      %08x:%08x\n",
b6b438 
 		 IVAL(creds->client.data, 0), IVAL(creds->client.data, 4)));
b6b438 
@@ -215,7 +234,10 @@ static NTSTATUS netlogon_creds_step(struct netlogon_creds_CredentialState *creds
b6b438 
 	DEBUG(5,("\tseed+time+1 %08x:%08x\n",
b6b438 
 		 IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
b6b438
b6b438 
-	netlogon_creds_step_crypt(creds, &time_cred, &creds->server);
b6b438 
+	status = netlogon_creds_step_crypt(creds, &time_cred, &creds->server);
b6b438 
+	if (!NT_STATUS_IS_OK(status)) {
b6b438 
+		return status;
b6b438 
+	}
b6b438
b6b438 
 	DEBUG(5,("\tSERVER      %08x:%08x\n",
b6b438 
 		 IVAL(creds->server.data, 0), IVAL(creds->server.data, 4)));
b6b438 
--
b6b438 
2.23.0
b6b438

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation