From 63820f4d509c10993de827bc99115f57151e8ef4 Mon Sep 17 00:00:00 2001

From: Andrew Bartlett <abartlet@samba.org>

Date: Thu, 14 Nov 2019 11:16:09 +1300

Subject: [PATCH 155/187] libcli:auth Check return code of

 netlogon_creds_aes_encrypt()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>

Autobuild-Date(master): Thu Nov 14 09:25:36 UTC 2019 on sn-devel-184

(cherry picked from commit 0361a26e395723296899c3d48cff86d532372710)

---

 libcli/auth/credentials.c        |  8 +++++++-

 libcli/auth/netlogon_creds_cli.c | 20 ++++++++++++++------

 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c

index c78f2012bf2..f1088a1d8e0 100644

--- a/libcli/auth/credentials.c

+++ b/libcli/auth/credentials.c

@@ -37,10 +37,16 @@ static NTSTATUS netlogon_creds_step_crypt(struct netlogon_creds_CredentialState

 					  const struct netr_Credential *in,

 					  struct netr_Credential *out)

 {

+	NTSTATUS status;

 	if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {

 		memcpy(out->data, in->data, sizeof(out->data));

-		netlogon_creds_aes_encrypt(creds, out->data, sizeof(out->data));

+		status = netlogon_creds_aes_encrypt(creds,

+						    out->data,

+						    sizeof(out->data));

+		if (!NT_STATUS_IS_OK(status)) {

+			return status;

+		}

 	} else {

 		des_crypt112(out->data, in->data, creds->session_key, 1);

 	}

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c

index 2123862dbd2..0378f302ffa 100644

--- a/libcli/auth/netlogon_creds_cli.c

+++ b/libcli/auth/netlogon_creds_cli.c

@@ -1995,9 +1995,13 @@ static void netlogon_creds_cli_ServerPasswordSet_locked(struct tevent_req *subre

 	if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_PASSWORD_SET2) {

 		if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {

-			netlogon_creds_aes_encrypt(&state->tmp_creds,

-					state->samr_crypt_password.data,

-					516);

+			status = netlogon_creds_aes_encrypt(&state->tmp_creds,

+							    state->samr_crypt_password.data,

+							    516);

+			if (tevent_req_nterror(req, status)) {

+				netlogon_creds_cli_ServerPasswordSet_cleanup(req, status);

+				return;

+			}

 		} else {

 			status = netlogon_creds_arcfour_crypt(&state->tmp_creds,

 							      state->samr_crypt_password.data,

@@ -3708,9 +3712,13 @@ static void netlogon_creds_cli_SendToSam_locked(struct tevent_req *subreq)

 	ZERO_STRUCT(state->rep_auth);

 	if (state->tmp_creds.negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {

-		netlogon_creds_aes_encrypt(&state->tmp_creds,

-					   state->opaque.data,

-					   state->opaque.length);

+		status = netlogon_creds_aes_encrypt(&state->tmp_creds,

+						    state->opaque.data,

+						    state->opaque.length);

+		if (tevent_req_nterror(req, status)) {

+			netlogon_creds_cli_SendToSam_cleanup(req, status);

+			return;

+		}

 	} else {

 		status = netlogon_creds_arcfour_crypt(&state->tmp_creds,

 						      state->opaque.data,

-- 

2.23.0