|
|
b6b438 |
From 9d3ec4680cb1d460650cab011ab17f12c9cd0d69 Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Isaac Boukris <iboukris@gmail.com>
|
|
|
b6b438 |
Date: Fri, 8 Nov 2019 15:40:01 +0100
|
|
|
b6b438 |
Subject: [PATCH 180/187] smbdes: convert E_P24() and SMBOWFencrypt to use
|
|
|
b6b438 |
gnutls
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Isaac Boukris <iboukris@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit a5548af018643f2e78c482e33ef0e6073db149e4)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
auth/credentials/credentials_ntlm.c | 31 ++++++++++++++++++++---------
|
|
|
b6b438 |
libcli/auth/ntlm_check.c | 6 +++++-
|
|
|
b6b438 |
libcli/auth/proto.h | 10 +++++-----
|
|
|
b6b438 |
libcli/auth/smbdes.c | 18 +++++++++++++----
|
|
|
b6b438 |
libcli/auth/smbencrypt.c | 28 +++++++++++++++++---------
|
|
|
b6b438 |
libcli/auth/tests/test_gnutls.c | 8 ++++++--
|
|
|
b6b438 |
source3/auth/auth_util.c | 19 +++++++++++++-----
|
|
|
b6b438 |
source3/rpc_client/cli_netlogon.c | 8 +++++++-
|
|
|
b6b438 |
source3/torture/pdbtest.c | 9 +++++++--
|
|
|
b6b438 |
source3/winbindd/winbindd_pam.c | 9 ++++++++-
|
|
|
b6b438 |
source4/auth/ntlm/auth_util.c | 13 +++++++++---
|
|
|
b6b438 |
source4/torture/rpc/samsync.c | 14 +++++++++++--
|
|
|
b6b438 |
12 files changed, 129 insertions(+), 44 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/auth/credentials/credentials_ntlm.c b/auth/credentials/credentials_ntlm.c
|
|
|
b6b438 |
index bf55ab97b04..f1b22a6c9e2 100644
|
|
|
b6b438 |
--- a/auth/credentials/credentials_ntlm.c
|
|
|
b6b438 |
+++ b/auth/credentials/credentials_ntlm.c
|
|
|
b6b438 |
@@ -51,6 +51,7 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
|
|
|
b6b438 |
DATA_BLOB lm_session_key = data_blob_null;
|
|
|
b6b438 |
DATA_BLOB session_key = data_blob_null;
|
|
|
b6b438 |
const struct samr_Password *nt_hash = NULL;
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
if (cred->use_kerberos == CRED_MUST_USE_KERBEROS) {
|
|
|
b6b438 |
TALLOC_FREE(frame);
|
|
|
b6b438 |
@@ -159,7 +160,6 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
|
|
|
b6b438 |
uint8_t session_nonce[16];
|
|
|
b6b438 |
uint8_t session_nonce_hash[16];
|
|
|
b6b438 |
uint8_t user_session_key[16];
|
|
|
b6b438 |
- int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
lm_response = data_blob_talloc_zero(frame, 24);
|
|
|
b6b438 |
if (lm_response.data == NULL) {
|
|
|
b6b438 |
@@ -188,9 +188,13 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
|
|
|
b6b438 |
TALLOC_FREE(frame);
|
|
|
b6b438 |
return NT_STATUS_NO_MEMORY;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- SMBOWFencrypt(nt_hash->hash,
|
|
|
b6b438 |
- session_nonce_hash,
|
|
|
b6b438 |
- nt_response.data);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(nt_hash->hash,
|
|
|
b6b438 |
+ session_nonce_hash,
|
|
|
b6b438 |
+ nt_response.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ TALLOC_FREE(frame);
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
ZERO_ARRAY(session_nonce_hash);
|
|
|
b6b438 |
|
|
|
b6b438 |
@@ -228,8 +232,12 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
|
|
|
b6b438 |
TALLOC_FREE(frame);
|
|
|
b6b438 |
return NT_STATUS_NO_MEMORY;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
- SMBOWFencrypt(nt_hash->hash, challenge.data,
|
|
|
b6b438 |
- nt_response.data);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(nt_hash->hash, challenge.data,
|
|
|
b6b438 |
+ nt_response.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ TALLOC_FREE(frame);
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
session_key = data_blob_talloc_zero(frame, 16);
|
|
|
b6b438 |
if (session_key.data == NULL) {
|
|
|
b6b438 |
@@ -254,9 +262,14 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
|
|
|
b6b438 |
return NT_STATUS_NO_MEMORY;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
- SMBencrypt_hash(lm_hash,
|
|
|
b6b438 |
- challenge.data,
|
|
|
b6b438 |
- lm_response.data);
|
|
|
b6b438 |
+ rc = SMBencrypt_hash(lm_hash,
|
|
|
b6b438 |
+ challenge.data,
|
|
|
b6b438 |
+ lm_response.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ ZERO_STRUCT(lm_hash);
|
|
|
b6b438 |
+ TALLOC_FREE(frame);
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
/* just copy the nt_response */
|
|
|
b6b438 |
lm_response = data_blob_dup_talloc(frame, nt_response);
|
|
|
b6b438 |
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
|
|
|
b6b438 |
index 5058add3811..9f779f85fa1 100644
|
|
|
b6b438 |
--- a/libcli/auth/ntlm_check.c
|
|
|
b6b438 |
+++ b/libcli/auth/ntlm_check.c
|
|
|
b6b438 |
@@ -36,6 +36,7 @@ static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
|
|
|
b6b438 |
{
|
|
|
b6b438 |
/* Finish the encryption of part_passwd. */
|
|
|
b6b438 |
uint8_t p24[24];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
if (part_passwd == NULL) {
|
|
|
b6b438 |
DEBUG(10,("No password set - DISALLOWING access\n"));
|
|
|
b6b438 |
@@ -55,7 +56,10 @@ static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
|
|
|
b6b438 |
return false;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
- SMBOWFencrypt(part_passwd, sec_blob->data, p24);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(part_passwd, sec_blob->data, p24);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return false;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
#if DEBUG_PASSWORD
|
|
|
b6b438 |
DEBUG(100,("Part password (P16) was |\n"));
|
|
|
b6b438 |
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
|
|
|
b6b438 |
index 212b46bb0e8..5209d6766e4 100644
|
|
|
b6b438 |
--- a/libcli/auth/proto.h
|
|
|
b6b438 |
+++ b/libcli/auth/proto.h
|
|
|
b6b438 |
@@ -99,7 +99,7 @@ NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DAT
|
|
|
b6b438 |
|
|
|
b6b438 |
/* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/smbencrypt.c */
|
|
|
b6b438 |
|
|
|
b6b438 |
-void SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[24]);
|
|
|
b6b438 |
+int SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[24]);
|
|
|
b6b438 |
bool SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24]);
|
|
|
b6b438 |
|
|
|
b6b438 |
/**
|
|
|
b6b438 |
@@ -129,9 +129,9 @@ void nt_lm_owf_gen(const char *pwd, uint8_t nt_p16[16], uint8_t p16[16]);
|
|
|
b6b438 |
bool ntv2_owf_gen(const uint8_t owf[16],
|
|
|
b6b438 |
const char *user_in, const char *domain_in,
|
|
|
b6b438 |
uint8_t kr_buf[16]);
|
|
|
b6b438 |
-void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24]);
|
|
|
b6b438 |
-void SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
-void SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
+int SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24]);
|
|
|
b6b438 |
+int SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
+int SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
NTSTATUS SMBOWFencrypt_ntv2(const uint8_t kr[16],
|
|
|
b6b438 |
const DATA_BLOB *srv_chal,
|
|
|
b6b438 |
const DATA_BLOB *smbcli_chal,
|
|
|
b6b438 |
@@ -224,7 +224,7 @@ void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int
|
|
|
b6b438 |
int des_crypt56_gnutls(uint8_t out[8], const uint8_t in[8], const uint8_t key[7],
|
|
|
b6b438 |
enum samba_gnutls_direction encrypt);
|
|
|
b6b438 |
int E_P16(const uint8_t *p14,uint8_t *p16);
|
|
|
b6b438 |
-void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
+int E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24);
|
|
|
b6b438 |
void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out);
|
|
|
b6b438 |
void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16]);
|
|
|
b6b438 |
void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw);
|
|
|
b6b438 |
diff --git a/libcli/auth/smbdes.c b/libcli/auth/smbdes.c
|
|
|
b6b438 |
index 46fd5849f5b..4e3499f9d26 100644
|
|
|
b6b438 |
--- a/libcli/auth/smbdes.c
|
|
|
b6b438 |
+++ b/libcli/auth/smbdes.c
|
|
|
b6b438 |
@@ -374,11 +374,21 @@ int E_P16(const uint8_t *p14,uint8_t *p16)
|
|
|
b6b438 |
return des_crypt56_gnutls(p16+8, sp8, p14+7, SAMBA_GNUTLS_ENCRYPT);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
-void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
+int E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
- des_crypt56(p24, c8, p21, 1);
|
|
|
b6b438 |
- des_crypt56(p24+8, c8, p21+7, 1);
|
|
|
b6b438 |
- des_crypt56(p24+16, c8, p21+14, 1);
|
|
|
b6b438 |
+ int ret;
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ ret = des_crypt56_gnutls(p24, c8, p21, SAMBA_GNUTLS_ENCRYPT);
|
|
|
b6b438 |
+ if (ret != 0) {
|
|
|
b6b438 |
+ return ret;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ ret = des_crypt56_gnutls(p24+8, c8, p21+7, SAMBA_GNUTLS_ENCRYPT);
|
|
|
b6b438 |
+ if (ret != 0) {
|
|
|
b6b438 |
+ return ret;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ return des_crypt56_gnutls(p24+16, c8, p21+14, SAMBA_GNUTLS_ENCRYPT);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out)
|
|
|
b6b438 |
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
index f2f446eda97..337e89ef559 100644
|
|
|
b6b438 |
--- a/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
+++ b/libcli/auth/smbencrypt.c
|
|
|
b6b438 |
@@ -32,14 +32,15 @@
|
|
|
b6b438 |
#include <gnutls/gnutls.h>
|
|
|
b6b438 |
#include <gnutls/crypto.h>
|
|
|
b6b438 |
|
|
|
b6b438 |
-void SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[24])
|
|
|
b6b438 |
+int SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[24])
|
|
|
b6b438 |
{
|
|
|
b6b438 |
uint8_t p21[21];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
memset(p21,'\0',21);
|
|
|
b6b438 |
memcpy(p21, lm_hash, 16);
|
|
|
b6b438 |
|
|
|
b6b438 |
- SMBOWFencrypt(p21, c8, p24);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(p21, c8, p24);
|
|
|
b6b438 |
|
|
|
b6b438 |
#ifdef DEBUG_PASSWORD
|
|
|
b6b438 |
DEBUG(100,("SMBencrypt_hash: lm#, challenge, response\n"));
|
|
|
b6b438 |
@@ -47,6 +48,8 @@ void SMBencrypt_hash(const uint8_t lm_hash[16], const uint8_t *c8, uint8_t p24[2
|
|
|
b6b438 |
dump_data(100, c8, 8);
|
|
|
b6b438 |
dump_data(100, p24, 24);
|
|
|
b6b438 |
#endif
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ return rc;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/*
|
|
|
b6b438 |
@@ -61,9 +64,13 @@ bool SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24])
|
|
|
b6b438 |
{
|
|
|
b6b438 |
bool ret;
|
|
|
b6b438 |
uint8_t lm_hash[16];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
ret = E_deshash(passwd, lm_hash);
|
|
|
b6b438 |
- SMBencrypt_hash(lm_hash, c8, p24);
|
|
|
b6b438 |
+ rc = SMBencrypt_hash(lm_hash, c8, p24);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ ret = false;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
return ret;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
@@ -266,25 +273,26 @@ out:
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/* Does the des encryption from the NT or LM MD4 hash. */
|
|
|
b6b438 |
-void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24])
|
|
|
b6b438 |
+int SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24])
|
|
|
b6b438 |
{
|
|
|
b6b438 |
uint8_t p21[21];
|
|
|
b6b438 |
|
|
|
b6b438 |
ZERO_STRUCT(p21);
|
|
|
b6b438 |
|
|
|
b6b438 |
memcpy(p21, passwd, 16);
|
|
|
b6b438 |
- E_P24(p21, c8, p24);
|
|
|
b6b438 |
+ return E_P24(p21, c8, p24);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/* Does the des encryption. */
|
|
|
b6b438 |
|
|
|
b6b438 |
-void SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
+int SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
uint8_t p21[21];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
memset(p21,'\0',21);
|
|
|
b6b438 |
memcpy(p21, nt_hash, 16);
|
|
|
b6b438 |
- SMBOWFencrypt(p21, c8, p24);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(p21, c8, p24);
|
|
|
b6b438 |
|
|
|
b6b438 |
#ifdef DEBUG_PASSWORD
|
|
|
b6b438 |
DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n"));
|
|
|
b6b438 |
@@ -292,15 +300,17 @@ void SMBNTencrypt_hash(const uint8_t nt_hash[16], const uint8_t *c8, uint8_t *p2
|
|
|
b6b438 |
dump_data(100, c8, 8);
|
|
|
b6b438 |
dump_data(100, p24, 24);
|
|
|
b6b438 |
#endif
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ return rc;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
/* Does the NT MD4 hash then des encryption. Plaintext version of the above. */
|
|
|
b6b438 |
|
|
|
b6b438 |
-void SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
+int SMBNTencrypt(const char *passwd, const uint8_t *c8, uint8_t *p24)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
uint8_t nt_hash[16];
|
|
|
b6b438 |
E_md4hash(passwd, nt_hash);
|
|
|
b6b438 |
- SMBNTencrypt_hash(nt_hash, c8, p24);
|
|
|
b6b438 |
+ return SMBNTencrypt_hash(nt_hash, c8, p24);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/libcli/auth/tests/test_gnutls.c b/libcli/auth/tests/test_gnutls.c
|
|
|
b6b438 |
index a6e8fd5b352..9fafe2a767b 100644
|
|
|
b6b438 |
--- a/libcli/auth/tests/test_gnutls.c
|
|
|
b6b438 |
+++ b/libcli/auth/tests/test_gnutls.c
|
|
|
b6b438 |
@@ -298,8 +298,10 @@ static void torture_gnutls_E_P24(void **state)
|
|
|
b6b438 |
};
|
|
|
b6b438 |
|
|
|
b6b438 |
uint8_t crypt[24];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
- E_P24(key, c8, crypt);
|
|
|
b6b438 |
+ rc = E_P24(key, c8, crypt);
|
|
|
b6b438 |
+ assert_int_equal(rc, 0);
|
|
|
b6b438 |
assert_memory_equal(crypt, crypt_expected, 24);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
@@ -319,8 +321,10 @@ static void torture_gnutls_SMBOWFencrypt(void **state)
|
|
|
b6b438 |
};
|
|
|
b6b438 |
|
|
|
b6b438 |
uint8_t crypt[24];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
- SMBOWFencrypt(password, c8, crypt);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(password, c8, crypt);
|
|
|
b6b438 |
+ assert_int_equal(rc, 0);
|
|
|
b6b438 |
assert_memory_equal(crypt, crypt_expected, 24);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
|
|
|
b6b438 |
index d0be7e6c576..546a2d347e4 100644
|
|
|
b6b438 |
--- a/source3/auth/auth_util.c
|
|
|
b6b438 |
+++ b/source3/auth/auth_util.c
|
|
|
b6b438 |
@@ -207,6 +207,7 @@ bool make_user_info_netlogon_interactive(TALLOC_CTX *mem_ctx,
|
|
|
b6b438 |
struct samr_Password nt_pwd;
|
|
|
b6b438 |
unsigned char local_lm_response[24];
|
|
|
b6b438 |
unsigned char local_nt_response[24];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
if (lm_interactive_pwd)
|
|
|
b6b438 |
memcpy(lm_pwd.hash, lm_interactive_pwd, sizeof(lm_pwd.hash));
|
|
|
b6b438 |
@@ -214,13 +215,21 @@ bool make_user_info_netlogon_interactive(TALLOC_CTX *mem_ctx,
|
|
|
b6b438 |
if (nt_interactive_pwd)
|
|
|
b6b438 |
memcpy(nt_pwd.hash, nt_interactive_pwd, sizeof(nt_pwd.hash));
|
|
|
b6b438 |
|
|
|
b6b438 |
- if (lm_interactive_pwd)
|
|
|
b6b438 |
- SMBOWFencrypt(lm_pwd.hash, chal,
|
|
|
b6b438 |
- local_lm_response);
|
|
|
b6b438 |
+ if (lm_interactive_pwd) {
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(lm_pwd.hash, chal,
|
|
|
b6b438 |
+ local_lm_response);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return false;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
- if (nt_interactive_pwd)
|
|
|
b6b438 |
- SMBOWFencrypt(nt_pwd.hash, chal,
|
|
|
b6b438 |
+ if (nt_interactive_pwd) {
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(nt_pwd.hash, chal,
|
|
|
b6b438 |
local_nt_response);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return false;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
{
|
|
|
b6b438 |
bool ret;
|
|
|
b6b438 |
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
|
|
|
b6b438 |
index ea9cb757048..175f83d6750 100644
|
|
|
b6b438 |
--- a/source3/rpc_client/cli_netlogon.c
|
|
|
b6b438 |
+++ b/source3/rpc_client/cli_netlogon.c
|
|
|
b6b438 |
@@ -37,6 +37,7 @@
|
|
|
b6b438 |
#include "dbwrap/dbwrap.h"
|
|
|
b6b438 |
#include "dbwrap/dbwrap_open.h"
|
|
|
b6b438 |
#include "util_tdb.h"
|
|
|
b6b438 |
+#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
|
|
|
b6b438 |
NTSTATUS rpccli_pre_open_netlogon_creds(void)
|
|
|
b6b438 |
@@ -528,6 +529,7 @@ NTSTATUS rpccli_netlogon_password_logon(
|
|
|
b6b438 |
case NetlogonNetworkTransitiveInformation: {
|
|
|
b6b438 |
struct netr_NetworkInfo *network_info;
|
|
|
b6b438 |
uint8_t chal[8];
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
ZERO_STRUCT(lm);
|
|
|
b6b438 |
ZERO_STRUCT(nt);
|
|
|
b6b438 |
@@ -541,7 +543,11 @@ NTSTATUS rpccli_netlogon_password_logon(
|
|
|
b6b438 |
generate_random_buffer(chal, 8);
|
|
|
b6b438 |
|
|
|
b6b438 |
SMBencrypt(password, chal, local_lm_response);
|
|
|
b6b438 |
- SMBNTencrypt(password, chal, local_nt_response);
|
|
|
b6b438 |
+ rc = SMBNTencrypt(password, chal, local_nt_response);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ TALLOC_FREE(frame);
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
lm.length = 24;
|
|
|
b6b438 |
lm.data = local_lm_response;
|
|
|
b6b438 |
diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c
|
|
|
b6b438 |
index fdf72187b6c..5d74aa9ab78 100644
|
|
|
b6b438 |
--- a/source3/torture/pdbtest.c
|
|
|
b6b438 |
+++ b/source3/torture/pdbtest.c
|
|
|
b6b438 |
@@ -278,9 +278,14 @@ static bool test_auth(TALLOC_CTX *mem_ctx, struct samu *pdb_entry)
|
|
|
b6b438 |
NTSTATUS status;
|
|
|
b6b438 |
bool ok;
|
|
|
b6b438 |
uint8_t authoritative = 0;
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(pdb_get_nt_passwd(pdb_entry), challenge_8,
|
|
|
b6b438 |
+ local_nt_response);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return False;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
- SMBOWFencrypt(pdb_get_nt_passwd(pdb_entry), challenge_8,
|
|
|
b6b438 |
- local_nt_response);
|
|
|
b6b438 |
SMBsesskeygen_ntv1(pdb_get_nt_passwd(pdb_entry), local_nt_session_key);
|
|
|
b6b438 |
|
|
|
b6b438 |
if (tsocket_address_inet_from_strings(NULL, "ip", NULL, 0, &remote_address) != 0) {
|
|
|
b6b438 |
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
|
|
|
b6b438 |
index 8946dd70f99..b456a3994f8 100644
|
|
|
b6b438 |
--- a/source3/winbindd/winbindd_pam.c
|
|
|
b6b438 |
+++ b/source3/winbindd/winbindd_pam.c
|
|
|
b6b438 |
@@ -47,6 +47,7 @@
|
|
|
b6b438 |
#include "libads/krb5_errs.h"
|
|
|
b6b438 |
#include "param/param.h"
|
|
|
b6b438 |
#include "messaging/messaging.h"
|
|
|
b6b438 |
+#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
#include <gnutls/crypto.h>
|
|
|
b6b438 |
@@ -1792,8 +1793,14 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(
|
|
|
b6b438 |
}
|
|
|
b6b438 |
data_blob_free(&names_blob);
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
lm_resp = data_blob_null;
|
|
|
b6b438 |
- SMBNTencrypt(pass, chal, local_nt_response);
|
|
|
b6b438 |
+ rc = SMBNTencrypt(pass, chal, local_nt_response);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ DEBUG(0, ("winbindd_pam_auth: SMBNTencrypt() failed!\n"));
|
|
|
b6b438 |
+ result = gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ goto done;
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
|
|
|
b6b438 |
nt_resp = data_blob_talloc(mem_ctx, local_nt_response,
|
|
|
b6b438 |
sizeof(local_nt_response));
|
|
|
b6b438 |
diff --git a/source4/auth/ntlm/auth_util.c b/source4/auth/ntlm/auth_util.c
|
|
|
b6b438 |
index 7e72cb5123d..a0d061dca2a 100644
|
|
|
b6b438 |
--- a/source4/auth/ntlm/auth_util.c
|
|
|
b6b438 |
+++ b/source4/auth/ntlm/auth_util.c
|
|
|
b6b438 |
@@ -28,6 +28,7 @@
|
|
|
b6b438 |
#include "auth/ntlm/auth_proto.h"
|
|
|
b6b438 |
#include "librpc/gen_ndr/drsuapi.h"
|
|
|
b6b438 |
#include "dsdb/samdb/samdb.h"
|
|
|
b6b438 |
+#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
#undef DBGC_CLASS
|
|
|
b6b438 |
#define DBGC_CLASS DBGC_AUTH
|
|
|
b6b438 |
@@ -41,6 +42,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth4_context *auth_conte
|
|
|
b6b438 |
const struct auth_usersupplied_info *user_info_in,
|
|
|
b6b438 |
const struct auth_usersupplied_info **user_info_encrypted)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
NTSTATUS nt_status;
|
|
|
b6b438 |
struct auth_usersupplied_info *user_info_temp;
|
|
|
b6b438 |
switch (to_state) {
|
|
|
b6b438 |
@@ -103,12 +105,17 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth4_context *auth_conte
|
|
|
b6b438 |
data_blob_free(&ntlmv2_session_key);
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
DATA_BLOB blob = data_blob_talloc(mem_ctx, NULL, 24);
|
|
|
b6b438 |
- SMBOWFencrypt(user_info_in->password.hash.nt->hash, chal, blob.data);
|
|
|
b6b438 |
-
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(user_info_in->password.hash.nt->hash, chal, blob.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
user_info_temp->password.response.nt = blob;
|
|
|
b6b438 |
if (lpcfg_client_lanman_auth(auth_context->lp_ctx) && user_info_in->password.hash.lanman) {
|
|
|
b6b438 |
DATA_BLOB lm_blob = data_blob_talloc(mem_ctx, NULL, 24);
|
|
|
b6b438 |
- SMBOWFencrypt(user_info_in->password.hash.lanman->hash, chal, blob.data);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(user_info_in->password.hash.lanman->hash, chal, blob.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
user_info_temp->password.response.lanman = lm_blob;
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
/* if not sending the LM password, send the NT password twice */
|
|
|
b6b438 |
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
|
|
|
b6b438 |
index 869d3ba96b6..6b9759b88fd 100644
|
|
|
b6b438 |
--- a/source4/torture/rpc/samsync.c
|
|
|
b6b438 |
+++ b/source4/torture/rpc/samsync.c
|
|
|
b6b438 |
@@ -36,6 +36,7 @@
|
|
|
b6b438 |
#include "librpc/gen_ndr/ndr_samr_c.h"
|
|
|
b6b438 |
#include "librpc/gen_ndr/ndr_security.h"
|
|
|
b6b438 |
#include "param/param.h"
|
|
|
b6b438 |
+#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
#define TEST_MACHINE_NAME "samsynctest"
|
|
|
b6b438 |
#define TEST_WKSTA_MACHINE_NAME "samsynctest2"
|
|
|
b6b438 |
@@ -61,6 +62,7 @@ static NTSTATUS test_SamLogon(struct torture_context *tctx,
|
|
|
b6b438 |
union netr_Validation validation;
|
|
|
b6b438 |
uint8_t authoritative;
|
|
|
b6b438 |
struct dcerpc_binding_handle *b = p->binding_handle;
|
|
|
b6b438 |
+ int rc;
|
|
|
b6b438 |
|
|
|
b6b438 |
ninfo.identity_info.domain_name.string = domain;
|
|
|
b6b438 |
ninfo.identity_info.parameter_control = 0;
|
|
|
b6b438 |
@@ -72,7 +74,11 @@ static NTSTATUS test_SamLogon(struct torture_context *tctx,
|
|
|
b6b438 |
if (nt_hash) {
|
|
|
b6b438 |
ninfo.nt.length = 24;
|
|
|
b6b438 |
ninfo.nt.data = talloc_array(mem_ctx, uint8_t, 24);
|
|
|
b6b438 |
- SMBOWFencrypt(nt_hash->hash, ninfo.challenge, ninfo.nt.data);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(nt_hash->hash, ninfo.challenge,
|
|
|
b6b438 |
+ ninfo.nt.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
ninfo.nt.length = 0;
|
|
|
b6b438 |
ninfo.nt.data = NULL;
|
|
|
b6b438 |
@@ -81,7 +87,11 @@ static NTSTATUS test_SamLogon(struct torture_context *tctx,
|
|
|
b6b438 |
if (lm_hash) {
|
|
|
b6b438 |
ninfo.lm.length = 24;
|
|
|
b6b438 |
ninfo.lm.data = talloc_array(mem_ctx, uint8_t, 24);
|
|
|
b6b438 |
- SMBOWFencrypt(lm_hash->hash, ninfo.challenge, ninfo.lm.data);
|
|
|
b6b438 |
+ rc = SMBOWFencrypt(lm_hash->hash, ninfo.challenge,
|
|
|
b6b438 |
+ ninfo.lm.data);
|
|
|
b6b438 |
+ if (rc != 0) {
|
|
|
b6b438 |
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
|
|
|
b6b438 |
+ }
|
|
|
b6b438 |
} else {
|
|
|
b6b438 |
ninfo.lm.length = 0;
|
|
|
b6b438 |
ninfo.lm.data = NULL;
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|