From 299dd35d7816770560a17a0e30886c08d9687589 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 31 Jul 2019 15:40:12 +0200
Subject: [PATCH 071/187] s4:rpc_server: Use generate_secret_buffer() to create
a session key
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4b2480518bd3887be3a6cfb713523ac084e09fd5)
---
source4/rpc_server/samr/samr_password.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index b04e37f06f3..6bf907181c8 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -733,9 +733,10 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
nt_errstr(nt_status)));
/*
- * Windows just uses a random key
+ * Windows just uses a random key. We need to use a CSPRNG
+ * which reseeds for generating session keys.
*/
- generate_random_buffer(random_session_key,
+ generate_secret_buffer(random_session_key,
sizeof(random_session_key));
session_key = data_blob_const(random_session_key,
sizeof(random_session_key));
--
2.23.0