Blob Blame History Raw
From 34c4199f21f5d2dfbf3d732fd4da7be390ce095b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 31 Jul 2019 15:44:24 +0200
Subject: [PATCH 074/187] libcli:auth: Use generate_secret_buffer() for
 netlogon challenge

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184

(cherry picked from commit c3ba556f52b15dd80efc26e4fb8f43ce2ee3a7f0)
---
 libcli/auth/netlogon_creds_cli.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 50a5f50a57d..18143ca36d0 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,7 +1177,8 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
 
 	TALLOC_FREE(state->creds);
 
-	generate_random_buffer(state->client_challenge.data,
+	/* We need to use a CSPRNG which reseeds for generating session keys. */
+	generate_secret_buffer(state->client_challenge.data,
 			       sizeof(state->client_challenge.data));
 
 	subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
-- 
2.23.0