From 007b56943bbec3c3b9b28be08c3088b0d28ba2d8 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 12 Nov 2019 16:56:45 +0100 Subject: [PATCH 199/208] s3:rpc_server: Allow RC4 encrypted buffers in samr_SetUserInfo() This is only allowed if we have a sealed connections! Signed-off-by: Andreas Schneider --- source3/rpc_server/samr/srv_samr_nt.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c index 91771e34502..509bce57a3b 100644 --- a/source3/rpc_server/samr/srv_samr_nt.c +++ b/source3/rpc_server/samr/srv_samr_nt.c @@ -5210,9 +5210,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, if(!NT_STATUS_IS_OK(status)) { break; } + /* + * This can be allowed as it requires a session key + * which we only have if we have a SMB session. + */ + GNUTLS_FIPS140_SET_LAX_MODE(); status = arc4_decrypt_data(session_key, info->info23.password.data, 516); + GNUTLS_FIPS140_SET_STRICT_MODE(); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5233,9 +5239,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, if(!NT_STATUS_IS_OK(status)) { break; } + /* + * This can be allowed as it requires a session key + * which we only have if we have a SMB session. + */ + GNUTLS_FIPS140_SET_LAX_MODE(); status = arc4_decrypt_data(session_key, info->info24.password.data, 516); + GNUTLS_FIPS140_SET_STRICT_MODE(); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5254,8 +5266,14 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, if(!NT_STATUS_IS_OK(status)) { break; } + /* + * This can be allowed as it requires a session key + * which we only have if we have a SMB session. + */ + GNUTLS_FIPS140_SET_LAX_MODE(); status = decode_rc4_passwd_buffer(&session_key, &info->info25.password); + GNUTLS_FIPS140_SET_STRICT_MODE(); if (!NT_STATUS_IS_OK(status)) { break; } @@ -5274,8 +5292,14 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, if(!NT_STATUS_IS_OK(status)) { break; } + /* + * This can be allowed as it requires a session key + * which we only have if we have a SMB session. + */ + GNUTLS_FIPS140_SET_LAX_MODE(); status = decode_rc4_passwd_buffer(&session_key, &info->info26.password); + GNUTLS_FIPS140_SET_STRICT_MODE(); if (!NT_STATUS_IS_OK(status)) { break; } -- 2.23.0