From 299dd35d7816770560a17a0e30886c08d9687589 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 31 Jul 2019 15:40:12 +0200
Subject: [PATCH 071/187] s4:rpc_server: Use generate_secret_buffer() to create
 a session key

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4b2480518bd3887be3a6cfb713523ac084e09fd5)
---
 source4/rpc_server/samr/samr_password.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index b04e37f06f3..6bf907181c8 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -733,9 +733,10 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
 			 nt_errstr(nt_status)));
 
 		/*
-		 * Windows just uses a random key
+		 * Windows just uses a random key. We need to use a CSPRNG
+		 * which reseeds for generating session keys.
 		 */
-		generate_random_buffer(random_session_key,
+		generate_secret_buffer(random_session_key,
 				       sizeof(random_session_key));
 		session_key = data_blob_const(random_session_key,
 					      sizeof(random_session_key));
-- 
2.23.0