diff options
author | Günther Deschner <gd@samba.org> | 2019-09-20 18:32:43 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2019-10-16 19:25:11 +0000 |
commit | fc0efd56d0584d8ca950ad837bd19e7341833dbf (patch) | |
tree | 91e07cc06311486c009d3129b29cc3916b1d7fdc | |
parent | 8f4603fdc4e096cfdfd6aa998b0aa399acb3a5b8 (diff) | |
download | samba-fc0efd56d0584d8ca950ad837bd19e7341833dbf.tar.gz |
auth/gensec: fix non-AES schannel seal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14134
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 709d54d68a9c2cb3cda91d9ab63228a7adbaceb4)
-rw-r--r-- | auth/gensec/schannel.c | 9 | ||||
-rw-r--r-- | selftest/knownfail | 1 |
2 files changed, 9 insertions, 1 deletions
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 8ba1eafc76d..74a3eb5c690 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -296,6 +296,15 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, ZERO_ARRAY(_sealing_key); return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); } + gnutls_cipher_deinit(cipher_hnd); + rc = gnutls_cipher_init(&cipher_hnd, + GNUTLS_CIPHER_ARCFOUR_128, + &sealing_key, + NULL); + if (rc < 0) { + ZERO_ARRAY(_sealing_key); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } rc = gnutls_cipher_encrypt(cipher_hnd, data, length); diff --git a/selftest/knownfail b/selftest/knownfail index 94b0f014749..7b54b77a708 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -374,4 +374,3 @@ ^samba.tests.ntlmdisabled.python\(ktest\).python2.ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\) ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).python3.ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\) ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).python2.ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\) -^samba.unittests.schannel.torture_schannel_seal_rc4 |