diff options
author | Andreas Schneider <asn@samba.org> | 2019-11-13 10:13:53 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-11-14 08:01:44 +0000 |
commit | 32e75bb4cca994af80bb8440009446e4a0ff5d40 (patch) | |
tree | aa50f8c533a5afc363849016a1030ef30a5a4822 | |
parent | 05f59cbcf803d57ab41b4c7fa4f81da50cd02cd6 (diff) | |
download | samba-32e75bb4cca994af80bb8440009446e4a0ff5d40.tar.gz |
libcli:auth: Check return code of netlogon_creds_step_crypt()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | libcli/auth/credentials.c | 36 |
1 files changed, 29 insertions, 7 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 3dd50a11bce..c78f2012bf2 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -33,9 +33,9 @@ #include <gnutls/gnutls.h> #include <gnutls/crypto.h> -static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds, - const struct netr_Credential *in, - struct netr_Credential *out) +static NTSTATUS netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds, + const struct netr_Credential *in, + struct netr_Credential *out) { if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { memcpy(out->data, in->data, sizeof(out->data)); @@ -44,6 +44,8 @@ static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *cre } else { des_crypt112(out->data, in->data, creds->session_key, 1); } + + return NT_STATUS_OK; } /* @@ -178,9 +180,21 @@ static NTSTATUS netlogon_creds_first_step(struct netlogon_creds_CredentialState const struct netr_Credential *client_challenge, const struct netr_Credential *server_challenge) { - netlogon_creds_step_crypt(creds, client_challenge, &creds->client); + NTSTATUS status; - netlogon_creds_step_crypt(creds, server_challenge, &creds->server); + status = netlogon_creds_step_crypt(creds, + client_challenge, + &creds->client); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = netlogon_creds_step_crypt(creds, + server_challenge, + &creds->server); + if (!NT_STATUS_IS_OK(status)) { + return status; + } creds->seed = creds->client; @@ -204,7 +218,12 @@ static NTSTATUS netlogon_creds_step(struct netlogon_creds_CredentialState *creds DEBUG(5,("\tseed+time %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4))); - netlogon_creds_step_crypt(creds, &time_cred, &creds->client); + status = netlogon_creds_step_crypt(creds, + &time_cred, + &creds->client); + if (!NT_STATUS_IS_OK(status)) { + return status; + } DEBUG(5,("\tCLIENT %08x:%08x\n", IVAL(creds->client.data, 0), IVAL(creds->client.data, 4))); @@ -215,7 +234,10 @@ static NTSTATUS netlogon_creds_step(struct netlogon_creds_CredentialState *creds DEBUG(5,("\tseed+time+1 %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4))); - netlogon_creds_step_crypt(creds, &time_cred, &creds->server); + status = netlogon_creds_step_crypt(creds, &time_cred, &creds->server); + if (!NT_STATUS_IS_OK(status)) { + return status; + } DEBUG(5,("\tSERVER %08x:%08x\n", IVAL(creds->server.data, 0), IVAL(creds->server.data, 4))); |