diff options
author | Günther Deschner <gd@samba.org> | 2019-09-20 18:32:43 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-10-07 08:13:44 +0000 |
commit | 709d54d68a9c2cb3cda91d9ab63228a7adbaceb4 (patch) | |
tree | cb0717c12a4789b7230afcf45d0da72859dd7a47 /auth | |
parent | 7eae4280d23404be7d27f65a0c817bea2e0084b6 (diff) | |
download | samba-709d54d68a9c2cb3cda91d9ab63228a7adbaceb4.tar.gz |
auth/gensec: fix non-AES schannel seal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14134
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/gensec/schannel.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 18ed92b703b..b5e6289ef3f 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -419,6 +419,15 @@ static NTSTATUS netsec_do_seal(struct schannel_state *state, ZERO_ARRAY(_sealing_key); return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); } + gnutls_cipher_deinit(cipher_hnd); + rc = gnutls_cipher_init(&cipher_hnd, + GNUTLS_CIPHER_ARCFOUR_128, + &sealing_key, + NULL); + if (rc < 0) { + ZERO_ARRAY(_sealing_key); + return gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + } rc = gnutls_cipher_encrypt(cipher_hnd, data, length); |