diff options
| author | Stefan Metzmacher <metze@samba.org> | 2017-06-13 11:18:37 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2017-06-27 16:57:46 +0200 |
| commit | 0f5945a06df4bef501ca5085c621294057007225 (patch) | |
| tree | 2903add560bfd54f2716bb717c5b8a2cbce2600e /libcli | |
| parent | 1b48c8515ed8fd29204c82cc47f958f4636cd494 (diff) | |
| download | samba-0f5945a06df4bef501ca5085c621294057007225.tar.gz | |
libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/auth/netlogon_creds_cli.c | 20 | ||||
| -rw-r--r-- | libcli/auth/netlogon_creds_cli.h | 4 |
2 files changed, 13 insertions, 11 deletions
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index fabb2653483..367bf6caaff 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -37,6 +37,7 @@ #include "source3/include/messages.h" #include "source3/include/g_lock.h" #include "libds/common/roles.h" +#include "lib/crypto/crypto.h" struct netlogon_creds_cli_locked_state; @@ -1751,7 +1752,7 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx struct tevent_context *ev, struct netlogon_creds_cli_context *context, struct dcerpc_binding_handle *b, - const char *new_password, + const DATA_BLOB *new_password, const uint32_t *new_version) { struct tevent_req *req; @@ -1769,20 +1770,21 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx state->context = context; state->binding_handle = b; - /* - * netr_ServerPasswordSet - */ - ok = E_md4hash(new_password, state->samr_password.hash); - if (!ok) { + if (new_password->length < 14) { tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX); return tevent_req_post(req, ev); } /* + * netr_ServerPasswordSet + */ + mdfour(state->samr_password.hash, new_password->data, new_password->length); + + /* * netr_ServerPasswordSet2 */ - ok = encode_pw_buffer(state->samr_crypt_password.data, - new_password, STR_UNICODE); + ok = set_pw_in_buffer(state->samr_crypt_password.data, + new_password); if (!ok) { tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX); return tevent_req_post(req, ev); @@ -2052,7 +2054,7 @@ NTSTATUS netlogon_creds_cli_ServerPasswordSet_recv(struct tevent_req *req) NTSTATUS netlogon_creds_cli_ServerPasswordSet( struct netlogon_creds_cli_context *context, struct dcerpc_binding_handle *b, - const char *new_password, + const DATA_BLOB *new_password, const uint32_t *new_version) { TALLOC_CTX *frame = talloc_stackframe(); diff --git a/libcli/auth/netlogon_creds_cli.h b/libcli/auth/netlogon_creds_cli.h index dc274203d7d..cecb0e605c4 100644 --- a/libcli/auth/netlogon_creds_cli.h +++ b/libcli/auth/netlogon_creds_cli.h @@ -106,13 +106,13 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx struct tevent_context *ev, struct netlogon_creds_cli_context *context, struct dcerpc_binding_handle *b, - const char *new_password, + const DATA_BLOB *new_password, const uint32_t *new_version); NTSTATUS netlogon_creds_cli_ServerPasswordSet_recv(struct tevent_req *req); NTSTATUS netlogon_creds_cli_ServerPasswordSet( struct netlogon_creds_cli_context *context, struct dcerpc_binding_handle *b, - const char *new_password, + const DATA_BLOB *new_password, const uint32_t *new_version); struct tevent_req *netlogon_creds_cli_LogonSamLogon_send(TALLOC_CTX *mem_ctx, |