diff options
author | Stefan Metzmacher <metze@samba.org> | 2022-12-14 10:37:41 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2022-12-14 13:35:20 +0000 |
commit | eb5df255faea7326a7b85c1e7ce5a66119a27c3a (patch) | |
tree | bfbcbcabe96c9d5437fea3d6439813bc6d2f6adc /source4/libnet | |
parent | 53d558365161be1793dad78ebcce877c732f2419 (diff) | |
download | samba-eb5df255faea7326a7b85c1e7ce5a66119a27c3a.tar.gz |
s4:libnet: correctly handle gnutls_pbkdf2() errors
We should not ignore the error nor should we map
GNUTLS_E_UNWANTED_ALGORITHM to NT_STATUS_WRONG_PASSWORD,
instead we use NT_STATUS_CRYPTO_SYSTEM_INVALID as in most other places
in the same file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Dec 14 13:35:20 UTC 2022 on sn-devel-184
Diffstat (limited to 'source4/libnet')
-rw-r--r-- | source4/libnet/libnet_passwd.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c index 60d25689ba2..d7e9400b559 100644 --- a/source4/libnet/libnet_passwd.c +++ b/source4/libnet/libnet_passwd.c @@ -81,7 +81,10 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx, cek.length); BURN_DATA(old_nt_key_data); if (rc < 0) { - status = gnutls_error_to_ntstatus(rc, NT_STATUS_WRONG_PASSWORD); + status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } } status = init_samr_CryptPasswordAES(mem_ctx, |