s4:rpc_server: Use generate_secret_buffer() to create a session key

Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Andreas Schneider <asn@samba.org> 2019-07-31 15:40:12 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2019-08-12 09:23:40 +0000
commit: 4b2480518bd3887be3a6cfb713523ac084e09fd5 (patch)
tree: 8a7cdc7263cb2e703c65fde4fbada9102241a17b /source4
parent: bf52ab7d2982de84a68a1b9c6d2f68250b7e7cca (diff)
download: samba-4b2480518bd3887be3a6cfb713523ac084e09fd5.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index b04e37f06f3..6bf907181c8 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -733,9 +733,10 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
 			 nt_errstr(nt_status)));
 
 		/*
-		 * Windows just uses a random key
+		 * Windows just uses a random key. We need to use a CSPRNG
+		 * which reseeds for generating session keys.
 		 */
-		generate_random_buffer(random_session_key,
+		generate_secret_buffer(random_session_key,
 				       sizeof(random_session_key));
 		session_key = data_blob_const(random_session_key,
 					      sizeof(random_session_key));
author	Andreas Schneider <asn@samba.org>	2019-07-31 15:40:12 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2019-08-12 09:23:40 +0000
commit	4b2480518bd3887be3a6cfb713523ac084e09fd5 (patch)
tree	8a7cdc7263cb2e703c65fde4fbada9102241a17b /source4
parent	bf52ab7d2982de84a68a1b9c6d2f68250b7e7cca (diff)
download	samba-4b2480518bd3887be3a6cfb713523ac084e09fd5.tar.gz