diff options
author | Andreas Schneider <asn@samba.org> | 2019-07-31 15:41:29 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-08-12 09:23:40 +0000 |
commit | 5a62056b4530e4c509444be9164a1fca1dce193f (patch) | |
tree | 98316700c4454403c1d608cc145dc42162bf5c7c /source4 | |
parent | 4b2480518bd3887be3a6cfb713523ac084e09fd5 (diff) | |
download | samba-5a62056b4530e4c509444be9164a1fca1dce193f.tar.gz |
s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/rpc_server/backupkey/dcesrv_backupkey.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index a826ae083f4..d192858e468 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -1263,7 +1263,8 @@ static WERROR generate_bkrp_server_wrap_key(TALLOC_CTX *ctx, struct ldb_context char *secret_name; TALLOC_CTX *frame = talloc_stackframe(); - generate_random_buffer(wrap_key.key, sizeof(wrap_key.key)); + /* We need to use a CSPRNG which reseeds for generating session keys. */ + generate_secret_buffer(wrap_key.key, sizeof(wrap_key.key)); ndr_err = ndr_push_struct_blob(&blob_wrap_key, ctx, &wrap_key, (ndr_push_flags_fn_t)ndr_push_bkrp_dc_serverwrap_key); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { |