diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-09-22 12:17:51 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:59:01 -0500 |
commit | 64df8e7e0b732afd26e944fc53bbbfbe174f88d8 (patch) | |
tree | 12e49d914bac8b823f56fd63c3c0f9f878b57a07 /source4/rpc_server/netlogon | |
parent | db9ea34fd13405ecfa5644a7d27333d0e96ecef7 (diff) | |
download | samba-64df8e7e0b732afd26e944fc53bbbfbe174f88d8.tar.gz samba-64df8e7e0b732afd26e944fc53bbbfbe174f88d8.tar.xz samba-64df8e7e0b732afd26e944fc53bbbfbe174f88d8.zip |
r2515: Fixes from smbtorture - these session keys are not individually encrypted.
Andrew Bartlett
(This used to be commit 131420b45e88cb72090c9b28a53295edfa364cfe)
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index b6182d31c6e..1451e174646 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -604,8 +604,10 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, } /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - if (memcmp(sam->key.key, zeros, - sizeof(sam->key.key)) != 0) { + /* It appears that level 6 is not individually encrypted */ + if ((r->in.validation_level != 6) + && memcmp(sam->key.key, zeros, + sizeof(sam->key.key)) != 0) { creds_arcfour_crypt(pipe_state->creds, sam->key.key, sizeof(sam->key.key)); @@ -619,8 +621,10 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, } /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ - if (memcmp(sam->LMSessKey.key, zeros, - sizeof(sam->LMSessKey.key)) != 0) { + /* It appears that level 6 is not individually encrypted */ + if ((r->in.validation_level != 6) + && memcmp(sam->LMSessKey.key, zeros, + sizeof(sam->LMSessKey.key)) != 0) { creds_arcfour_crypt(pipe_state->creds, sam->LMSessKey.key, sizeof(sam->LMSessKey.key)); |