svn commit: samba r2515 - in
branches/SAMBA_4_0/source/rpc_server/netlogon: .
abartlet at samba.org
abartlet at samba.org
Wed Sep 22 12:17:51 GMT 2004
Author: abartlet
Date: 2004-09-22 12:17:51 +0000 (Wed, 22 Sep 2004)
New Revision: 2515
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/branches/SAMBA_4_0/source/rpc_server/netlogon&rev=2515&nolog=1
Log:
Fixes from smbtorture - these session keys are not individually encrypted.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c
Changeset:
Modified: branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2004-09-22 12:15:27 UTC (rev 2514)
+++ branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2004-09-22 12:17:51 UTC (rev 2515)
@@ -604,8 +604,10 @@
}
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- if (memcmp(sam->key.key, zeros,
- sizeof(sam->key.key)) != 0) {
+ /* It appears that level 6 is not individually encrypted */
+ if ((r->in.validation_level != 6)
+ && memcmp(sam->key.key, zeros,
+ sizeof(sam->key.key)) != 0) {
creds_arcfour_crypt(pipe_state->creds,
sam->key.key,
sizeof(sam->key.key));
@@ -619,8 +621,10 @@
}
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- if (memcmp(sam->LMSessKey.key, zeros,
- sizeof(sam->LMSessKey.key)) != 0) {
+ /* It appears that level 6 is not individually encrypted */
+ if ((r->in.validation_level != 6)
+ && memcmp(sam->LMSessKey.key, zeros,
+ sizeof(sam->LMSessKey.key)) != 0) {
creds_arcfour_crypt(pipe_state->creds,
sam->LMSessKey.key,
sizeof(sam->LMSessKey.key));
More information about the samba-cvs
mailing list