svn commit: samba r10845 - in
branches/SAMBA_4_0/source/libcli/auth: .
abartlet at samba.org
abartlet at samba.org
Sun Oct 9 12:38:24 GMT 2005
Author: abartlet
Date: 2005-10-09 12:38:23 +0000 (Sun, 09 Oct 2005)
New Revision: 10845
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10845
Log:
Add new function to decrypt the session keys in samlogon responses.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/libcli/auth/credentials.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/auth/credentials.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/auth/credentials.c 2005-10-09 12:13:05 UTC (rev 10844)
+++ branches/SAMBA_4_0/source/libcli/auth/credentials.c 2005-10-09 12:38:23 UTC (rev 10845)
@@ -315,3 +315,47 @@
return NT_STATUS_ACCESS_DENIED;
}
}
+
+void creds_decrypt_samlogon(struct creds_CredentialState *creds,
+ uint16_t validation_level,
+ union netr_Validation *validation)
+{
+ static const char zeros[16];
+
+ struct netr_SamBaseInfo *base;
+ switch (validation_level) {
+ case 2:
+ base = &validation->sam2->base;
+ break;
+ case 3:
+ base = &validation->sam3->base;
+ break;
+ case 6:
+ base = &validation->sam6->base;
+ break;
+ }
+ /* find and decyrpt the session keys, return in parameters above */
+ if (validation_level == 6) {
+ /* they aren't encrypted! */
+ } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
+ if (memcmp(base->key.key, zeros,
+ sizeof(base->key.key)) != 0) {
+ creds_arcfour_crypt(creds,
+ base->key.key,
+ sizeof(base->key.key));
+ }
+
+ if (memcmp(base->LMSessKey.key, zeros,
+ sizeof(base->LMSessKey.key)) != 0) {
+ creds_arcfour_crypt(creds,
+ base->LMSessKey.key,
+ sizeof(base->LMSessKey.key));
+ }
+ } else {
+ if (memcmp(base->LMSessKey.key, zeros,
+ sizeof(base->LMSessKey.key)) != 0) {
+ creds_des_decrypt_LMKey(creds,
+ &base->LMSessKey);
+ }
+ }
+}
More information about the samba-cvs
mailing list