]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0b45e08)
CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge...
authorStefan Metzmacher <metze@samba.org>
Wed, 16 Sep 2020 14:08:38 +0000 (16:08 +0200)
committerKarolin Seeger <kseeger@samba.org>
Fri, 18 Sep 2020 10:58:23 +0000 (12:58 +0200)
This will avoid getting rejected by the server if we generate
a weak challenge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
libcli/auth/netlogon_creds_cli.c patch | blob | blame | history

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 817d2cd041a0e78a1c311c1107eb7c5d57fb6d94..0f6ca11ff96d2e9b0be6b54a57d6b5fb143fd473 100644 (file)
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,8 +1177,7 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
 
        TALLOC_FREE(state->creds);
 
-       generate_random_buffer(state->client_challenge.data,
-                              sizeof(state->client_challenge.data));
+       netlogon_creds_random_challenge(&state->client_challenge);
 
        subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
                                                state->binding_handle,
Mirror of https://github.com/samba-team/samba.git