]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d92c031)
CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge...
authorStefan Metzmacher <metze@samba.org>
Wed, 16 Sep 2020 14:08:38 +0000 (16:08 +0200)
committerKarolin Seeger <kseeger@samba.org>
Fri, 18 Sep 2020 09:06:21 +0000 (11:06 +0200)
This will avoid getting rejected by the server if we generate
a weak challenge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
libcli/auth/netlogon_creds_cli.c patch | blob | blame | history

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 407cb471cbcc93817d7b2cdab3934a1848425f0f..12cb3149ff607feeba4837a11157d56d2129aef5 100644 (file)
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,8 +1177,7 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
 
        TALLOC_FREE(state->creds);
 
-       generate_random_buffer(state->client_challenge.data,
-                              sizeof(state->client_challenge.data));
+       netlogon_creds_random_challenge(&state->client_challenge);
 
        subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
                                                state->binding_handle,
Mirror of https://github.com/samba-team/samba.git