s4:rpc_server/netlogon: make use of netlogon_creds_decrypt_samr_CryptPassword

author Stefan Metzmacher <metze@samba.org>

Mon, 28 Oct 2024 15:30:19 +0000 (16:30 +0100)

committer Douglas Bagnall <dbagnall@samba.org>

Wed, 30 Oct 2024 23:08:36 +0000 (23:08 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 28 Oct 2024 15:30:19 +0000 (16:30 +0100)
committer Douglas Bagnall <dbagnall@samba.org>
Wed, 30 Oct 2024 23:08:36 +0000 (23:08 +0000)
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c

index 7d6034199d6d68b43deb56e95d9e68f9eef16fcb..c3b134a92afd1f208a81b243dedff004366e893f 100644 (file)
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1073,6 +1073,10 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
         DATA_BLOB dec_blob = data_blob_null;
         DATA_BLOB enc_blob = data_blob_null;
         struct samr_CryptPassword password_buf;
+       enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
+       enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
+
+       dcesrv_call_auth_info(dce_call, &auth_type, &auth_level);
  
         nt_status = dcesrv_netr_creds_server_step_check(dce_call,
                                                         mem_ctx,
@@ -1090,16 +1094,10 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
         memcpy(password_buf.data, r->in.new_password->data, 512);
         SIVAL(password_buf.data, 512, r->in.new_password->length);
  
-       if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-               nt_status = netlogon_creds_aes_decrypt(creds,
-                                                      password_buf.data,
-                                                      516);
-       } else {
-               nt_status = netlogon_creds_arcfour_crypt(creds,
-                                                        password_buf.data,
-                                                        516);
-       }
-
+       nt_status = netlogon_creds_decrypt_samr_CryptPassword(creds,
+                                                             &password_buf,
+                                                             auth_type,
+                                                             auth_level);
         if (!NT_STATUS_IS_OK(nt_status)) {
                 return nt_status;
         }
author	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Oct 2024 15:30:19 +0000 (16:30 +0100)
committer	Douglas Bagnall <dbagnall@samba.org>
	Wed, 30 Oct 2024 23:08:36 +0000 (23:08 +0000)