From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 27 Aug 2009 11:16:15 +0000 (+0200)
Subject: s3:netlogon: replace cred_hash3 by des_crypt112_16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=570a8cf5bb6924905b3ad20353d1e7b0ca087748;p=thirdparty%2Fsamba.git

s3:netlogon: replace cred_hash3 by des_crypt112_16

This makes sure we don't truncate the session key to 8 bytes
Fixes bug #6664.

metze
---

diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c
index 23618efd9fc..f2a260c3d17 100644
--- a/source/rpc_client/cli_netlogon.c
+++ b/source/rpc_client/cli_netlogon.c
@@ -601,9 +601,9 @@ NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
 
 		struct samr_Password new_password;
 
-		cred_hash3(new_password.hash,
-			   new_trust_passwd_hash,
-			   cli->dc->sess_key, 1);
+		des_crypt112_16(new_password.hash,
+				new_trust_passwd_hash,
+				cli->dc->sess_key, 1);
 
 		result = rpccli_netr_ServerPasswordSet(cli, mem_ctx,
 						       cli->dc->remote_machine,
diff --git a/source/rpc_server/srv_netlog_nt.c b/source/rpc_server/srv_netlog_nt.c
index dd490961d3a..0c76c8e9e48 100644
--- a/source/rpc_server/srv_netlog_nt.c
+++ b/source/rpc_server/srv_netlog_nt.c
@@ -669,8 +669,7 @@ NTSTATUS _netr_ServerPasswordSet(pipes_struct *p,
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
 
-	/* Woah - what does this to to the credential chain ? JRA */
-	cred_hash3(pwd, r->in.new_password->hash, p->dc->sess_key, 0);
+	des_crypt112_16(pwd, r->in.new_password->hash, p->dc->sess_key, 0);
 
 	DEBUG(100,("_netr_ServerPasswordSet: new given value was :\n"));
 	for(i = 0; i < sizeof(pwd); i++)