From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Sep 2020 14:08:38 +0000 (+0200)
Subject: CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge... 
X-Git-Tag: samba-4.12.7~18
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=daeb1bebcea08d2ce3467743fd092f1826c3fb6e;p=thirdparty%2Fsamba.git

CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c

This will avoid getting rejected by the server if we generate
a weak challenge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 407cb471cbc..12cb3149ff6 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,8 +1177,7 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
 
 	TALLOC_FREE(state->creds);
 
-	generate_random_buffer(state->client_challenge.data,
-			       sizeof(state->client_challenge.data));
+	netlogon_creds_random_challenge(&state->client_challenge);
 
 	subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
 						state->binding_handle,