_PUBLIC_ int cli_credentials_get_aes256_key(struct cli_credentials *cred,
TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
- const char *salt,
DATA_BLOB *aes_256)
{
struct smb_krb5_context *smb_krb5_context = NULL;
krb5_error_code krb5_ret;
int ret;
const char *password = NULL;
+ const char *salt = NULL;
krb5_data cleartext_data;
krb5_data salt_data = {
.length = 0,
return EINVAL;
}
+ salt = cli_credentials_get_salt_principal(cred);
+ if (salt == NULL) {
+ return EINVAL;
+ }
+
password = cli_credentials_get_password(cred);
if (password == NULL) {
return EINVAL;
struct loadparm_context *lp_ctx = NULL;
TALLOC_CTX *mem_ctx = NULL;
PyObject *py_lp_ctx = Py_None;
- const char *salt = NULL;
DATA_BLOB aes_256;
int code;
PyObject *ret = NULL;
return NULL;
}
- if (!PyArg_ParseTuple(args, "s|O", &salt, &py_lp_ctx))
+ if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
mem_ctx = talloc_new(NULL);
code = cli_credentials_get_aes256_key(creds,
mem_ctx,
lp_ctx,
- salt,
&aes_256);
if (code != 0) {
PyErr_SetString(PyExc_RuntimeError,
.ml_name = "get_aes256_key",
.ml_meth = py_creds_get_aes256_key,
.ml_flags = METH_VARARGS,
- .ml_doc = "S.get_aes256_key(salt[, lp]) -> bytes\n"
+ .ml_doc = "S.get_aes256_key([lp]) -> bytes\n"
"Generate an AES256 key using the current password and\n"
- "the specified salt",
+ "the salt on this credentials object",
},
{
.ml_name = "encrypt_netr_crypt_password",
decrypted = tmp.get_nt_hash()
current_hash = unicodePwd
elif aes256_key is not None and kerberos_salt is not None:
- decrypted = tmp.get_aes256_key(kerberos_salt)
+ tmp.set_kerberos_salt_principal(kerberos_salt)
+ decrypted = tmp.get_aes256_key()
current_hash = aes256_key.value
if current_hash is not None and current_hash == decrypted:
projects / thirdparty / samba.git / commitdiff
