From cb5ed3bf75bf7967a49f5fbfa5832c27dffe393a Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 28 Oct 2024 16:25:11 +0100
Subject: [PATCH] s3:rpc_server/netlogon: make use of
 netlogon_creds_decrypt_samr_CryptPassword()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit a359b4139c8043ee3c3277b7559cb6d4f58f4044)
---
 source3/rpc_server/netlogon/srv_netlog_nt.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index da1bdce2d0b..0147602bc47 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1384,6 +1384,10 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
 	struct samr_CryptPassword password_buf;
 	struct _samr_Credentials_t cr = { CRED_TYPE_PLAIN_TEXT, {0}};
 	bool ok;
+	enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
+	enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
+
+	dcesrv_call_auth_info(dce_call, &auth_type, &auth_level);
 
 	become_root();
 	status = dcesrv_netr_creds_server_step_check(p->dce_call,
@@ -1412,15 +1416,10 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
 	memcpy(password_buf.data, r->in.new_password->data, 512);
 	SIVAL(password_buf.data, 512, r->in.new_password->length);
 
-	if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-		status = netlogon_creds_aes_decrypt(creds,
-						    password_buf.data,
-						    516);
-	} else {
-		status = netlogon_creds_arcfour_crypt(creds,
-						      password_buf.data,
-						      516);
-	}
+	status = netlogon_creds_decrypt_samr_CryptPassword(creds,
+							   &password_buf,
+							   auth_type,
+							   auth_level);
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(creds);
 		return status;
-- 
2.47.2