git.samba.org / amitay / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fbfb11b)
libcli:auth: Check return value of netlogon_creds_init_128bit()
authorAndreas Schneider <asn@samba.org>
Wed, 13 Nov 2019 08:39:19 +0000 (09:39 +0100)
committerAndreas Schneider <asn@cryptomilk.org>
Thu, 14 Nov 2019 08:01:44 +0000 (08:01 +0000)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/auth/credentials.c patch | blob | history

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index baa436df71b6d6e73ce4edae0b64e8f974448d2d..1c01930a9d9cdeb31f8597164a4cbdf43bfcc67a 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -580,6 +580,8 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
 {
 
        struct netlogon_creds_CredentialState *creds = talloc_zero(mem_ctx, struct netlogon_creds_CredentialState);
+       NTSTATUS status;
+
 
        if (!creds) {
                return NULL;
@@ -604,8 +606,6 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
        }
 
        if (negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
-               NTSTATUS status;
-
                status = netlogon_creds_init_hmac_sha256(creds,
                                                         client_challenge,
                                                         server_challenge,
@@ -615,8 +615,14 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me
                        return NULL;
                }
        } else if (negotiate_flags & NETLOGON_NEG_STRONG_KEYS) {
-               netlogon_creds_init_128bit(creds, client_challenge, server_challenge,
-                                          machine_password);
+               status = netlogon_creds_init_128bit(creds,
+                                                   client_challenge,
+                                                   server_challenge,
+                                                   machine_password);
+               if (!NT_STATUS_IS_OK(status)) {
+                       talloc_free(creds);
+                       return NULL;
+               }
        } else {
                netlogon_creds_init_64bit(creds, client_challenge, server_challenge,
                                          machine_password);
Amitay's Samba development tree