s4:rpc_server: Use generate_secret_buffer() to create a session key
authorAndreas Schneider <asn@samba.org>
Wed, 31 Jul 2019 13:40:12 +0000 (15:40 +0200)
committerAndreas Schneider <asn@cryptomilk.org>
Mon, 12 Aug 2019 09:23:40 +0000 (09:23 +0000)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/rpc_server/samr/samr_password.c

index b04e37f..6bf9071 100644 (file)
@@ -733,9 +733,10 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
                         nt_errstr(nt_status)));
 
                /*
-                * Windows just uses a random key
+                * Windows just uses a random key. We need to use a CSPRNG
+                * which reseeds for generating session keys.
                 */
-               generate_random_buffer(random_session_key,
+               generate_secret_buffer(random_session_key,
                                       sizeof(random_session_key));
                session_key = data_blob_const(random_session_key,
                                              sizeof(random_session_key));