s4:rpc_server: Use generate_secret_buffer() for netlogon challange
authorAndreas Schneider <asn@samba.org>
Wed, 31 Jul 2019 13:42:26 +0000 (15:42 +0200)
committerAndreas Schneider <asn@cryptomilk.org>
Mon, 12 Aug 2019 09:23:40 +0000 (09:23 +0000)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/rpc_server/netlogon/dcerpc_netlogon.c

index ac745e3..f4e24b7 100644 (file)
@@ -90,7 +90,8 @@ static NTSTATUS dcesrv_netr_ServerReqChallenge(struct dcesrv_call_state *dce_cal
 
        pipe_state->client_challenge = *r->in.credentials;
 
-       generate_random_buffer(pipe_state->server_challenge.data,
+       /* We need to use a CSPRNG which reseeds for generating session keys. */
+       generate_secret_buffer(pipe_state->server_challenge.data,
                               sizeof(pipe_state->server_challenge.data));
 
        *r->out.return_credentials = pipe_state->server_challenge;