CVE-2022-37966 auth/credentials: Allow specifying password to cli_credentials_get_aes256_key()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

[This is 4.15 only]

2 files changed, 2 insertions, 6 deletions

diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h
index e9d8b8a44b1..6fd43472ae0 100644
--- a/auth/credentials/credentials.h
+++ b/auth/credentials/credentials.h
@@ -347,6 +347,7 @@ NTSTATUS netlogon_creds_session_encrypt(
 int cli_credentials_get_aes256_key(struct cli_credentials *cred,
 				   TALLOC_CTX *mem_ctx,
 				   struct loadparm_context *lp_ctx,
+				   const char *password,
 				   const char *salt,
 				   DATA_BLOB *aes_256);
 
diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c
index db0842be66c..39b7b8dd57e 100644
--- a/auth/credentials/credentials_krb5.c
+++ b/auth/credentials/credentials_krb5.c
@@ -1462,13 +1462,13 @@ _PUBLIC_ void cli_credentials_set_target_service(struct cli_credentials *cred, c
 _PUBLIC_ int cli_credentials_get_aes256_key(struct cli_credentials *cred,
 					    TALLOC_CTX *mem_ctx,
 					    struct loadparm_context *lp_ctx,
+					    const char *password,
 					    const char *salt,
 					    DATA_BLOB *aes_256)
 {
 	struct smb_krb5_context *smb_krb5_context = NULL;
 	krb5_error_code krb5_ret;
 	int ret;
-	const char *password = NULL;
 	krb5_data cleartext_data;
 	krb5_data salt_data;
 	krb5_keyblock key;
@@ -1478,11 +1478,6 @@ _PUBLIC_ int cli_credentials_get_aes256_key(struct cli_credentials *cred,
 		return EINVAL;
 	}
 
-	password = cli_credentials_get_password(cred);
-	if (password == NULL) {
-		return EINVAL;
-	}
-
 	cleartext_data.data = discard_const_p(char, password);
 	cleartext_data.length = strlen(password);