diff options
author | Jeremy Allison <jra@samba.org> | 1998-11-12 04:17:54 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-11-12 04:17:54 +0000 |
commit | 10a9addc222b29acdcfe6afed0597dd17551fa5c (patch) | |
tree | 7ed44a2af6b2b8a96490ed901ba79b5c9791d18c | |
parent | f08caf67e43c48a2cde58a22233906972136494a (diff) | |
download | samba-10a9addc222b29acdcfe6afed0597dd17551fa5c.tar.gz samba-10a9addc222b29acdcfe6afed0597dd17551fa5c.tar.bz2 samba-10a9addc222b29acdcfe6afed0597dd17551fa5c.zip |
Moved some code (NTLMSSPcalc) out of smbdes and inline for paranioa
resons and my own piece of mind...
Jeremy.
(This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9)
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/libsmb/smbdes.c | 26 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 35 | ||||
-rw-r--r-- | source3/rpc_server/srv_util.c | 35 |
4 files changed, 62 insertions, 35 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 24d4040c3c..019e793aa6 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -530,7 +530,6 @@ void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out); void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key); void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key); void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw); -void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len); void SamOEMhash( unsigned char *data, unsigned char *key, int val); /*The following definitions come from libsmb/smbencrypt.c */ diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c index 5bff1742af..d0e1c6e85f 100644 --- a/source3/libsmb/smbdes.c +++ b/source3/libsmb/smbdes.c @@ -358,32 +358,6 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for smbhash(out + 8, in + 8, key2, forw); } -void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len) -{ - unsigned char index_i = hash[256]; - unsigned char index_j = hash[257]; - int ind; - - for( ind = 0; ind < len; ind++) - { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += hash[index_i]; - - tc = hash[index_i]; - hash[index_i] = hash[index_j]; - hash[index_j] = tc; - - t = hash[index_i] + hash[index_j]; - data[ind] = data[ind] ^ hash[t]; - } - - hash[256] = index_i; - hash[257] = index_j; -} - void SamOEMhash( unsigned char *data, unsigned char *key, int val) { unsigned char s_box[256]; diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index e02bb889cc..b899c6e08e 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -133,6 +133,33 @@ static BOOL rpc_check_hdr(prs_struct *rdata, RPC_HDR *rhdr, return True; } +static void NTLMSSPcalc_ap( struct cli_state *cli, unsigned char *data, int len) +{ + unsigned char *hash = cli->ntlmssp_hash; + unsigned char index_i = hash[256]; + unsigned char index_j = hash[257]; + int ind; + + for( ind = 0; ind < len; ind++) + { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += hash[index_i]; + + tc = hash[index_i]; + hash[index_i] = hash[index_j]; + hash[index_j] = tc; + + t = hash[index_i] + hash[index_j]; + data[ind] = data[ind] ^ hash[t]; + } + + hash[256] = index_i; + hash[257] = index_j; +} + /**************************************************************************** decrypt data on an rpc pipe ****************************************************************************/ @@ -157,7 +184,7 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata, { DEBUG(10,("rpc_auth_pipe: seal\n")); dump_data(100, reply_data, data_len); - NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)reply_data, data_len); + NTLMSSPcalc_ap(cli, (uchar*)reply_data, data_len); dump_data(100, reply_data, data_len); } @@ -185,7 +212,7 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata, DEBUG(10,("rpc_auth_pipe: verify\n")); dump_data(100, data, auth_len); - NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)(data+4), auth_len - 4); + NTLMSSPcalc_ap(cli, (uchar*)(data+4), auth_len - 4); prs_init(&auth_verf, 0x08, 4, 0, True); memcpy(auth_verf.data->data, data, 16); smb_io_rpc_auth_ntlmssp_chk("auth_sign", &chk, &auth_verf, 0); @@ -612,7 +639,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, if (auth_seal) { crc32 = crc32_calc_buffer(data->offset, mem_data(&data->data, 0)); - NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)mem_data(&data->data, 0), data->offset); + NTLMSSPcalc_ap(cli, (uchar*)mem_data(&data->data, 0), data->offset); } if (auth_seal || auth_verify) @@ -629,7 +656,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, make_rpc_auth_ntlmssp_chk(&chk, NTLMSSP_SIGN_VERSION, crc32, cli->ntlmssp_seq_num++); smb_io_rpc_auth_ntlmssp_chk("auth_sign", &chk, &auth_verf, 0); - NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)mem_data(&auth_verf.data, 4), 12); + NTLMSSPcalc_ap(cli, (uchar*)mem_data(&auth_verf.data, 4), 12); } if (auth_seal || auth_verify) diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 51df42cdff..161f845af3 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -154,6 +154,33 @@ int make_dom_gids(char *gids_str, DOM_GID **ppgids) return count; } +static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len) +{ + unsigned char *hash = p->ntlmssp_hash; + unsigned char index_i = hash[256]; + unsigned char index_j = hash[257]; + int ind; + + for( ind = 0; ind < len; ind++) + { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += hash[index_i]; + + tc = hash[index_i]; + hash[index_i] = hash[index_j]; + hash[index_j] = tc; + + t = hash[index_i] + hash[index_j]; + data[ind] = data[ind] ^ hash[t]; + } + + hash[256] = index_i; + hash[257] = index_j; +} + /******************************************************************* turns a DCE/RPC request into a DCE/RPC reply @@ -252,7 +279,7 @@ BOOL create_rpc_reply(pipes_struct *p, if (auth_seal) { crc32 = crc32_calc_buffer(data_len, data); - NTLMSSPcalc(p->ntlmssp_hash, (uchar*)data, data_len); + NTLMSSPcalc_p(p, (uchar*)data, data_len); } if (auth_seal || auth_verify) @@ -268,7 +295,7 @@ BOOL create_rpc_reply(pipes_struct *p, make_rpc_auth_ntlmssp_chk(&p->ntlmssp_chk, NTLMSSP_SIGN_VERSION, crc32, p->ntlmssp_seq_num++); smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), &p->rverf, 0); auth_data = mem_data(&p->rverf.data, 4); - NTLMSSPcalc(p->ntlmssp_hash, (uchar*)auth_data, 12); + NTLMSSPcalc_p(p, (uchar*)auth_data, 12); } } @@ -633,7 +660,7 @@ static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd) { char *data = mem_data(&pd->data, pd->offset); DEBUG(5,("api_pipe_auth_process: data %d\n", pd->offset)); - NTLMSSPcalc(p->ntlmssp_hash, (uchar*)data, data_len); + NTLMSSPcalc_p(p, (uchar*)data, data_len); crc32 = crc32_calc_buffer(data_len, data); } @@ -650,7 +677,7 @@ static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd) { char *req_data = mem_data(&pd->data, pd->offset + 4); DEBUG(5,("api_pipe_auth_process: auth %d\n", pd->offset + 4)); - NTLMSSPcalc(p->ntlmssp_hash, (uchar*)req_data, 12); + NTLMSSPcalc_p(p, (uchar*)req_data, 12); smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), pd, 0); if (!rpc_auth_ntlmssp_chk(&(p->ntlmssp_chk), crc32, |