summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2009-06-09 14:52:44 +0200
committerStefan Metzmacher <metze@samba.org>2009-06-09 16:49:29 +0200
commit81275c84d31b9939bd2e8e6c56cf2c0498468a31 (patch)
tree644bfd31a28211fb844abd41f8360ef129242bac
parent72fd5fa6bb78a054fad5e5ebe19a0c0387a7d45b (diff)
downloadsamba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.tar.gz
samba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.tar.bz2
samba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.zip
s4:libcli/smb2: prepare SMB2 signing code for compounded requests
metze
-rw-r--r--source4/libcli/smb2/signing.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c
index 101fb00c12..6af7a6d4a1 100644
--- a/source4/libcli/smb2/signing.c
+++ b/source4/libcli/smb2/signing.c
@@ -33,12 +33,15 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
struct HMACSHA256Context m;
uint8_t res[32];
uint64_t session_id;
+ size_t hdr_offset;
if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) {
/* can't sign non-SMB2 messages */
return NT_STATUS_OK;
}
+ hdr_offset = buf->hdr - buf->buffer;
+
session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID);
if (session_id == 0) {
/* we don't sign messages with a zero session_id. See
@@ -58,7 +61,7 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
ZERO_STRUCT(m);
hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
- hmac_sha256_update(buf->buffer+NBT_HDR_SIZE, buf->size-NBT_HDR_SIZE, &m);
+ hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m);
hmac_sha256_final(res, &m);
DEBUG(5,("signed SMB2 message of size %u\n", (unsigned)buf->size - NBT_HDR_SIZE));
@@ -76,12 +79,15 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
struct HMACSHA256Context m;
uint8_t res[SHA256_DIGEST_LENGTH];
uint8_t sig[16];
+ size_t hdr_offset;
if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) {
/* can't check non-SMB2 messages */
return NT_STATUS_OK;
}
+ hdr_offset = buf->hdr - buf->buffer;
+
session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID);
if (session_id == 0) {
/* don't sign messages with a zero session_id. See
@@ -100,7 +106,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
ZERO_STRUCT(m);
hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
- hmac_sha256_update(buf->hdr, buf->size-NBT_HDR_SIZE, &m);
+ hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m);
hmac_sha256_final(res, &m);
memcpy(buf->hdr+SMB2_HDR_SIGNATURE, sig, 16);