- change generate_challenge() to use md4 instead of des

- move routines about a bit between smbencrypt.c and smbdes.c. Ensure
that there is no entry point for normal DES operation

- add the following comment:

   This code is NOT a complete DES implementation. It implements only
   the minimum necessary for SMB authentication, as used by all SMB
   products (including every copy of Microsoft Windows95 ever sold)

   In particular, it can only do a unchained forward DES pass. This
   means it is not possible to use this code for encryption/decryption
   of data, instead it is only useful as a "hash" algorithm.

   There is no entry point into this code that allows normal DES operation.

   I believe this means that this code does not come under ITAR
   regulations but this is NOT a legal opinion. If you are concerned
   about the applicability of ITAR regulations to this code then you
   should confirm it for yourself (and maybe let me know if you come
   up with a different answer to the one above)
(This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7)

1 files changed, 2 insertions, 4 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2f6878eaf4..8163777137 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -786,13 +786,11 @@ BOOL smb_shm_get_usage(int *bytes_free,
 
 /*The following definitions come from  smbdes.c  */
 
-void smbdes(unsigned char *out, unsigned char *in, unsigned char *key);
+void E_P16(unsigned char *p14,unsigned char *p16);
+void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
 
 /*The following definitions come from  smbencrypt.c  */
 
-void E1(uchar *k, uchar *d, uchar *out);
-void E_P16(uchar *p14,uchar *p16);
-void E_P24(uchar *p21, uchar *c8, uchar *p24);
 void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24);
 void E_md4hash(uchar *passwd, uchar *p16);
 void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);