summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-03-27 08:43:09 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-03-27 08:43:09 +0000
commit63f5167a288043553b7efaf206cf5e4338d07db0 (patch)
treec7bac094a1fc3dd76e527b46ebd60e85aa069122 /source3
parent873db3f5fd3fbfcf290cea61d7e9f58bf28b3983 (diff)
downloadsamba-63f5167a288043553b7efaf206cf5e4338d07db0.tar.gz
samba-63f5167a288043553b7efaf206cf5e4338d07db0.tar.bz2
samba-63f5167a288043553b7efaf206cf5e4338d07db0.zip
Add a few comments explaining KEY_EXCH
Andrew Bartlett (This used to be commit e5422d7413e22775bc81e36559cb69254aedb102)
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/ntlmssp.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 82eafc4cd5..ddc2e0325f 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -1022,16 +1022,19 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
/* Key exchange encryptes a new client-generated session key with
the password-derived key */
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
+ /* Make up a new session key */
uint8 client_session_key[16];
-
- generate_random_buffer(client_session_key, sizeof(client_session_key), False);
+ generate_random_buffer(client_session_key, sizeof(client_session_key), False);
+
+ /* Encrypt the new session key with the old one */
encrypted_session_key = data_blob(client_session_key, sizeof(client_session_key));
dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length);
-
SamOEMhash(encrypted_session_key.data, session_key.data, encrypted_session_key.length);
+ dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
+
+ /* Mark the new session key as the 'real' session key */
data_blob_free(&session_key);
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, client_session_key, sizeof(client_session_key));
- dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
}
/* this generates the actual auth packet */