diff options
author | Stefan Metzmacher <metze@samba.org> | 2010-01-08 13:07:33 -0700 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-03-24 17:34:52 +0100 |
commit | c64e6e0a0fd29fb462af90a2a0195280ef5e0696 (patch) | |
tree | d64dd16fe5452bc9c3236935ae6226fd4310ec23 /source4/auth/ntlmssp/ntlmssp.c | |
parent | 3220c84b72212cb7619ecda60dd8a7c756742e3b (diff) | |
download | samba-c64e6e0a0fd29fb462af90a2a0195280ef5e0696.tar.gz samba-c64e6e0a0fd29fb462af90a2a0195280ef5e0696.tar.bz2 samba-c64e6e0a0fd29fb462af90a2a0195280ef5e0696.zip |
s4:ntlmssp: inline ntlmssp_weakend_keys()
metze
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source4/auth/ntlmssp/ntlmssp.c')
-rw-r--r-- | source4/auth/ntlmssp/ntlmssp.c | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index 1866eb56b9..e55527a51d 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -310,47 +310,6 @@ void ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state, } -/** - Weaken NTLMSSP keys to cope with down-level clients and servers. - - We probably should have some parameters to control this, but as - it only occours for LM_KEY connections, and this is controlled - by the client lanman auth/lanman auth parameters, it isn't too bad. -*/ - -DATA_BLOB ntlmssp_weakend_key(struct ntlmssp_state *ntlmssp_state, - TALLOC_CTX *mem_ctx) -{ - DATA_BLOB weakened_key = data_blob_talloc(mem_ctx, - ntlmssp_state->session_key.data, - ntlmssp_state->session_key.length); - /* Nothing to weaken. We certainly don't want to 'extend' the length... */ - if (weakened_key.length < 16) { - /* perhaps there was no key? */ - return weakened_key; - } - - /* Key weakening not performed on the master key for NTLM2 - and does not occour for NTLM1. Therefore we only need - to do this for the LM_KEY. - */ - if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) { - /* LM key doesn't support 128 bit crypto, so this is - * the best we can do. If you negotiate 128 bit, but - * not 56, you end up with 40 bit... */ - if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_56) { - weakened_key.data[7] = 0xa0; - weakened_key.length = 8; - } else { /* forty bits */ - weakened_key.data[5] = 0xe5; - weakened_key.data[6] = 0x38; - weakened_key.data[7] = 0xb0; - weakened_key.length = 8; - } - } - return weakened_key; -} - static bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security, uint32_t feature) { |