diff options
author | Jeremy Allison <jra@samba.org> | 2004-10-27 17:40:41 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:04:51 -0500 |
commit | 971754c0ed8613b1897041bc5e5b67d1e3b68abe (patch) | |
tree | 3dc0f8b465dec25abb7c3efc9b9a05f6584f4e90 /source4/libcli/raw | |
parent | 157dc5e7ea2e46fee8f57f8092371512b4e6e224 (diff) | |
download | samba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.tar.gz samba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.tar.bz2 samba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.zip |
r3295: Fix for SMB signing with 56-bit DES session keys. From Nalin Dahyabhai <nalin@redhat.com>.
Jeremy.
(This used to be commit afed78f359a15809b2d9b7566e16ade294944fa9)
Diffstat (limited to 'source4/libcli/raw')
-rw-r--r-- | source4/libcli/raw/smb_signing.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/source4/libcli/raw/smb_signing.c b/source4/libcli/raw/smb_signing.c index 9ba385e062..e1d7b071f2 100644 --- a/source4/libcli/raw/smb_signing.c +++ b/source4/libcli/raw/smb_signing.c @@ -102,6 +102,8 @@ void sign_outgoing_message(struct request_buffer *out, DATA_BLOB *mac_key, uint_ { uint8_t calc_md5_mac[16]; struct MD5Context md5_ctx; + unsigned char key_buf[16]; + /* * Firstly put the sequence number into the first 4 bytes. * and zero out the next 4 bytes. @@ -114,8 +116,15 @@ void sign_outgoing_message(struct request_buffer *out, DATA_BLOB *mac_key, uint_ /* Calculate the 16 byte MAC and place first 8 bytes into the field. */ MD5Init(&md5_ctx); - MD5Update(&md5_ctx, mac_key->data, - mac_key->length); + + /* NB. When making and verifying SMB signatures, Windows apparently + zero-pads the key to 128 bits if it isn't long enough. + From Nalin Dahyabhai <nalin@redhat.com> */ + MD5Update(&md5_ctx, mac_key->data, mac_key->length); + if (mac_key->length < sizeof(key_buf)) { + memset(key_buf, 0, sizeof(key_buf)); + MD5Update(&md5_ctx, key_buf, sizeof(key_buf) - mac_key->length); + } MD5Update(&md5_ctx, out->buffer + NBT_HDR_SIZE, out->size - NBT_HDR_SIZE); |