diff options
| author | Stefan Metzmacher <metze@samba.org> | 2009-06-09 14:52:44 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2009-06-09 16:49:29 +0200 |
| commit | 81275c84d31b9939bd2e8e6c56cf2c0498468a31 (patch) | |
| tree | 644bfd31a28211fb844abd41f8360ef129242bac /source4/libcli | |
| parent | 72fd5fa6bb78a054fad5e5ebe19a0c0387a7d45b (diff) | |
| download | samba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.tar.gz samba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.tar.bz2 samba-81275c84d31b9939bd2e8e6c56cf2c0498468a31.zip | |
s4:libcli/smb2: prepare SMB2 signing code for compounded requests
metze
Diffstat (limited to 'source4/libcli')
| -rw-r--r-- | source4/libcli/smb2/signing.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c index 101fb00c12..6af7a6d4a1 100644 --- a/source4/libcli/smb2/signing.c +++ b/source4/libcli/smb2/signing.c @@ -33,12 +33,15 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke struct HMACSHA256Context m; uint8_t res[32]; uint64_t session_id; + size_t hdr_offset; if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) { /* can't sign non-SMB2 messages */ return NT_STATUS_OK; } + hdr_offset = buf->hdr - buf->buffer; + session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID); if (session_id == 0) { /* we don't sign messages with a zero session_id. See @@ -58,7 +61,7 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke ZERO_STRUCT(m); hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m); - hmac_sha256_update(buf->buffer+NBT_HDR_SIZE, buf->size-NBT_HDR_SIZE, &m); + hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m); hmac_sha256_final(res, &m); DEBUG(5,("signed SMB2 message of size %u\n", (unsigned)buf->size - NBT_HDR_SIZE)); @@ -76,12 +79,15 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session struct HMACSHA256Context m; uint8_t res[SHA256_DIGEST_LENGTH]; uint8_t sig[16]; + size_t hdr_offset; if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) { /* can't check non-SMB2 messages */ return NT_STATUS_OK; } + hdr_offset = buf->hdr - buf->buffer; + session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID); if (session_id == 0) { /* don't sign messages with a zero session_id. See @@ -100,7 +106,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session ZERO_STRUCT(m); hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m); - hmac_sha256_update(buf->hdr, buf->size-NBT_HDR_SIZE, &m); + hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m); hmac_sha256_final(res, &m); memcpy(buf->hdr+SMB2_HDR_SIGNATURE, sig, 16); |