summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2004-10-27 17:40:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:04:51 -0500
commit971754c0ed8613b1897041bc5e5b67d1e3b68abe (patch)
tree3dc0f8b465dec25abb7c3efc9b9a05f6584f4e90 /source4/libcli
parent157dc5e7ea2e46fee8f57f8092371512b4e6e224 (diff)
downloadsamba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.tar.gz
samba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.tar.bz2
samba-971754c0ed8613b1897041bc5e5b67d1e3b68abe.zip
r3295: Fix for SMB signing with 56-bit DES session keys. From Nalin Dahyabhai <nalin@redhat.com>.
Jeremy. (This used to be commit afed78f359a15809b2d9b7566e16ade294944fa9)
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/raw/smb_signing.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/source4/libcli/raw/smb_signing.c b/source4/libcli/raw/smb_signing.c
index 9ba385e062..e1d7b071f2 100644
--- a/source4/libcli/raw/smb_signing.c
+++ b/source4/libcli/raw/smb_signing.c
@@ -102,6 +102,8 @@ void sign_outgoing_message(struct request_buffer *out, DATA_BLOB *mac_key, uint_
{
uint8_t calc_md5_mac[16];
struct MD5Context md5_ctx;
+ unsigned char key_buf[16];
+
/*
* Firstly put the sequence number into the first 4 bytes.
* and zero out the next 4 bytes.
@@ -114,8 +116,15 @@ void sign_outgoing_message(struct request_buffer *out, DATA_BLOB *mac_key, uint_
/* Calculate the 16 byte MAC and place first 8 bytes into the field. */
MD5Init(&md5_ctx);
- MD5Update(&md5_ctx, mac_key->data,
- mac_key->length);
+
+ /* NB. When making and verifying SMB signatures, Windows apparently
+ zero-pads the key to 128 bits if it isn't long enough.
+ From Nalin Dahyabhai <nalin@redhat.com> */
+ MD5Update(&md5_ctx, mac_key->data, mac_key->length);
+ if (mac_key->length < sizeof(key_buf)) {
+ memset(key_buf, 0, sizeof(key_buf));
+ MD5Update(&md5_ctx, key_buf, sizeof(key_buf) - mac_key->length);
+ }
MD5Update(&md5_ctx,
out->buffer + NBT_HDR_SIZE,
out->size - NBT_HDR_SIZE);