4 files changed, 62 insertions, 35 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 24d4040c3c..019e793aa6 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -530,7 +530,6 @@ void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out);
 void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key);
 void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key);
 void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw);
-void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len);
 void SamOEMhash( unsigned char *data, unsigned char *key, int val);
 
 /*The following definitions come from  libsmb/smbencrypt.c  */
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c
index 5bff1742af..d0e1c6e85f 100644
--- a/source3/libsmb/smbdes.c
+++ b/source3/libsmb/smbdes.c
@@ -358,32 +358,6 @@ void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int for
         smbhash(out + 8, in + 8, key2, forw);
 }
 
-void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len)
-{
-	unsigned char index_i = hash[256];
-	unsigned char index_j = hash[257];
-	int ind;
-
-	for( ind = 0; ind < len; ind++)
-	{
-		unsigned char tc;
-		unsigned char t;
-
-		index_i++;
-		index_j += hash[index_i];
-
-		tc = hash[index_i];
-		hash[index_i] = hash[index_j];
-		hash[index_j] = tc;
-
-		t = hash[index_i] + hash[index_j];
-		data[ind] = data[ind] ^ hash[t];
-	}
-
-	hash[256] = index_i;
-	hash[257] = index_j;
-}
-
 void SamOEMhash( unsigned char *data, unsigned char *key, int val)
 {
   unsigned char s_box[256];
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index e02bb889cc..b899c6e08e 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -133,6 +133,33 @@ static BOOL rpc_check_hdr(prs_struct *rdata, RPC_HDR *rhdr,
 	return True;
 }
 
+static void NTLMSSPcalc_ap( struct cli_state *cli, unsigned char *data, int len)
+{
+	unsigned char *hash = cli->ntlmssp_hash;
+    unsigned char index_i = hash[256];
+    unsigned char index_j = hash[257];
+    int ind;
+
+    for( ind = 0; ind < len; ind++)
+    {
+        unsigned char tc;
+        unsigned char t;
+
+        index_i++;
+        index_j += hash[index_i];
+
+        tc = hash[index_i];
+        hash[index_i] = hash[index_j];
+        hash[index_j] = tc;
+
+        t = hash[index_i] + hash[index_j];
+        data[ind] = data[ind] ^ hash[t];
+    }
+
+    hash[256] = index_i;
+    hash[257] = index_j;
+}
+
 /****************************************************************************
  decrypt data on an rpc pipe
  ****************************************************************************/
@@ -157,7 +184,7 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata,
 	{
 		DEBUG(10,("rpc_auth_pipe: seal\n"));
 		dump_data(100, reply_data, data_len);
-		NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)reply_data, data_len);
+		NTLMSSPcalc_ap(cli, (uchar*)reply_data, data_len);
 		dump_data(100, reply_data, data_len);
 	}
 
@@ -185,7 +212,7 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata,
 
 		DEBUG(10,("rpc_auth_pipe: verify\n"));
 		dump_data(100, data, auth_len);
-		NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)(data+4), auth_len - 4);
+		NTLMSSPcalc_ap(cli, (uchar*)(data+4), auth_len - 4);
 		prs_init(&auth_verf, 0x08, 4, 0, True);
 		memcpy(auth_verf.data->data, data, 16);
 		smb_io_rpc_auth_ntlmssp_chk("auth_sign", &chk, &auth_verf, 0);
@@ -612,7 +639,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
 	if (auth_seal)
 	{
 		crc32 = crc32_calc_buffer(data->offset, mem_data(&data->data, 0));
-		NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)mem_data(&data->data, 0), data->offset);
+		NTLMSSPcalc_ap(cli, (uchar*)mem_data(&data->data, 0), data->offset);
 	}
 
 	if (auth_seal || auth_verify)
@@ -629,7 +656,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
 
 		make_rpc_auth_ntlmssp_chk(&chk, NTLMSSP_SIGN_VERSION, crc32, cli->ntlmssp_seq_num++);
 		smb_io_rpc_auth_ntlmssp_chk("auth_sign", &chk, &auth_verf, 0);
-		NTLMSSPcalc(cli->ntlmssp_hash, (uchar*)mem_data(&auth_verf.data, 4), 12);
+		NTLMSSPcalc_ap(cli, (uchar*)mem_data(&auth_verf.data, 4), 12);
 	}
 
 	if (auth_seal || auth_verify)
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 51df42cdff..161f845af3 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -154,6 +154,33 @@ int make_dom_gids(char *gids_str, DOM_GID **ppgids)
   return count;
 }
 
+static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len)
+{
+    unsigned char *hash = p->ntlmssp_hash;
+    unsigned char index_i = hash[256];
+    unsigned char index_j = hash[257];
+    int ind;
+
+    for( ind = 0; ind < len; ind++)
+    {
+        unsigned char tc;
+        unsigned char t;
+
+        index_i++;
+        index_j += hash[index_i];
+
+        tc = hash[index_i];
+        hash[index_i] = hash[index_j];
+        hash[index_j] = tc;
+
+        t = hash[index_i] + hash[index_j];
+        data[ind] = data[ind] ^ hash[t];
+    }
+
+    hash[256] = index_i;
+    hash[257] = index_j;
+}
+
 /*******************************************************************
  turns a DCE/RPC request into a DCE/RPC reply
 
@@ -252,7 +279,7 @@ BOOL create_rpc_reply(pipes_struct *p,
 		if (auth_seal)
 		{
 			crc32 = crc32_calc_buffer(data_len, data);
-			NTLMSSPcalc(p->ntlmssp_hash, (uchar*)data, data_len);
+			NTLMSSPcalc_p(p, (uchar*)data, data_len);
 		}
 
 		if (auth_seal || auth_verify)
@@ -268,7 +295,7 @@ BOOL create_rpc_reply(pipes_struct *p,
 			make_rpc_auth_ntlmssp_chk(&p->ntlmssp_chk, NTLMSSP_SIGN_VERSION, crc32, p->ntlmssp_seq_num++);
 			smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), &p->rverf, 0);
 			auth_data = mem_data(&p->rverf.data, 4);
-			NTLMSSPcalc(p->ntlmssp_hash, (uchar*)auth_data, 12);
+			NTLMSSPcalc_p(p, (uchar*)auth_data, 12);
 		}
 	}
 
@@ -633,7 +660,7 @@ static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
 	{
 		char *data = mem_data(&pd->data, pd->offset);
 		DEBUG(5,("api_pipe_auth_process: data %d\n", pd->offset));
-		NTLMSSPcalc(p->ntlmssp_hash, (uchar*)data, data_len);
+		NTLMSSPcalc_p(p, (uchar*)data, data_len);
 		crc32 = crc32_calc_buffer(data_len, data);
 	}
 
@@ -650,7 +677,7 @@ static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
 	{
 		char *req_data = mem_data(&pd->data, pd->offset + 4);
 		DEBUG(5,("api_pipe_auth_process: auth %d\n", pd->offset + 4));
-		NTLMSSPcalc(p->ntlmssp_hash, (uchar*)req_data, 12);
+		NTLMSSPcalc_p(p, (uchar*)req_data, 12);
 		smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), pd, 0);
 
 		if (!rpc_auth_ntlmssp_chk(&(p->ntlmssp_chk), crc32,