From 6aff12a9f6c33b61fe9ab89d703677a3202185db Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 21 Mar 2007 02:02:09 +0000 Subject: r21903: Get the length calculations right (I always forget the 4 byte length isn't included in the length :-). We now have working NTLMSSP transport encryption with sign+seal. W00t! Jeremy. (This used to be commit d34584cb5c53c194693ce7236020ab83f60cd235) --- source3/libsmb/smb_seal.c | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c index a509438f07..bf7f337a97 100644 --- a/source3/libsmb/smb_seal.c +++ b/source3/libsmb/smb_seal.c @@ -38,30 +38,33 @@ BOOL common_encryption_on(struct smb_trans_enc_state *es) NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf) { NTSTATUS status; - size_t orig_len = smb_len(buf); - size_t new_len = orig_len - NTLMSSP_SIG_SIZE; + size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */ DATA_BLOB sig; - if (orig_len < 8 + NTLMSSP_SIG_SIZE) { + if (buf_len < 8 + NTLMSSP_SIG_SIZE) { return NT_STATUS_BUFFER_TOO_SMALL; } + /* Adjust for the signature. */ + buf_len -= NTLMSSP_SIG_SIZE; + /* Save off the signature. */ - sig = data_blob(buf+orig_len-NTLMSSP_SIG_SIZE, NTLMSSP_SIG_SIZE); + sig = data_blob(buf+buf_len, NTLMSSP_SIG_SIZE); status = ntlmssp_unseal_packet(ntlmssp_state, (unsigned char *)buf + 8, /* 4 byte len + 0xFF 'S' 'M' 'B' */ - new_len - 8, + buf_len - 8, (unsigned char *)buf, - new_len, + buf_len, &sig); if (!NT_STATUS_IS_OK(status)) { data_blob_free(&sig); return status; } + /* Reset the length. */ - smb_setlen(buf, new_len); + smb_setlen(buf, smb_len(buf) - NTLMSSP_SIG_SIZE); return NT_STATUS_OK; } @@ -74,13 +77,12 @@ NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf, cha { NTSTATUS status; char *buf_out; - size_t orig_len = smb_len(buf); - size_t new_len = orig_len + NTLMSSP_SIG_SIZE; + size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */ DATA_BLOB sig; *ppbuf_out = NULL; - if (orig_len < 8) { + if (buf_len < 8) { return NT_STATUS_BUFFER_TOO_SMALL; } @@ -91,19 +93,19 @@ NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf, cha /* Copy the original buffer. */ - buf_out = SMB_XMALLOC_ARRAY(char, new_len); - memcpy(buf_out, buf, orig_len); + buf_out = SMB_XMALLOC_ARRAY(char, buf_len + NTLMSSP_SIG_SIZE); + memcpy(buf_out, buf, buf_len); /* Last 16 bytes undefined here... */ - smb_setlen(buf_out, new_len); + smb_setlen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE); sig = data_blob(NULL, NTLMSSP_SIG_SIZE); status = ntlmssp_seal_packet(ntlmssp_state, (unsigned char *)buf_out + 8, /* 4 byte len + 0xFF 'S' 'M' 'B' */ - orig_len - 8, + buf_len - 8, (unsigned char *)buf_out, - orig_len, + buf_len, &sig); if (!NT_STATUS_IS_OK(status)) { @@ -112,7 +114,7 @@ NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf, cha return status; } - memcpy(buf_out+orig_len, sig.data, NTLMSSP_SIG_SIZE); + memcpy(buf_out+buf_len, sig.data, NTLMSSP_SIG_SIZE); *ppbuf_out = buf_out; return NT_STATUS_OK; } -- cgit