From 33a003de4056532be0c9a199d4857b9da1b18034 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 14 Sep 1997 16:37:18 +0000 Subject: This commit does 3 main things: 1) put the encryption code in by default, with no #ifdef. It is still disabled by default so you need to add "encrypt passwords = yes" in smb.conf but at least all binaries will have it. 2) cleanup the kanji code so it compiles with no warnings 3) get rid of lots of uses of ugly non-portable C code. The main offender being things like "register" but also remove uses of the "const" keyword as there are compilers out there that don't support it and even those that do often complain about its usage. Users don't like warnings :-( There is still some work to do. We need to replace the md4 code with our own implementation. The current code (from rfc1186) is PD but is not very portable. The new RFC (rfc1320) is more portable but adds copyright restrictions. I'll do a from-scratch MD4 soon. We also need to test that what I've implemented is portable. It should be, but I'm too tired right now to test it on anything other than intel linux. (This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07) --- source3/libsmb/nmblib.c | 6 ++-- source3/libsmb/smbencrypt.c | 73 +++++++-------------------------------------- 2 files changed, 13 insertions(+), 66 deletions(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c index bc967bdacb..456a8218d8 100644 --- a/source3/libsmb/nmblib.c +++ b/source3/libsmb/nmblib.c @@ -31,8 +31,8 @@ extern pstring myname; extern struct in_addr ipzero; static struct opcode_names { - const char *nmb_opcode_name; - int opcode; + char *nmb_opcode_name; + int opcode; } nmb_header_opcode_names[] = { { "Query", 0 }, {"Registration", 5 }, @@ -46,7 +46,7 @@ static struct opcode_names { * Lookup a nmb opcode name. ****************************************************************************/ -const char *lookup_opcode_name( int opcode ) +char *lookup_opcode_name( int opcode ) { struct opcode_names *op_namep; int i; diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 8bb21cfed2..b2ae363952 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -1,4 +1,3 @@ -#ifdef SMB_PASSWD /* Unix SMB/Netbios implementation. Version 1.9. @@ -22,81 +21,32 @@ */ #include "includes.h" -#include "des.h" #include "md4.h" extern int DEBUGLEVEL; #include "byteorder.h" -void str_to_key(uchar *str,uchar *key) -{ - void des_set_odd_parity(des_cblock *); - int i; - - key[0] = str[0]>>1; - key[1] = ((str[0]&0x01)<<6) | (str[1]>>2); - key[2] = ((str[1]&0x03)<<5) | (str[2]>>3); - key[3] = ((str[2]&0x07)<<4) | (str[3]>>4); - key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5); - key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6); - key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7); - key[7] = str[6]&0x7F; - for (i=0;i<8;i++) { - key[i] = (key[i]<<1); - } - des_set_odd_parity((des_cblock *)key); -} - -void D1(uchar *k, uchar *d, uchar *out) -{ - des_key_schedule ks; - des_cblock deskey; - - str_to_key(k,(uchar *)deskey); -#ifdef __FreeBSD__ - des_set_key(&deskey,ks); -#else /* __FreeBSD__ */ - des_set_key((des_cblock *)deskey,ks); -#endif /* __FreeBsd */ - des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_DECRYPT); -} - void E1(uchar *k, uchar *d, uchar *out) { - des_key_schedule ks; - des_cblock deskey; - - str_to_key(k,(uchar *)deskey); -#ifdef __FreeBSD__ - des_set_key(&deskey,ks); -#else /* __FreeBsd__ */ - des_set_key((des_cblock *)deskey,ks); -#endif /* __FreeBsd__ */ - des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_ENCRYPT); + smbdes(out, d, k); } void E_P16(uchar *p14,uchar *p16) { - uchar sp7[7]; - /* the following constant makes us compatible with other - implementations. Note that publishing this constant does not reduce the - security of the encryption mechanism */ - uchar sp8[] = {0xAA,0xD3,0xB4,0x35,0xB5,0x14,0x4,0xEE}; - uchar x[8]; - - memset(sp7,'\0',7); - - D1(sp7, sp8, x); - E1(p14, x, p16); - E1(p14+7, x, p16+8); + /* the following constant makes us compatible with other + implementations. Note that publishing this constant does not reduce the + security of the encryption mechanism */ + uchar sp8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; + E1(p14, sp8, p16); + E1(p14+7, sp8, p16+8); } void E_P24(uchar *p21, uchar *c8, uchar *p24) { - E1(p21, c8, p24); - E1(p21+7, c8, p24+8); - E1(p21+14, c8, p24+16); + E1(p21, c8, p24); + E1(p21+7, c8, p24+8); + E1(p21+14, c8, p24+16); } @@ -191,6 +141,3 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24) E_P24(p21, c8, p24); } -#else - void smbencrypt_dummy(void){} -#endif -- cgit