svn commit: samba r3295 - in branches/SAMBA_4_0/source/libcli/raw: .

[jra at samba.org]

Author: jra
Date: 2004-10-27 17:40:41 +0000 (Wed, 27 Oct 2004)
New Revision: 3295

WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/branches/SAMBA_4_0/source/libcli/raw&rev=3295&nolog=1

Log:
Fix for SMB signing with 56-bit DES session keys. From Nalin Dahyabhai <nalin at redhat.com>.
Jeremy.

Modified:
   branches/SAMBA_4_0/source/libcli/raw/smb_signing.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/raw/smb_signing.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/raw/smb_signing.c	2004-10-27 17:40:28 UTC (rev 3294)
+++ branches/SAMBA_4_0/source/libcli/raw/smb_signing.c	2004-10-27 17:40:41 UTC (rev 3295)
@@ -102,6 +102,8 @@
 {
 	uint8_t calc_md5_mac[16];
 	struct MD5Context md5_ctx;
+	unsigned char key_buf[16];
+
 	/*
 	 * Firstly put the sequence number into the first 4 bytes.
 	 * and zero out the next 4 bytes.
@@ -114,8 +116,15 @@
 
 	/* Calculate the 16 byte MAC and place first 8 bytes into the field. */
 	MD5Init(&md5_ctx);
-	MD5Update(&md5_ctx, mac_key->data, 
-		  mac_key->length); 
+
+	/* NB. When making and verifying SMB signatures, Windows apparently
+		zero-pads the key to 128 bits if it isn't long enough.
+		From Nalin Dahyabhai <nalin at redhat.com> */
+        MD5Update(&md5_ctx, mac_key->data, mac_key->length);
+        if (mac_key->length < sizeof(key_buf)) {
+                memset(key_buf, 0, sizeof(key_buf));
+                MD5Update(&md5_ctx, key_buf, sizeof(key_buf) - mac_key->length);
+        }
 	MD5Update(&md5_ctx, 
 		  out->buffer + NBT_HDR_SIZE, 
 		  out->size - NBT_HDR_SIZE);