svn commit: samba r21903 - in branches/SAMBA_3_0/source/libsmb: .

Wed Mar 21 02:02:09 GMT 2007

Author: jra
Date: 2007-03-21 02:02:09 +0000 (Wed, 21 Mar 2007)
New Revision: 21903

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21903

Log:
Get the length calculations right (I always forget
the 4 byte length isn't included in the length :-).
We now have working NTLMSSP transport encryption
with sign+seal. W00t! 
Jeremy.

Modified:
   branches/SAMBA_3_0/source/libsmb/smb_seal.c


Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/smb_seal.c
===================================================================

--- branches/SAMBA_3_0/source/libsmb/smb_seal.c	2007-03-21 01:32:01 UTC (rev 21902)
+++ branches/SAMBA_3_0/source/libsmb/smb_seal.c	2007-03-21 02:02:09 UTC (rev 21903)
@@ -38,30 +38,33 @@
 NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf)
 {
 	NTSTATUS status;
-	size_t orig_len = smb_len(buf);
-	size_t new_len = orig_len - NTLMSSP_SIG_SIZE;
+	size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
 	DATA_BLOB sig;
 
-	if (orig_len < 8 + NTLMSSP_SIG_SIZE) {
+	if (buf_len < 8 + NTLMSSP_SIG_SIZE) {
 		return NT_STATUS_BUFFER_TOO_SMALL;
 	}
 
+	/* Adjust for the signature. */
+	buf_len -= NTLMSSP_SIG_SIZE;
+
 	/* Save off the signature. */
-	sig = data_blob(buf+orig_len-NTLMSSP_SIG_SIZE, NTLMSSP_SIG_SIZE);
+	sig = data_blob(buf+buf_len, NTLMSSP_SIG_SIZE);
 
 	status = ntlmssp_unseal_packet(ntlmssp_state,
 		(unsigned char *)buf + 8, /* 4 byte len + 0xFF 'S' 'M' 'B' */
-		new_len - 8,
+		buf_len - 8,
 		(unsigned char *)buf,
-		new_len,
+		buf_len,
 		&sig);
 
 	if (!NT_STATUS_IS_OK(status)) {
 		data_blob_free(&sig);
 		return status;
 	}
+
 	/* Reset the length. */
-	smb_setlen(buf, new_len);
+	smb_setlen(buf, smb_len(buf) - NTLMSSP_SIG_SIZE);
 	return NT_STATUS_OK;
 }
 
@@ -74,13 +77,12 @@
 {
 	NTSTATUS status;
 	char *buf_out;
-	size_t orig_len = smb_len(buf);
-	size_t new_len = orig_len + NTLMSSP_SIG_SIZE;
+	size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
 	DATA_BLOB sig;
 
 	*ppbuf_out = NULL;
 
-	if (orig_len < 8) {
+	if (buf_len < 8) {
 		return NT_STATUS_BUFFER_TOO_SMALL;
 	}
 
@@ -91,19 +93,19 @@
 
 	/* Copy the original buffer. */
 
-	buf_out = SMB_XMALLOC_ARRAY(char, new_len);
-	memcpy(buf_out, buf, orig_len);
+	buf_out = SMB_XMALLOC_ARRAY(char, buf_len + NTLMSSP_SIG_SIZE);
+	memcpy(buf_out, buf, buf_len);
 	/* Last 16 bytes undefined here... */
 
-	smb_setlen(buf_out, new_len);
+	smb_setlen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE);
 
 	sig = data_blob(NULL, NTLMSSP_SIG_SIZE);
 
 	status = ntlmssp_seal_packet(ntlmssp_state,
 		(unsigned char *)buf_out + 8, /* 4 byte len + 0xFF 'S' 'M' 'B' */
-		orig_len - 8,
+		buf_len - 8,
 		(unsigned char *)buf_out,
-		orig_len,
+		buf_len,
 		&sig);
 
 	if (!NT_STATUS_IS_OK(status)) {
@@ -112,7 +114,7 @@
 		return status;
 	}
 
-	memcpy(buf_out+orig_len, sig.data, NTLMSSP_SIG_SIZE);
+	memcpy(buf_out+buf_len, sig.data, NTLMSSP_SIG_SIZE);
 	*ppbuf_out = buf_out;
 	return NT_STATUS_OK;
 }

