Got rid of a few magic numbers in ntlm.c

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Acked-by: David Sommerseth <davids@redhat.com>
Signed-off-by: David Sommerseth <davids@redhat.com>

1 files changed, 15 insertions, 15 deletions

diff --git a/ntlm.c b/ntlm.c
index ee33bd4..217173f 100644
--- a/ntlm.c
+++ b/ntlm.c
@@ -71,10 +71,10 @@ gen_md4_hash (const char* data, int data_len, char *result)
 {
   /* result is 16 byte md4 hash */
   const md_kt_t *md4_kt = md_kt_get("MD4");
-  char md[16];
+  char md[MD4_DIGEST_LENGTH];
 
   md_full(md4_kt, data, data_len, md);
-  memcpy (result, md, 16);
+  memcpy (result, md, MD4_DIGEST_LENGTH);
 }
 
 static void
@@ -190,14 +190,14 @@ ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_ar
   char buf2[128]; /* decoded reply from proxy */
   unsigned char phase3[464];
 
-  char md4_hash[21];
+  char md4_hash[MD4_DIGEST_LENGTH+5];
   char challenge[8], ntlm_response[24];
   int i, ret_val;
 
 	char ntlmv2_response[144];
 	char userdomain_u[256]; /* for uppercase unicode username and domain */
 	char userdomain[128];   /* the same as previous but ascii */
-	char ntlmv2_hash[16];
+	char ntlmv2_hash[MD5_DIGEST_LENGTH];
 	char ntlmv2_hmacmd5[16];
 	char *ntlmv2_blob = ntlmv2_response + 16; /* inside ntlmv2_response, length: 128 */
 	int ntlmv2_blob_size=0;
@@ -235,7 +235,7 @@ ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_ar
   gen_md4_hash (pwbuf, unicodize (pwbuf, p->up.password) - 2, md4_hash);
 
   /* pad to 21 bytes */
-  memset (md4_hash + 16, 0, 5);
+  memset(md4_hash + MD4_DIGEST_LENGTH, 0, 5);
 
   ret_val = openvpn_base64_decode( phase_2, (void *)buf2, -1);
   if (ret_val < 0)
@@ -260,7 +260,7 @@ ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_ar
 		else
 			msg (M_INFO, "Warning: Username or domain too long");
 		unicodize (userdomain_u, userdomain);
-		gen_hmac_md5(userdomain_u, 2 * strlen(userdomain), md4_hash, 16, ntlmv2_hash);
+		gen_hmac_md5(userdomain_u, 2 * strlen(userdomain), md4_hash, MD5_DIGEST_LENGTH, ntlmv2_hash);
 
 		/* NTLMv2 Blob */
 		memset(ntlmv2_blob, 0, 128);                /* Clear blob buffer */ 
@@ -292,25 +292,25 @@ ntlm_phase_3 (const struct http_proxy_info *p, const char *phase_2, struct gc_ar
 		memcpy(&ntlmv2_response[8], challenge, 8);
 
 		/* hmac-md5 */
-		gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash, 16, ntlmv2_hmacmd5);
+		gen_hmac_md5(&ntlmv2_response[8], ntlmv2_blob_size + 8, ntlmv2_hash, MD5_DIGEST_LENGTH, ntlmv2_hmacmd5);
 		
 		/* Add hmac-md5 result to the blob */
-		memcpy(ntlmv2_response, ntlmv2_hmacmd5, 16); /* Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
+		memcpy(ntlmv2_response, ntlmv2_hmacmd5, MD5_DIGEST_LENGTH); /* Note: This overwrites challenge previously written at ntlmv2_response[8..15] */
 	
 	} else { /* Generate NTLM response */
-		unsigned char key1[8], key2[8], key3[8];
+		unsigned char key1[DES_KEY_LENGTH], key2[DES_KEY_LENGTH], key3[DES_KEY_LENGTH];
 
 		create_des_keys ((unsigned char *)md4_hash, key1);
 		cipher_des_encrypt_ecb (key1, challenge, ntlm_response);
 
-		create_des_keys ((unsigned char *)&(md4_hash[7]), key2);
-		cipher_des_encrypt_ecb (key2, challenge, &ntlm_response[8]);
+		create_des_keys ((unsigned char *)&(md4_hash[DES_KEY_LENGTH-1]), key2);
+		cipher_des_encrypt_ecb (key2, challenge, &ntlm_response[DES_KEY_LENGTH]);
 
-		create_des_keys ((unsigned char *)&(md4_hash[14]), key3);
-		cipher_des_encrypt_ecb (key3, challenge, &ntlm_response[16]);
+		create_des_keys ((unsigned char *)&(md4_hash[2*(DES_KEY_LENGTH-1)]), key3);
+		cipher_des_encrypt_ecb (key3, challenge, &ntlm_response[DES_KEY_LENGTH*2]);
 	}
-	
-	
+
+
 	memset (phase3, 0, sizeof (phase3)); /* clear reply */
 
 	strcpy ((char *)phase3, "NTLMSSP\0"); /* signature */