diff options
author | Simo Sorce <simo@redhat.com> | 2014-08-06 12:47:09 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-08-06 15:44:52 -0400 |
commit | b2d21d428bd4109416bfd96806f6e663b59ba618 (patch) | |
tree | 54c89af5e14eb97fb3ed8555aa001f7ec85ec435 | |
parent | c95bde9468c33222d9cd7655689dacfd32de956f (diff) | |
download | gss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.tar.gz gss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.tar.xz gss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.zip |
Fix unsealing without extended session security
ntlm_unseal should be symmetric to ntlm_seal
-rw-r--r-- | src/ntlm_crypto.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/src/ntlm_crypto.c b/src/ntlm_crypto.c index bf4878a..b871997 100644 --- a/src/ntlm_crypto.c +++ b/src/ntlm_crypto.c @@ -759,10 +759,7 @@ int ntlm_unseal(struct ntlm_rc4_handle *handle, uint32_t flags, struct ntlm_buffer msg_buffer; int ret; - if (!((flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) - && (flags & NTLMSSP_NEGOTIATE_SEAL))) { - /* we only support v2 for now as we can't sign w/o session security - * anyway */ + if (!(flags & NTLMSSP_NEGOTIATE_SEAL)) { return ENOTSUP; } @@ -772,9 +769,13 @@ int ntlm_unseal(struct ntlm_rc4_handle *handle, uint32_t flags, ret = RC4_UPDATE(handle, &msg_buffer, output); if (ret) return ret; - return ntlmv2_sign(sign_key, seq_num, handle, - (flags & NTLMSSP_NEGOTIATE_KEY_EXCH), - output, signature); + if (flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) { + return ntlmv2_sign(sign_key, seq_num, handle, + (flags & NTLMSSP_NEGOTIATE_KEY_EXCH), + output, signature); + } else { + return ntlmv1_sign(handle, 0, seq_num, output, signature); + } } int ntlm_mic(struct ntlm_key *exported_session_key, |