summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2014-08-06 12:47:09 -0400
committerSimo Sorce <simo@redhat.com>2014-08-06 15:44:52 -0400
commitb2d21d428bd4109416bfd96806f6e663b59ba618 (patch)
tree54c89af5e14eb97fb3ed8555aa001f7ec85ec435
parentc95bde9468c33222d9cd7655689dacfd32de956f (diff)
downloadgss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.tar.gz
gss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.tar.xz
gss-ntlmssp-b2d21d428bd4109416bfd96806f6e663b59ba618.zip
Fix unsealing without extended session security
ntlm_unseal should be symmetric to ntlm_seal
Diffstat
-rw-r--r--src/ntlm_crypto.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/src/ntlm_crypto.c b/src/ntlm_crypto.c
index bf4878a..b871997 100644
--- a/src/ntlm_crypto.c
+++ b/src/ntlm_crypto.c
@@ -759,10 +759,7 @@ int ntlm_unseal(struct ntlm_rc4_handle *handle, uint32_t flags,
struct ntlm_buffer msg_buffer;
int ret;
- if (!((flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY)
- && (flags & NTLMSSP_NEGOTIATE_SEAL))) {
- /* we only support v2 for now as we can't sign w/o session security
- * anyway */
+ if (!(flags & NTLMSSP_NEGOTIATE_SEAL)) {
return ENOTSUP;
}
@@ -772,9 +769,13 @@ int ntlm_unseal(struct ntlm_rc4_handle *handle, uint32_t flags,
ret = RC4_UPDATE(handle, &msg_buffer, output);
if (ret) return ret;
- return ntlmv2_sign(sign_key, seq_num, handle,
- (flags & NTLMSSP_NEGOTIATE_KEY_EXCH),
- output, signature);
+ if (flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) {
+ return ntlmv2_sign(sign_key, seq_num, handle,
+ (flags & NTLMSSP_NEGOTIATE_KEY_EXCH),
+ output, signature);
+ } else {
+ return ntlmv1_sign(handle, 0, seq_num, output, signature);
+ }
}
int ntlm_mic(struct ntlm_key *exported_session_key,
generated by cgit (git 2.34.1) at 2024-05-03 04:55:36 +0000