s4:libcli/smb2: prepare SMB2 signing code for compounded requests

author Stefan Metzmacher <metze@samba.org>

Tue, 9 Jun 2009 12:52:44 +0000 (14:52 +0200)

committer Stefan Metzmacher <metze@samba.org>

Tue, 9 Jun 2009 14:49:29 +0000 (16:49 +0200)
author Stefan Metzmacher <metze@samba.org>
Tue, 9 Jun 2009 12:52:44 +0000 (14:52 +0200)
committer Stefan Metzmacher <metze@samba.org>
Tue, 9 Jun 2009 14:49:29 +0000 (16:49 +0200)
diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c

index 101fb00c1244f0cc3e4849f736d150cfe9789d1b..6af7a6d4a1131fbbe610baa2dc9755b3f9d08165 100644 (file)
--- a/source4/libcli/smb2/signing.c
+++ b/source4/libcli/smb2/signing.c
@@ -33,12 +33,15 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
         struct HMACSHA256Context m;
         uint8_t res[32];
         uint64_t session_id;
+       size_t hdr_offset;
  
         if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) {
                 /* can't sign non-SMB2 messages */
                 return NT_STATUS_OK;
         }
  
+       hdr_offset = buf->hdr - buf->buffer;
+
         session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID);
         if (session_id == 0) {
                 /* we don't sign messages with a zero session_id. See
@@ -58,7 +61,7 @@ NTSTATUS smb2_sign_message(struct smb2_request_buffer *buf, DATA_BLOB session_ke
  
         ZERO_STRUCT(m);
         hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
-       hmac_sha256_update(buf->buffer+NBT_HDR_SIZE, buf->size-NBT_HDR_SIZE, &m);
+       hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m);
         hmac_sha256_final(res, &m);
         DEBUG(5,("signed SMB2 message of size %u\n", (unsigned)buf->size - NBT_HDR_SIZE));
  
@@ -76,12 +79,15 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
         struct HMACSHA256Context m;
         uint8_t res[SHA256_DIGEST_LENGTH];
         uint8_t sig[16];
+       size_t hdr_offset;
  
         if (buf->size < NBT_HDR_SIZE + SMB2_HDR_SIGNATURE + 16) {
                 /* can't check non-SMB2 messages */
                 return NT_STATUS_OK;
         }
  
+       hdr_offset = buf->hdr - buf->buffer;
+
         session_id = BVAL(buf->hdr, SMB2_HDR_SESSION_ID);
         if (session_id == 0) {
                 /* don't sign messages with a zero session_id. See
@@ -100,7 +106,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session
  
         ZERO_STRUCT(m);
         hmac_sha256_init(session_key.data, MIN(session_key.length, 16), &m);
-       hmac_sha256_update(buf->hdr, buf->size-NBT_HDR_SIZE, &m);
+       hmac_sha256_update(buf->hdr, buf->size-hdr_offset, &m);
         hmac_sha256_final(res, &m);
  
         memcpy(buf->hdr+SMB2_HDR_SIGNATURE, sig, 16);
author	Stefan Metzmacher <metze@samba.org>
	Tue, 9 Jun 2009 12:52:44 +0000 (14:52 +0200)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 9 Jun 2009 14:49:29 +0000 (16:49 +0200)