From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 27 Sep 2021 14:08:39 +0000 (+0200)
Subject: NTLM: use DES_set_key_unchecked with OpenSSL
X-Git-Tag: curl-7_80_0~172
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ddfa8e4809f4364ea7323026136ce8d0b0c6cff;p=thirdparty%2Fcurl.git

NTLM: use DES_set_key_unchecked with OpenSSL

... as the previously used function DES_set_key() will in some cases
reject using a key that it deems "weak" which will cause curl to
continue using the unitialized buffer content as key instead.

Assisted-by: Harry Sintonen
Fixes #7779
Closes #7781
---

diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index 749b44e4a9..70e360f248 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -150,7 +150,7 @@ static void setup_des_key(const unsigned char *key_56,
   DES_set_odd_parity(&key);
 
   /* Set the key */
-  DES_set_key(&key, ks);
+  DES_set_key_unchecked(&key, ks);
 }
 
 #elif defined(USE_GNUTLS)