#include "smb_crypt.h"
#include "libsmb/libsmb.h"
#include "ntlmssp_wrap.h"
+#include "libcli/auth/krb5_wrap.h"
+#undef malloc
/******************************************************************************
Pull out the encryption context for this packet. 0 means global context.
NTSTATUS get_enc_ctx_num(const uint8_t *buf, uint16_t *p_enc_ctx_num)
{
- if (smb_len(buf) < 8) {
+ if (smb_len_nbt(buf) < 8) {
return NT_STATUS_INVALID_BUFFER_SIZE;
}
static void smb_set_enclen(char *buf,int len,uint16_t enc_ctx_num)
{
- _smb_setlen(buf,len);
+ _smb_setlen_nbt(buf,len);
SCVAL(buf,4,0xFF);
SCVAL(buf,5,'E');
static NTSTATUS common_ntlm_decrypt_buffer(struct auth_ntlmssp_state *auth_ntlmssp_state, char *buf)
{
NTSTATUS status;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
+ size_t buf_len = smb_len_nbt(buf) + 4; /* Don't forget the 4 length bytes. */
size_t data_len;
char *inbuf;
DATA_BLOB sig;
memcpy(buf + 8, inbuf + 8 + NTLMSSP_SIG_SIZE, data_len);
/* Reset the length and overwrite the header. */
- smb_setlen(buf,data_len + 4);
+ smb_setlen_nbt(buf,data_len + 4);
SAFE_FREE(inbuf);
return NT_STATUS_OK;
{
NTSTATUS status;
char *buf_out;
- size_t data_len = smb_len(buf) - 4; /* Ignore the 0xFF SMB bytes. */
+ size_t data_len = smb_len_nbt(buf) - 4; /* Ignore the 0xFF SMB bytes. */
DATA_BLOB sig;
TALLOC_CTX *frame;
*ppbuf_out = NULL;
frame = talloc_stackframe();
/*
- * We know smb_len can't return a value > 128k, so no int overflow
+ * We know smb_len_nbt can't return a value > 128k, so no int overflow
* check needed.
*/
- buf_out = SMB_XMALLOC_ARRAY(char, 8 + NTLMSSP_SIG_SIZE + data_len);
+ buf_out = (char *)malloc(8 + NTLMSSP_SIG_SIZE + data_len);
+ if (buf_out == NULL) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
/* Copy the data from the original buffer. */
memcpy(buf_out + 8 + NTLMSSP_SIG_SIZE, buf + 8, data_len);
- smb_set_enclen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num);
+ smb_set_enclen(buf_out, smb_len_nbt(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num);
ZERO_STRUCT(sig);
OM_uint32 minor = 0;
int flags_got = 0;
gss_buffer_desc in_buf, out_buf;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
+ size_t buf_len = smb_len_nbt(buf) + 4; /* Don't forget the 4 length bytes. */
if (buf_len < 8) {
return NT_STATUS_BUFFER_TOO_SMALL;
(gss_qop_t *) NULL);
if (ret != GSS_S_COMPLETE) {
- ADS_STATUS adss = ADS_ERROR_GSS(ret, minor);
- DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. Error %s\n",
- ads_errstr(adss) ));
- return map_nt_error_from_gss(ret, minor);
+ NTSTATUS status = NT_STATUS_ACCESS_DENIED;
+ char *gss_err;
+
+ gss_err = gssapi_error_string(talloc_tos(),
+ ret, minor,
+ GSS_C_NULL_OID);
+ DEBUG(0,("common_gss_decrypt_buffer: gss_unwrap failed. "
+ "Error [%d/%d] - %s - %s\n",
+ ret, minor, nt_errstr(status),
+ gss_err ? gss_err : "<unknown>"));
+ talloc_free(gss_err);
+
+ return status;
}
if (out_buf.length > in_buf.length) {
- DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap size (%u) too large (%u) !\n",
+ DEBUG(0,("common_gss_decrypt_buffer: gss_unwrap size (%u) too large (%u) !\n",
(unsigned int)out_buf.length,
(unsigned int)in_buf.length ));
gss_release_buffer(&minor, &out_buf);
memcpy(buf + 8, out_buf.value, out_buf.length);
/* Reset the length and overwrite the header. */
- smb_setlen(buf, out_buf.length + 4);
+ smb_setlen_nbt(buf, out_buf.length + 4);
gss_release_buffer(&minor, &out_buf);
return NT_STATUS_OK;
OM_uint32 minor = 0;
int flags_got = 0;
gss_buffer_desc in_buf, out_buf;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
+ size_t buf_len = smb_len_nbt(buf) + 4; /* Don't forget the 4 length bytes. */
*ppbuf_out = NULL;
&out_buf);
if (ret != GSS_S_COMPLETE) {
- ADS_STATUS adss = ADS_ERROR_GSS(ret, minor);
- DEBUG(0,("common_gss_encrypt_buffer: gss_wrap failed. Error %s\n",
- ads_errstr(adss) ));
- return map_nt_error_from_gss(ret, minor);
+ NTSTATUS status = NT_STATUS_ACCESS_DENIED;
+ char *gss_err;
+
+ gss_err = gssapi_error_string(talloc_tos(),
+ ret, minor,
+ GSS_C_NULL_OID);
+ DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. "
+ "Error [%d/%d] - %s - %s\n",
+ ret, minor, nt_errstr(status),
+ gss_err ? gss_err : "<unknown>"));
+ talloc_free(gss_err);
+
+ return status;
}
if (!flags_got) {
* bother :-*(. JRA.
*/
- *ppbuf_out = (char *)SMB_MALLOC(out_buf.length + 8); /* We know this can't wrap. */
+ *ppbuf_out = (char *)malloc(out_buf.length + 8); /* We know this can't wrap. */
if (!*ppbuf_out) {
gss_release_buffer(&minor, &out_buf);
return NT_STATUS_NO_MEMORY;
return;
}
- if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
- SAFE_FREE(buf);
- return;
- }
-
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- if (es->smb_enc_type == SMB_TRANS_ENC_GSS) {
- OM_uint32 min;
- gss_buffer_desc rel_buf;
- rel_buf.value = buf;
- rel_buf.length = smb_len(buf) + 4;
- gss_release_buffer(&min, &rel_buf);
- }
-#endif
+ SAFE_FREE(buf);
}