git.samba.org / metze / samba / wip.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ba04ff6) | patch
r13470: Thanks to a report from VL:
authorAndrew Bartlett <abartlet@samba.org>
Sun, 12 Feb 2006 12:42:37 +0000 (12:42 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:51:54 +0000 (13:51 -0500)
commite218c8442db38bcfcac9e9425e8d0e32f61c840f
treef5079c7ad9f532c648a1e44f02085dcd7d9e048dtree
parentba04ff6736c0551da06d112af28d42b351c10481commit | diff
r13470: Thanks to a report from VL:

We were causing mayhem by weakening the keys at the wrong point in time.

I think this is the correct place to do it.  The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.

The session key used for bulk data encryption/signing is weakened.

This also makes more sense, when we look at the NTLM2 code.

Andrew Bartlett
(This used to be commit 3fd32a12094ff2b6df52f5ab2af7c0ffceb5a4a0)
source4/auth/ntlmssp/ntlmssp.c diff | blob | history
source4/auth/ntlmssp/ntlmssp_client.c diff | blob | history
source4/auth/ntlmssp/ntlmssp_server.c diff | blob | history
source4/auth/ntlmssp/ntlmssp_sign.c diff | blob | history
Work in progress branches