message.data = input_message_buffer->value;
message.length = input_message_buffer->length;
- output.data = output_message_buffer->value;
- output.length = input_message_buffer->length;
- signature.data = &output.data[input_message_buffer->length];
+ signature.data = output_message_buffer->value;
signature.length = NTLM_SIGNATURE_SIZE;
+ output.data = (uint8_t *)output_message_buffer->value + NTLM_SIGNATURE_SIZE;
+ output.length = input_message_buffer->length;
retmin = ntlm_seal(ctx->neg_flags, &ctx->crypto_state,
&message, &output, &signature);
if (retmin) {
return GSS_S_FAILURE;
}
- message.data = input_message_buffer->value;
- message.length = input_message_buffer->length;
+ message.data = (uint8_t *)input_message_buffer->value + NTLM_SIGNATURE_SIZE;
+ message.length = input_message_buffer->length - NTLM_SIGNATURE_SIZE;
output.data = output_message_buffer->value;
output.length = output_message_buffer->length;
retmin = ntlm_unseal(ctx->neg_flags, &ctx->crypto_state,
return GSS_S_FAILURE;
}
- if (memcmp(&message.data[output.length],
+ if (memcmp(input_message_buffer->value,
signature.data, NTLM_SIGNATURE_SIZE) != 0) {
safefree(output_message_buffer->value);
return GSS_S_BAD_SIG;
struct ntlm_buffer *signature)
{
struct ntlm_signseal_handle *h;
- struct ntlm_buffer msg_buffer;
int ret;
if (!(flags & NTLMSSP_NEGOTIATE_SEAL)) {
h = &state->recv;
}
- msg_buffer = *message;
- msg_buffer.length -= NTLM_SIGNATURE_SIZE;
-
- ret = RC4_UPDATE(h->seal_handle, &msg_buffer, output);
+ ret = RC4_UPDATE(h->seal_handle, message, output);
if (ret) return ret;
if (state->ext_sec) {