2025-01-22 22:04:08 +03:00 · 2019-04-11 10:29:04 +02:00 · 2019-04-11 10:29:04 +02:00 · 5a0516bee9
commit 5a0516bee9
parent 39a665464f
4 changed files with 39 additions and 16 deletions
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@ -5793,6 +5793,8 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,

 NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session)
 {
+	NTSTATUS status;
+
 	if (session->smb1.protected_key) {
 		/* already protected */
 		return NT_STATUS_OK;
@ -5802,9 +5804,12 @@ NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session)
 		return NT_STATUS_INVALID_PARAMETER_MIX;
 	}

-	smb_key_derivation(session->smb1.application_key.data,
-			   session->smb1.application_key.length,
-			   session->smb1.application_key.data);
+	status = smb_key_derivation(session->smb1.application_key.data,
+				    session->smb1.application_key.length,
+				    session->smb1.application_key.data);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}

 	session->smb1.protected_key = true;

--- a/libcli/smb/smb_signing.c
+++ b/libcli/smb/smb_signing.c
@ -506,9 +506,11 @@ bool smb_signing_is_negotiated(struct smb_signing_state *si)
 	return si->negotiated;
 }

-void smb_key_derivation(const uint8_t *KI, size_t KI_len,
-			uint8_t KO[16])
+NTSTATUS smb_key_derivation(const uint8_t *KI,
+			    size_t KI_len,
+			    uint8_t KO[16])
 {
+	int rc;
 	static const uint8_t SSKeyHash[256] = {
 		0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
 		0x20, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75,
@ -545,10 +547,18 @@ void smb_key_derivation(const uint8_t *KI, size_t KI_len,
 	};

 	/* The callers passing down KI_len of 16 so no need to limit to 64 */
-	gnutls_hmac_fast(GNUTLS_MAC_MD5,
-			 KI,
-			 KI_len,
-			 SSKeyHash,
-			 sizeof(SSKeyHash),
-			 KO);
+	rc = gnutls_hmac_fast(GNUTLS_MAC_MD5,
+			      KI,
+			      KI_len,
+			      SSKeyHash,
+			      sizeof(SSKeyHash),
+			      KO);
+	if (rc < 0) {
+		if (rc == GNUTLS_E_UNWANTED_ALGORITHM) {
+			return NT_STATUS_HASH_NOT_SUPPORTED;
+		}
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+
+	return NT_STATUS_OK;
 }
--- a/libcli/smb/smb_signing.h
+++ b/libcli/smb/smb_signing.h
@ -52,7 +52,8 @@ bool smb_signing_is_mandatory(struct smb_signing_state *si);
 bool smb_signing_set_negotiated(struct smb_signing_state *si,
 				bool allowed, bool mandatory);
 bool smb_signing_is_negotiated(struct smb_signing_state *si);
-void smb_key_derivation(const uint8_t *KI, size_t KI_len,
-			uint8_t KO[16]);
+NTSTATUS smb_key_derivation(const uint8_t *KI,
+			    size_t KI_len,
+			    uint8_t KO[16]);

 #endif /* _SMB_SIGNING_H_ */
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@ -1038,9 +1038,16 @@ void reply_tcon_and_X(struct smb_request *req)
 		}

 		if (tcon_flags & TCONX_FLAG_EXTENDED_SIGNATURES) {
-			smb_key_derivation(x->global->application_key.data,
-					   x->global->application_key.length,
-					   x->global->application_key.data);
+			NTSTATUS status;
+
+			status = smb_key_derivation(x->global->application_key.data,
+						    x->global->application_key.length,
+						    x->global->application_key.data);
+			if (!NT_STATUS_IS_OK(status)) {
+				DBG_ERR("smb_key_derivation failed: %s\n",
+					nt_errstr(status));
+				return;
+			}
 			optional_support |= SMB_EXTENDED_SIGNATURES;
 		}