[Dovecot] [PATCH] NTLM fixes

Andrey Panin pazke at donpac.ru
Mon Aug 30 14:02:24 EEST 2004 

Hello,

attached patch contains small NTLM fixes:
 - open code ntlmssp_des_encrypt_triad() function;
 - add two missing safe_memset(). It's not safe to leave NTLM
   hashes on the stack, because they are plain password equivalents.

Please consider applying.

Best regards.

-- 
Andrey Panin		| Linux and UNIX system administrator
pazke at donpac.ru		| PGP key: wwwkeys.pgp.net
-------------- next part --------------
diff -urpNX /usr/share/dontdiff dovecot-cvs.vanilla/src/lib-ntlm/ntlm-encrypt.c dovecot-cvs/src/lib-ntlm/ntlm-encrypt.c
--- dovecot-cvs.vanilla/src/lib-ntlm/ntlm-encrypt.c	2004-07-30 07:01:24.000000000 +0400
+++ dovecot-cvs/src/lib-ntlm/ntlm-encrypt.c	2004-08-29 17:44:45.000000000 +0400
@@ -35,16 +35,6 @@ t_unicode_str(const char *src, int ucase
 	return buffer_free_without_data(wstr);
 }
 
-static void
-ntlmssp_des_encrypt_triad(const unsigned char *hash,
-		 	  const unsigned char *challenge,
-			  unsigned char *response)
-{
-	deshash(response, hash, challenge);
-	deshash(response + 8, hash + 7, challenge);
-	deshash(response + 16, hash + 14, challenge);
-}
-
 const unsigned char *
 lm_hash(const char *passwd, unsigned char hash[LM_HASH_SIZE])
 {
@@ -112,7 +102,11 @@ ntlmssp_v1_response(const unsigned char 
 	memset(des_hash + NTLMSSP_HASH_SIZE, 0,
 	       sizeof(des_hash) - NTLMSSP_HASH_SIZE);
 
-	ntlmssp_des_encrypt_triad(des_hash, challenge, response);
+	deshash(response, des_hash, challenge);
+	deshash(response + 8, des_hash + 7, challenge);
+	deshash(response + 16, des_hash + 14, challenge);
+
+	safe_memset(des_hash, 0, sizeof(des_hash));
 }
 
 void
@@ -131,4 +125,6 @@ ntlmssp_v2_response(const char *user, co
 	hmac_md5_update(&ctx, challenge, NTLMSSP_CHALLENGE_SIZE);
 	hmac_md5_update(&ctx, blob, blob_size);
 	hmac_md5_final(&ctx, response);
+
+	safe_memset(hash, 0, sizeof(hash));
 }
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20040830/f6c59420/attachment-0001.bin>

More information about the dovecot mailing list