diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-02-17 15:35:42 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2022-06-09 22:49:29 +0000 |
| commit | ae6634c78774d2368e815dea650ba71650dd1861 (patch) | |
| tree | bf361a9acf1e5eb9595b25adea734d303bad31c4 /libcli/auth | |
| parent | 87f68500ed651f393e2fc6c514ab08b561a60a9b (diff) | |
| download | samba-ae6634c78774d2368e815dea650ba71650dd1861.tar.gz | |
auth: Use constant-time memcmp when comparing sensitive buffers
This helps to avoid timing attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15010
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli/auth')
| -rw-r--r-- | libcli/auth/credentials.c | 4 | ||||
| -rw-r--r-- | libcli/auth/netlogon_creds_cli.c | 10 | ||||
| -rw-r--r-- | libcli/auth/ntlm_check.c | 8 |
3 files changed, 11 insertions, 11 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 23339d98bfa..bd257410c5c 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -659,7 +659,7 @@ bool netlogon_creds_client_check(struct netlogon_creds_CredentialState *creds, const struct netr_Credential *received_credentials) { if (!received_credentials || - memcmp(received_credentials->data, creds->server.data, 8) != 0) { + memcmp_const_time(received_credentials->data, creds->server.data, 8) != 0) { DEBUG(2,("credentials check failed\n")); return false; } @@ -678,7 +678,7 @@ next comes the server specific functions static bool netlogon_creds_server_check_internal(const struct netlogon_creds_CredentialState *creds, const struct netr_Credential *received_credentials) { - if (memcmp(received_credentials->data, creds->client.data, 8) != 0) { + if (memcmp_const_time(received_credentials->data, creds->client.data, 8) != 0) { DEBUG(2,("credentials check failed\n")); dump_data_pw("client creds", creds->client.data, 8); dump_data_pw("calc creds", received_credentials->data, 8); diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index e92a042c012..369e3d94d3f 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -652,7 +652,7 @@ bool netlogon_creds_cli_validate(struct netlogon_creds_cli_context *context, return false; } - cmp = data_blob_cmp(&blob1, &blob2); + cmp = data_blob_cmp_const_time(&blob1, &blob2); TALLOC_FREE(frame); @@ -3227,8 +3227,8 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } - cmp = memcmp(state->new_owf_password.hash, - zero.hash, sizeof(zero.hash)); + cmp = memcmp_const_time(state->new_owf_password.hash, + zero.hash, sizeof(zero.hash)); if (cmp != 0) { status = netlogon_creds_des_decrypt(&state->tmp_creds, &state->new_owf_password); @@ -3237,8 +3237,8 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } } - cmp = memcmp(state->old_owf_password.hash, - zero.hash, sizeof(zero.hash)); + cmp = memcmp_const_time(state->old_owf_password.hash, + zero.hash, sizeof(zero.hash)); if (cmp != 0) { status = netlogon_creds_des_decrypt(&state->tmp_creds, &state->old_owf_password); diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c index 846e0c07cd5..d71bdb3b1a4 100644 --- a/libcli/auth/ntlm_check.c +++ b/libcli/auth/ntlm_check.c @@ -71,7 +71,7 @@ static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx, DEBUGADD(100,("Value from encryption was |\n")); dump_data(100, p24, 24); #endif - ok = (memcmp(p24, nt_response->data, 24) == 0); + ok = (memcmp_const_time(p24, nt_response->data, 24) == 0); if (!ok) { return false; } @@ -157,7 +157,7 @@ static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx, #endif data_blob_clear_free(&client_key_data); - ok = (memcmp(value_from_encryption, ntv2_response->data, 16) == 0); + ok = (memcmp_const_time(value_from_encryption, ntv2_response->data, 16) == 0); if (!ok) { return false; } @@ -271,7 +271,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, } if (client_nt && stored_nt) { - if (memcmp(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) { + if (memcmp_const_time(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: NT password check failed for user %s\n", @@ -289,7 +289,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_FOUND; } - if (memcmp(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) { + if (memcmp_const_time(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: LANMAN password check failed for user %s\n", |