ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET;
}
}
+
+/* Does this blob looks like it could be NTLMSSP? */
+bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob)
+{
+ if (blob->length > 8 && memcmp("NTLMSSP\0", blob->data, 8) == 0) {
+ return true;
+ } else {
+ return false;
+ }
+}
const DATA_BLOB *in,
DATA_BLOB *out);
NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state);
+
+bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob);
* identical regardless. In particular, both rely only on the
* status code (not the contents of the packet) and do not
* wrap the result */
- if (sconn->use_gensec_hook || (blob1.length > 7 && strncmp((char *)(blob1.data), "NTLMSSP", 7) == 0)) {
+ if (sconn->use_gensec_hook || ntlmssp_blob_matches_magic(&blob1)) {
DATA_BLOB chal;
if (!vuser->auth_ntlmssp_state) {
* status code (not the contents of the packet) and do not
* wrap the result */
if (session->sconn->use_gensec_hook
- || (in_security_buffer.length > 7 && strncmp((char *)(in_security_buffer.data), "NTLMSSP", 7) == 0)) {
+ || ntlmssp_blob_matches_magic(&in_security_buffer)) {
return smbd_smb2_raw_ntlmssp_auth(session,
smb2req,
in_security_mode,
static NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security,
const DATA_BLOB *first_packet)
{
- if (first_packet->length > 8 && memcmp("NTLMSSP\0", first_packet->data, 8) == 0) {
+ if (ntlmssp_blob_matches_magic(first_packet)) {
return NT_STATUS_OK;
} else {
return NT_STATUS_INVALID_PARAMETER;