1 Index: lib/crypto/dk/dk_decrypt.c
2 ===================================================================
3 --- lib/crypto/dk/dk_decrypt.c (Revision 22448)
4 +++ lib/crypto/dk/dk_decrypt.c (Arbeitskopie)
18 if (memcmp(cksum, input->data+enclen, hmacsize) != 0) {
21 ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
26 /* because this encoding isn't self-describing wrt length, the
29 memcpy(output->data, d2.data+blocksize, output->length);
31 + if (bad != 0 && output->length > 16) {
34 + * This is a HACK to allow Wireshark to decrypt DCERPC
35 + * payload when header signing is used.
37 + * We know the checksum was wrong, this happens
38 + * when DCERPC uses header signing and we check for
39 + * a valid gss_cfx_wrap_token header which is 16 byte long
40 + * and starts with 0x05 0x04 and sits at the end of the
43 + unsigned char *hdr = output->data + (output->length - 16);
44 + if (hdr[0] == 0x05 && hdr[1] == 0x04) {
50 + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
55 memcpy(ivec->data, cn, blocksize);