Ethereal-dev: [Ethereal-dev] Patch: Handing of auth padding with encrypted DCE/RPC

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: dheitmueller <dheitmueller@xxxxxxxxxxx>
Date: Fri, 14 Feb 2003 22:57:45 -0500 (EST)
Hello,

Attached is a patch that moves the handling of the auth padding until after the decryption has occurred.  This is done because the auth padding is actually INSIDE the encrypted payload when NTLMSSP is used.  It is also necessary that the auth padding be decrypted as part of the payload, or else decryption will fail for all subsequent packets.

I also removed a piece of code which changes the auth padding length to "auth_pad_len % 4".  This is because the auth padding is being represented as zero length in these conditions, which it isn't clear to me in which case this would be right.  If anyone has a trace that contradicts this, or is now broken as a result of this change, PLEASE send it to me and I will straighten it out.

Thanks,

Devin Heitmueller
Senior Software Engineer
Netilla Networks Inc

Attachment: auth_padding_fix.gz
Description: application/gzip