Tree - rpms/samba - CentOS Git server

rpms / samba

Blame SOURCES/0136-libcli-smb-Use-gnutls_aead_cipher_encryptv2-for-AES-.patch

Blob History Raw

		b6b438	`From d841537e0e835cda608d3f2b654d10d36d539bc5 Mon Sep 17 00:00:00 2001`
		b6b438	`From: Andreas Schneider <asn@samba.org>`
		b6b438	`Date: Fri, 23 Aug 2019 08:54:54 +0200`
		b6b438	`Subject: [PATCH 136/187] libcli:smb: Use gnutls_aead_cipher_encryptv2() for`
		b6b438	`AES GCM or CCM`
		b6b438
		b6b438	`This is a new call which has been added with GnuTLS 3.6.10 and will`
		b6b438	`recuduce memory allocations and copying of data.`
		b6b438
		b6b438	`Signed-off-by: Andreas Schneider <asn@samba.org>`
		b6b438	`Reviewed-by: Simo Sorce <idra@samba.org>`
		b6b438	`(cherry picked from commit 70fdd4821aa811f90944bee17cc85e3ae9302279)`
		b6b438	`---`
		b6b438	`libcli/smb/smb2_signing.c \| 32 ++++++++++++++++++++++++++++++--`
		b6b438	`1 file changed, 30 insertions(+), 2 deletions(-)`
		b6b438
		b6b438	`diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c`
		b6b438	`index c39f8e4780a..ac0f6f4d29f 100644`
		b6b438	`--- a/libcli/smb/smb2_signing.c`
		b6b438	`+++ b/libcli/smb/smb2_signing.c`
		b6b438	`@@ -392,12 +392,11 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,`
		b6b438	`int count)`
		b6b438	`{`
		b6b438	`uint8_t *tf;`
		b6b438	`- int i;`
		b6b438	`size_t a_total;`
		b6b438	`ssize_t m_total;`
		b6b438	`uint32_t iv_size = 0;`
		b6b438	`uint32_t key_size = 0;`
		b6b438	`- uint32_t tag_size = 0;`
		b6b438	`+ size_t tag_size = 0;`
		b6b438	`uint8_t _key[16] = {0};`
		b6b438	`gnutls_cipher_algorithm_t algo = 0;`
		b6b438	`gnutls_datum_t key;`
		b6b438	`@@ -479,12 +478,40 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,`
		b6b438	`0,`
		b6b438	`16 - iv_size);`
		b6b438
		b6b438	`+#ifdef HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2`
		b6b438	`+ {`
		b6b438	`+ uint8_t tag[tag_size];`
		b6b438	`+ giovec_t auth_iov[1];`
		b6b438	`+`
		b6b438	`+ auth_iov[0] = (giovec_t) {`
		b6b438	`+ .iov_base = tf + SMB2_TF_NONCE,`
		b6b438	`+ .iov_len = a_total,`
		b6b438	`+ };`
		b6b438	`+`
		b6b438	`+ rc = gnutls_aead_cipher_encryptv2(encryption_key->cipher_hnd,`
		b6b438	`+ iv.data,`
		b6b438	`+ iv.size,`
		b6b438	`+ auth_iov,`
		b6b438	`+ 1,`
		b6b438	`+ &vector[1],`
		b6b438	`+ count - 1,`
		b6b438	`+ tag,`
		b6b438	`+ &tag_size);`
		b6b438	`+ if (rc < 0) {`
		b6b438	`+ status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);`
		b6b438	`+ goto out;`
		b6b438	`+ }`
		b6b438	`+`
		b6b438	`+ memcpy(tf + SMB2_TF_SIGNATURE, tag, tag_size);`
		b6b438	`+ }`
		b6b438	`+#else /* HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2 */`
		b6b438	`{`
		b6b438	`size_t ptext_size = m_total;`
		b6b438	`uint8_t *ptext = NULL;`
		b6b438	`size_t ctext_size = m_total + tag_size;`
		b6b438	`uint8_t *ctext = NULL;`
		b6b438	`size_t len = 0;`
		b6b438	`+ int i;`
		b6b438
		b6b438	`ptext = talloc_size(talloc_tos(), ptext_size);`
		b6b438	`if (ptext == NULL) {`
		b6b438	`@@ -543,6 +570,7 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,`
		b6b438	`TALLOC_FREE(ptext);`
		b6b438	`TALLOC_FREE(ctext);`
		b6b438	`}`
		b6b438	`+#endif /* HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2 */`
		b6b438
		b6b438	`DBG_INFO("Enencrypted SMB2 message\n");`
		b6b438
		b6b438	`--`
		b6b438	`2.23.0`
		b6b438

rpms / samba

Source Code

Blame SOURCES/0136-libcli-smb-Use-gnutls_aead_cipher_encryptv2-for-AES-.patch