diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-05-11 12:07:43 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2022-06-09 22:49:29 +0000 |
commit | feb36dbebf1f0f48f4d9f2549471d355b4ead788 (patch) | |
tree | b54ff5df21115ce11b642174a098345545d1fff8 | |
parent | a554e2ce53cbee584bf3c0944d466cbdf73dd3b2 (diff) | |
download | samba-feb36dbebf1f0f48f4d9f2549471d355b4ead788.tar.gz |
lib/util: Change function to mem_equal_const_time()
Since memcmp_const_time() doesn't act as an exact replacement for
memcmp(), and its return value is only ever compared with zero, simplify
it and emphasize the intention of checking equality by returning a bool
instead.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
25 files changed, 94 insertions, 94 deletions
diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 2fbfb019124..9860559668f 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -592,7 +592,7 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state, uint8_t *confounder = NULL; uint32_t confounder_ofs = 0; uint8_t seq_num[8]; - int ret; + bool ret; const uint8_t *sign_data = NULL; size_t sign_length = 0; NTSTATUS status; @@ -649,8 +649,8 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state, return NT_STATUS_ACCESS_DENIED; } - ret = memcmp_const_time(checksum, sig->data+16, checksum_length); - if (ret != 0) { + ret = mem_equal_const_time(checksum, sig->data+16, checksum_length); + if (!ret) { dump_data_pw("calc digest:", checksum, checksum_length); dump_data_pw("wire digest:", sig->data+16, checksum_length); return NT_STATUS_ACCESS_DENIED; @@ -665,8 +665,8 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state, ZERO_ARRAY(checksum); - ret = memcmp_const_time(seq_num, sig->data+8, 8); - if (ret != 0) { + ret = mem_equal_const_time(seq_num, sig->data+8, 8); + if (!ret) { dump_data_pw("calc seq num:", seq_num, 8); dump_data_pw("wire seq num:", sig->data+8, 8); return NT_STATUS_ACCESS_DENIED; diff --git a/auth/ntlmssp/ntlmssp_ndr.c b/auth/ntlmssp/ntlmssp_ndr.c index 6de00427bbd..ea5d6f0f5a0 100644 --- a/auth/ntlmssp/ntlmssp_ndr.c +++ b/auth/ntlmssp/ntlmssp_ndr.c @@ -31,7 +31,7 @@ do { \ if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \ return ndr_map_error2ntstatus(__ndr_err); \ } \ - if (memcmp_const_time(r->Signature, "NTLMSSP\0", 8)) { \ + if (!mem_equal_const_time(r->Signature, "NTLMSSP\0", 8)) { \ return NT_STATUS_INVALID_PARAMETER; \ } \ return NT_STATUS_OK; \ diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index 55688602881..6a27db1b7d4 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -1047,7 +1047,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, if (ntlmssp_state->new_spnego) { gnutls_hmac_hd_t hmac_hnd = NULL; uint8_t mic_buffer[NTLMSSP_MIC_SIZE] = { 0, }; - int cmp; + bool cmp; int rc; rc = gnutls_hmac_init(&hmac_hnd, @@ -1095,9 +1095,9 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, } gnutls_hmac_deinit(hmac_hnd, mic_buffer); - cmp = memcmp_const_time(request.data + NTLMSSP_MIC_OFFSET, - mic_buffer, NTLMSSP_MIC_SIZE); - if (cmp != 0) { + cmp = mem_equal_const_time(request.data + NTLMSSP_MIC_OFFSET, + mic_buffer, NTLMSSP_MIC_SIZE); + if (!cmp) { DEBUG(1,("%s: invalid NTLMSSP_MIC for " "user=[%s] domain=[%s] workstation=[%s]\n", __func__, @@ -1112,7 +1112,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, ZERO_ARRAY(mic_buffer); - if (cmp != 0) { + if (!cmp) { return NT_STATUS_INVALID_PARAMETER; } } diff --git a/auth/ntlmssp/ntlmssp_sign.c b/auth/ntlmssp/ntlmssp_sign.c index b831308aa2c..11e5930a8de 100644 --- a/auth/ntlmssp/ntlmssp_sign.c +++ b/auth/ntlmssp/ntlmssp_sign.c @@ -291,7 +291,7 @@ NTSTATUS ntlmssp_check_packet(struct ntlmssp_state *ntlmssp_state, if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { if (local_sig.length != sig->length || - memcmp_const_time(local_sig.data, sig->data, sig->length) != 0) { + !mem_equal_const_time(local_sig.data, sig->data, sig->length)) { DEBUG(5, ("BAD SIG NTLM2: wanted signature of\n")); dump_data(5, local_sig.data, local_sig.length); @@ -304,7 +304,7 @@ NTSTATUS ntlmssp_check_packet(struct ntlmssp_state *ntlmssp_state, } } else { if (local_sig.length != sig->length || - memcmp_const_time(local_sig.data + 8, sig->data + 8, sig->length - 8) != 0) { + !mem_equal_const_time(local_sig.data + 8, sig->data + 8, sig->length - 8)) { DEBUG(5, ("BAD SIG NTLM1: wanted signature of\n")); dump_data(5, local_sig.data, local_sig.length); diff --git a/lib/util/data_blob.c b/lib/util/data_blob.c index 3dccdc1c58a..677f7c19211 100644 --- a/lib/util/data_blob.c +++ b/lib/util/data_blob.c @@ -136,7 +136,7 @@ contents of either blob. **/ _PUBLIC_ bool data_blob_equal_const_time(const DATA_BLOB *d1, const DATA_BLOB *d2) { - int ret; + bool ret; if (d1->data == NULL && d2->data != NULL) { return false; } @@ -149,8 +149,8 @@ _PUBLIC_ bool data_blob_equal_const_time(const DATA_BLOB *d1, const DATA_BLOB *d if (d1->data == d2->data) { return true; } - ret = memcmp_const_time(d1->data, d2->data, d1->length); - return ret == 0; + ret = mem_equal_const_time(d1->data, d2->data, d1->length); + return ret; } /** diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h index ca185909997..ac185cc06c5 100644 --- a/lib/util/samba_util.h +++ b/lib/util/samba_util.h @@ -321,9 +321,9 @@ _PUBLIC_ bool conv_str_u64(const char * str, uint64_t * val); * * @param[in] n The length of the memory to comapre. * - * @return 0 when the memory regions are equal, 0 if not. + * @return true when the memory regions are equal, false if not. */ -_PUBLIC_ int memcmp_const_time(const void *s1, const void *s2, size_t n); +_PUBLIC_ bool mem_equal_const_time(const void *s1, const void *s2, size_t n); /** * @brief Build up a string buffer, handle allocation failure diff --git a/lib/util/util.c b/lib/util/util.c index 1cf3ff4e525..f039452976f 100644 --- a/lib/util/util.c +++ b/lib/util/util.c @@ -1097,7 +1097,7 @@ _PUBLIC_ size_t ascii_len_n(const char *src, size_t n) return len; } -_PUBLIC_ int memcmp_const_time(const void *s1, const void *s2, size_t n) +_PUBLIC_ bool mem_equal_const_time(const void *s1, const void *s2, size_t n) { const uint8_t *p1 = s1, *p2 = s2; size_t i, sum = 0; @@ -1106,7 +1106,7 @@ _PUBLIC_ int memcmp_const_time(const void *s1, const void *s2, size_t n) sum |= (p1[i] ^ p2[i]); } - return sum != 0; + return sum == 0; } struct anonymous_shared_header { diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index bd257410c5c..a7f56e75e9e 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -659,7 +659,7 @@ bool netlogon_creds_client_check(struct netlogon_creds_CredentialState *creds, const struct netr_Credential *received_credentials) { if (!received_credentials || - memcmp_const_time(received_credentials->data, creds->server.data, 8) != 0) { + !mem_equal_const_time(received_credentials->data, creds->server.data, 8)) { DEBUG(2,("credentials check failed\n")); return false; } @@ -678,7 +678,7 @@ next comes the server specific functions static bool netlogon_creds_server_check_internal(const struct netlogon_creds_CredentialState *creds, const struct netr_Credential *received_credentials) { - if (memcmp_const_time(received_credentials->data, creds->client.data, 8) != 0) { + if (!mem_equal_const_time(received_credentials->data, creds->client.data, 8)) { DEBUG(2,("credentials check failed\n")); dump_data_pw("client creds", creds->client.data, 8); dump_data_pw("calc creds", received_credentials->data, 8); diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index 889e1e8acf0..716a565128d 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -3201,7 +3201,7 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq NTSTATUS status; NTSTATUS result; const struct samr_Password zero = {}; - int cmp; + bool cmp; bool ok; /* @@ -3227,9 +3227,9 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } - cmp = memcmp_const_time(state->new_owf_password.hash, - zero.hash, sizeof(zero.hash)); - if (cmp != 0) { + cmp = mem_equal_const_time(state->new_owf_password.hash, + zero.hash, sizeof(zero.hash)); + if (!cmp) { status = netlogon_creds_des_decrypt(&state->tmp_creds, &state->new_owf_password); if (tevent_req_nterror(req, status)) { @@ -3237,9 +3237,9 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } } - cmp = memcmp_const_time(state->old_owf_password.hash, - zero.hash, sizeof(zero.hash)); - if (cmp != 0) { + cmp = mem_equal_const_time(state->old_owf_password.hash, + zero.hash, sizeof(zero.hash)); + if (!cmp) { status = netlogon_creds_des_decrypt(&state->tmp_creds, &state->old_owf_password); if (tevent_req_nterror(req, status)) { diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c index d71bdb3b1a4..cb4be7f6507 100644 --- a/libcli/auth/ntlm_check.c +++ b/libcli/auth/ntlm_check.c @@ -71,7 +71,7 @@ static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx, DEBUGADD(100,("Value from encryption was |\n")); dump_data(100, p24, 24); #endif - ok = (memcmp_const_time(p24, nt_response->data, 24) == 0); + ok = mem_equal_const_time(p24, nt_response->data, 24); if (!ok) { return false; } @@ -157,7 +157,7 @@ static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx, #endif data_blob_clear_free(&client_key_data); - ok = (memcmp_const_time(value_from_encryption, ntv2_response->data, 16) == 0); + ok = mem_equal_const_time(value_from_encryption, ntv2_response->data, 16); if (!ok) { return false; } @@ -271,7 +271,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, } if (client_nt && stored_nt) { - if (memcmp_const_time(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) { + if (mem_equal_const_time(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash))) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: NT password check failed for user %s\n", @@ -289,7 +289,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_FOUND; } - if (memcmp_const_time(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) { + if (mem_equal_const_time(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash))) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: LANMAN password check failed for user %s\n", diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 6efb87801cb..d95274c1692 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -718,7 +718,7 @@ NTSTATUS smb2_signing_check_pdu(struct smb2_signing_key *signing_key, return status; } - if (memcmp_const_time(res, sig, 16) != 0) { + if (!mem_equal_const_time(res, sig, 16)) { DEBUG(0,("Bad SMB2 (sign_algo_id=%u) signature for message\n", (unsigned)sign_algo_id)); dump_data(0, sig, 16); diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 60c3da5b691..a8e5aa4fdaa 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -3996,12 +3996,12 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn, * to the caller. */ if (signing_key) { - int cmp; + bool cmp; - cmp = memcmp_const_time(inhdr+SMB2_HDR_SIGNATURE, - state->smb2.hdr+SMB2_HDR_SIGNATURE, - 16); - if (cmp == 0) { + cmp = mem_equal_const_time(inhdr+SMB2_HDR_SIGNATURE, + state->smb2.hdr+SMB2_HDR_SIGNATURE, + 16); + if (cmp) { state->smb2.signing_skipped = true; signing_key = NULL; } diff --git a/libcli/smb/smb_signing.c b/libcli/smb/smb_signing.c index ee9b854275a..1d768ef39d0 100644 --- a/libcli/smb/smb_signing.c +++ b/libcli/smb/smb_signing.c @@ -339,7 +339,7 @@ bool smb1_signing_check_pdu(struct smb1_signing_state *si, } reply_sent_mac = &inhdr[HDR_SS_FIELD]; - good = (memcmp_const_time(reply_sent_mac, calc_md5_mac, 8) == 0); + good = mem_equal_const_time(reply_sent_mac, calc_md5_mac, 8); if (!good) { int i; @@ -354,7 +354,7 @@ bool smb1_signing_check_pdu(struct smb1_signing_state *si, for (i = -sign_range; i < sign_range; i++) { smb1_signing_md5(&si->mac_key, inhdr, len, seqnum+i, calc_md5_mac); - if (memcmp_const_time(reply_sent_mac, calc_md5_mac, 8) == 0) { + if (mem_equal_const_time(reply_sent_mac, calc_md5_mac, 8)) { DBG_ERR("out of seq. seq num %u matches. " "We were expecting seq %u\n", (unsigned int)seqnum+i, diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c index 13547047165..b4cec1e4cf0 100644 --- a/source3/librpc/crypto/gse_krb5.c +++ b/source3/librpc/crypto/gse_krb5.c @@ -240,8 +240,8 @@ static krb5_error_code fill_mem_keytab_from_secrets(krb5_context krbctx, * check if keytab is up to date */ if ((ct->length == KRB5_KEY_LENGTH(KRB5_KT_KEY(&kt_entry))) && - (memcmp_const_time(KRB5_KEY_DATA(KRB5_KT_KEY(&kt_entry)), - ct->data, ct->length) == 0)) { + (mem_equal_const_time(KRB5_KEY_DATA(KRB5_KT_KEY(&kt_entry)), + ct->data, ct->length))) { /* keytab is already up to date, return */ smb_krb5_kt_free_entry(krbctx, &kt_entry); goto out; diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 203b5ee0eb5..c10fda7f0c0 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -1778,7 +1778,7 @@ static NTSTATUS secrets_check_password_change(const struct secrets_domain_info1 struct secrets_domain_info1_change *sn = NULL; struct secrets_domain_info1_change *cn = NULL; NTSTATUS status; - int cmp; + bool cmp; if (cookie->next_change == NULL) { DBG_ERR("cookie->next_change == NULL for %s.\n", domain); @@ -1873,20 +1873,20 @@ static NTSTATUS secrets_check_password_change(const struct secrets_domain_info1 return NT_STATUS_NETWORK_CREDENTIAL_CONFLICT; } - cmp = memcmp_const_time(sn->password->nt_hash.hash, - cn->password->nt_hash.hash, - 16); - if (cmp != 0) { + cmp = mem_equal_const_time(sn->password->nt_hash.hash, + cn->password->nt_hash.hash, + 16); + if (!cmp) { DBG_ERR("next password.nt_hash differs for %s.\n", domain); TALLOC_FREE(stored); return NT_STATUS_NETWORK_CREDENTIAL_CONFLICT; } - cmp = memcmp_const_time(stored->password->nt_hash.hash, - cookie->password->nt_hash.hash, - 16); - if (cmp != 0) { + cmp = mem_equal_const_time(stored->password->nt_hash.hash, + cookie->password->nt_hash.hash, + 16); + if (!cmp) { DBG_ERR("password.nt_hash differs for %s.\n", domain); TALLOC_FREE(stored); diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index e76d5b8bdc5..da445122dbd 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -325,10 +325,10 @@ again: status = netlogon_creds_cli_get(creds_ctx, frame, &creds); if (NT_STATUS_IS_OK(status)) { - int cmp = memcmp_const_time(found_session_key, - creds->session_key, - sizeof(found_session_key)); - found_existing_creds = (cmp != 0); + bool cmp = mem_equal_const_time(found_session_key, + creds->session_key, + sizeof(found_session_key)); + found_existing_creds = !cmp; memcpy(found_session_key, creds->session_key, @@ -356,10 +356,10 @@ again: status = netlogon_creds_cli_get(creds_ctx, frame, &creds); if (NT_STATUS_IS_OK(status)) { - int cmp = memcmp_const_time(found_session_key, - creds->session_key, - sizeof(found_session_key)); - found_existing_creds = (cmp != 0); + bool cmp = mem_equal_const_time(found_session_key, + creds->session_key, + sizeof(found_session_key)); + found_existing_creds = !cmp; memcpy(found_session_key, creds->session_key, sizeof(found_session_key)); diff --git a/source3/rpc_server/samr/srv_samr_chgpasswd.c b/source3/rpc_server/samr/srv_samr_chgpasswd.c index 5ff3edb5eb7..b5cd308a119 100644 --- a/source3/rpc_server/samr/srv_samr_chgpasswd.c +++ b/source3/rpc_server/samr/srv_samr_chgpasswd.c @@ -817,7 +817,7 @@ static NTSTATUS check_oem_password(const char *user, NTSTATUS status = NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER; return gnutls_error_to_ntstatus(rc, status); } - if (memcmp_const_time(verifier, old_nt_hash_encrypted, 16)) { + if (!mem_equal_const_time(verifier, old_nt_hash_encrypted, 16)) { DEBUG(0, ("check_oem_password: old nt " "password doesn't match.\n")); return NT_STATUS_WRONG_PASSWORD; @@ -848,7 +848,7 @@ static NTSTATUS check_oem_password(const char *user, NTSTATUS status = NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER; return gnutls_error_to_ntstatus(rc, status); } - if (memcmp_const_time(verifier, old_lm_hash_encrypted, 16)) { + if (!mem_equal_const_time(verifier, old_lm_hash_encrypted, 16)) { DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); return NT_STATUS_WRONG_PASSWORD; } @@ -872,7 +872,7 @@ static NTSTATUS check_oem_password(const char *user, NTSTATUS status = NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER; return gnutls_error_to_ntstatus(rc, status); } - if (memcmp_const_time(verifier, old_lm_hash_encrypted, 16)) { + if (!mem_equal_const_time(verifier, old_lm_hash_encrypted, 16)) { DEBUG(0,("check_oem_password: old lm password doesn't match.\n")); return NT_STATUS_WRONG_PASSWORD; } @@ -915,8 +915,8 @@ static bool password_in_history(uint8_t nt_pw[NT_HASH_LEN], * New format: zero salt and then plain nt hash. * Directly compare the hashes. */ - if (memcmp_const_time(nt_pw, old_nt_pw_salted_md5_hash, - SALTED_MD5_HASH_LEN) == 0) + if (mem_equal_const_time(nt_pw, old_nt_pw_salted_md5_hash, + SALTED_MD5_HASH_LEN)) { return true; } @@ -945,9 +945,9 @@ static bool password_in_history(uint8_t nt_pw[NT_HASH_LEN], } gnutls_hash_deinit(hash_hnd, new_nt_pw_salted_md5_hash); - if (memcmp_const_time(new_nt_pw_salted_md5_hash, - old_nt_pw_salted_md5_hash, - SALTED_MD5_HASH_LEN) == 0) { + if (mem_equal_const_time(new_nt_pw_salted_md5_hash, + old_nt_pw_salted_md5_hash, + SALTED_MD5_HASH_LEN)) { return true; } } @@ -986,7 +986,7 @@ static bool check_passwd_history(struct samu *sampass, const char *plaintext) E_md4hash(plaintext, new_nt_p16); - if (!memcmp_const_time(nt_pw, new_nt_p16, NT_HASH_LEN)) { + if (mem_equal_const_time(nt_pw, new_nt_p16, NT_HASH_LEN)) { DEBUG(10,("check_passwd_history: proposed new password for user %s is the same as the current password !\n", pdb_get_username(sampass) )); return True; diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 59564798ded..ffa4ad95b29 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -1295,9 +1295,9 @@ static WERROR _winbind_LogonControl_TC_VERIFY(struct pipes_struct *p, struct samr_Password *cur_nt_hash = NULL; uint32_t trust_attributes = 0; struct samr_Password new_owf_password = {}; - int cmp_new = -1; + bool cmp_new = false; struct samr_Password old_owf_password = {}; - int cmp_old = -1; + bool cmp_old = false; const struct lsa_TrustDomainInfoInfoEx *local_tdo = NULL; bool fetch_fti = false; struct lsa_ForestTrustInformation *new_fti = NULL; @@ -1536,13 +1536,13 @@ reconnect: } } - cmp_new = memcmp_const_time(new_owf_password.hash, - cur_nt_hash->hash, - sizeof(cur_nt_hash->hash)); - cmp_old = memcmp_const_time(old_owf_password.hash, - cur_nt_hash->hash, - sizeof(cur_nt_hash->hash)); - if (cmp_new != 0 && cmp_old != 0) { + cmp_new = mem_equal_const_time(new_owf_password.hash, + cur_nt_hash->hash, + sizeof(cur_nt_hash->hash)); + cmp_old = mem_equal_const_time(old_owf_password.hash, + cur_nt_hash->hash, + sizeof(cur_nt_hash->hash)); + if (!cmp_new && !cmp_old) { DEBUG(1,("%s:Error: credentials for domain[%s/%s] doesn't match " "any password known to dcname[%s]\n", __func__, domain->name, domain->alt_name, @@ -1551,7 +1551,7 @@ reconnect: goto verify_return; } - if (cmp_new != 0) { + if (!cmp_new) { DEBUG(2,("%s:Warning: credentials for domain[%s/%s] only match " "against the old password known to dcname[%s]\n", __func__, domain->name, domain->alt_name, diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index b8c9fb67a65..07835e9a263 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1215,12 +1215,12 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain, } gnutls_hash_deinit(hash_hnd, salted_hash); - password_good = (memcmp_const_time(cached_nt_pass, salted_hash, - NT_HASH_LEN) == 0); + password_good = mem_equal_const_time(cached_nt_pass, salted_hash, + NT_HASH_LEN); } else { /* Old cached cred - direct store of nt_hash (bad bad bad !). */ - password_good = (memcmp_const_time(cached_nt_pass, new_nt_pass, - NT_HASH_LEN) == 0); + password_good = mem_equal_const_time(cached_nt_pass, new_nt_pass, + NT_HASH_LEN); } if (password_good) { diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c index 1bbf6c3fd16..2900a4e374d 100644 --- a/source4/auth/ntlm/auth_sam.c +++ b/source4/auth/ntlm/auth_sam.c @@ -364,7 +364,7 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con */ E_md4hash("", zero_string_hash.hash); - if (memcmp_const_time(nt_history_pwd->hash, zero_string_hash.hash, 16) == 0) { + if (mem_equal_const_time(nt_history_pwd->hash, zero_string_hash.hash, 16)) { continue; } diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 1b194799b9f..0ba0d9a884c 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -601,7 +601,7 @@ static int password_hash_bypass(struct ldb_module *module, struct ldb_request *r "supplementalCredentialsBlob length differ"); } - if (memcmp_const_time(sce->values[0].data, blob.data, blob.length) != 0) { + if (!mem_equal_const_time(sce->values[0].data, blob.data, blob.length)) { return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, "supplementalCredentialsBlob memcmp differ"); } @@ -2754,7 +2754,7 @@ static int check_password_restrictions(struct setup_password_fields_io *io, WERR /* The password modify through the NT hash is encouraged and has no problems at all */ - if (!io->o.nt_hash || memcmp_const_time(io->og.nt_hash->hash, io->o.nt_hash->hash, 16) != 0) { + if (!io->o.nt_hash || !mem_equal_const_time(io->og.nt_hash->hash, io->o.nt_hash->hash, 16)) { return make_error_and_update_badPwdCount(io, werror); } } @@ -2842,8 +2842,8 @@ static int check_password_restrictions(struct setup_password_fields_io *io, WERR /* checks the NT hash password history */ for (i = 0; i < io->o.nt_history_len; i++) { - int pw_cmp = memcmp_const_time(io->n.nt_hash, io->o.nt_history[i].hash, 16); - if (pw_cmp == 0) { + bool pw_cmp = mem_equal_const_time(io->n.nt_hash, io->o.nt_history[i].hash, 16); + if (pw_cmp) { ret = LDB_ERR_CONSTRAINT_VIOLATION; *werror = WERR_PASSWORD_RESTRICTION; ldb_asprintf_errstring(ldb, diff --git a/source4/libcli/raw/smb_signing.c b/source4/libcli/raw/smb_signing.c index cd781506897..6747fc3f149 100644 --- a/source4/libcli/raw/smb_signing.c +++ b/source4/libcli/raw/smb_signing.c @@ -198,7 +198,7 @@ bool check_signed_incoming_message(struct smb_request_buffer *in, DATA_BLOB *mac gnutls_hash_deinit(hash_hnd, calc_md5_mac); - ok = (memcmp_const_time(server_sent_mac, calc_md5_mac, 8) == 0); + ok = mem_equal_const_time(server_sent_mac, calc_md5_mac, 8); if (i == 0) { if (!ok) { diff --git a/source4/libcli/smb2/signing.c b/source4/libcli/smb2/signing.c index cf488b82d77..c423b7ceb08 100644 --- a/source4/libcli/smb2/signing.c +++ b/source4/libcli/smb2/signing.c @@ -125,7 +125,7 @@ NTSTATUS smb2_check_signature(struct smb2_request_buffer *buf, DATA_BLOB session memcpy(buf->hdr + SMB2_HDR_SIGNATURE, digest, 16); - if (memcmp_const_time(digest, sig, 16) != 0) { + if (!mem_equal_const_time(digest, sig, 16)) { DEBUG(0,("Bad SMB2 signature for message of size %u\n", (unsigned)buf->size-NBT_HDR_SIZE)); dump_data(0, sig, 16); diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index 5fbd36323e4..b5df40d1e1f 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -451,7 +451,7 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, * point to the same area */ - if (memcmp_const_time(hash, uncrypted_accesscheckv2.hash, hash_size) != 0) { + if (!mem_equal_const_time(hash, uncrypted_accesscheckv2.hash, hash_size)) { DEBUG(2, ("Wrong hash value in the access check in backup key remote protocol\n")); return WERR_INVALID_DATA; } @@ -486,7 +486,7 @@ static WERROR get_and_verify_access_check(TALLOC_CTX *sub_ctx, * point to the same area */ - if (memcmp_const_time(hash, uncrypted_accesscheckv3.hash, hash_size) != 0) { + if (!mem_equal_const_time(hash, uncrypted_accesscheckv3.hash, hash_size)) { DEBUG(2, ("Wrong hash value in the access check in backup key remote protocol\n")); return WERR_INVALID_DATA; } @@ -1547,7 +1547,7 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call, dump_data_pw("mac: \n", mac, sizeof(mac)); dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac)); - if (memcmp_const_time(mac, rc4payload.mac, sizeof(mac)) != 0) { + if (!mem_equal_const_time(mac, rc4payload.mac, sizeof(mac))) { return WERR_INVALID_ACCESS; } diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 7dfde68b0d7..0ac5a5a17e1 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -240,7 +240,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, status = gnutls_error_to_ntstatus(rc, NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER); goto failed; } - if (memcmp_const_time(nt_verifier.hash, r->in.nt_verifier->hash, 16) != 0) { + if (!mem_equal_const_time(nt_verifier.hash, r->in.nt_verifier->hash, 16)) { status = NT_STATUS_WRONG_PASSWORD; goto failed; } |