auth: Use constant-time memcmp when comparing sensitive buffers

This helps to avoid timing attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15010

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

4 files changed, 7 insertions, 7 deletions

diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
index 6ebbe8f3179..2fbfb019124 100644
--- a/auth/gensec/schannel.c
+++ b/auth/gensec/schannel.c
@@ -649,7 +649,7 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	ret = memcmp(checksum, sig->data+16, checksum_length);
+	ret = memcmp_const_time(checksum, sig->data+16, checksum_length);
 	if (ret != 0) {
 		dump_data_pw("calc digest:", checksum, checksum_length);
 		dump_data_pw("wire digest:", sig->data+16, checksum_length);
@@ -665,7 +665,7 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state,
 
 	ZERO_ARRAY(checksum);
 
-	ret = memcmp(seq_num, sig->data+8, 8);
+	ret = memcmp_const_time(seq_num, sig->data+8, 8);
 	if (ret != 0) {
 		dump_data_pw("calc seq num:", seq_num, 8);
 		dump_data_pw("wire seq num:", sig->data+8, 8);
diff --git a/auth/ntlmssp/ntlmssp_ndr.c b/auth/ntlmssp/ntlmssp_ndr.c
index c8b16ccd413..6de00427bbd 100644
--- a/auth/ntlmssp/ntlmssp_ndr.c
+++ b/auth/ntlmssp/ntlmssp_ndr.c
@@ -31,7 +31,7 @@ do { \
 	if (!NDR_ERR_CODE_IS_SUCCESS(__ndr_err)) { \
 		return ndr_map_error2ntstatus(__ndr_err); \
 	} \
-	if (memcmp(r->Signature, "NTLMSSP\0", 8)) {\
+	if (memcmp_const_time(r->Signature, "NTLMSSP\0", 8)) { \
 		return NT_STATUS_INVALID_PARAMETER; \
 	} \
 	return NT_STATUS_OK; \
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index e077c2f7379..55688602881 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -1095,8 +1095,8 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 		}
 		gnutls_hmac_deinit(hmac_hnd, mic_buffer);
 
-		cmp = memcmp(request.data + NTLMSSP_MIC_OFFSET,
-			     mic_buffer, NTLMSSP_MIC_SIZE);
+		cmp = memcmp_const_time(request.data + NTLMSSP_MIC_OFFSET,
+					mic_buffer, NTLMSSP_MIC_SIZE);
 		if (cmp != 0) {
 			DEBUG(1,("%s: invalid NTLMSSP_MIC for "
 				 "user=[%s] domain=[%s] workstation=[%s]\n",
diff --git a/auth/ntlmssp/ntlmssp_sign.c b/auth/ntlmssp/ntlmssp_sign.c
index 89f1aa04f7a..b831308aa2c 100644
--- a/auth/ntlmssp/ntlmssp_sign.c
+++ b/auth/ntlmssp/ntlmssp_sign.c
@@ -291,7 +291,7 @@ NTSTATUS ntlmssp_check_packet(struct ntlmssp_state *ntlmssp_state,
 
 	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
 		if (local_sig.length != sig->length ||
-		    memcmp(local_sig.data, sig->data, sig->length) != 0) {
+		    memcmp_const_time(local_sig.data, sig->data, sig->length) != 0) {
 			DEBUG(5, ("BAD SIG NTLM2: wanted signature of\n"));
 			dump_data(5, local_sig.data, local_sig.length);
 
@@ -304,7 +304,7 @@ NTSTATUS ntlmssp_check_packet(struct ntlmssp_state *ntlmssp_state,
 		}
 	} else {
 		if (local_sig.length != sig->length ||
-		    memcmp(local_sig.data + 8, sig->data + 8, sig->length - 8) != 0) {
+		    memcmp_const_time(local_sig.data + 8, sig->data + 8, sig->length - 8) != 0) {
 			DEBUG(5, ("BAD SIG NTLM1: wanted signature of\n"));
 			dump_data(5, local_sig.data, local_sig.length);