libcli:smb2: Use constant time memcmp() to verify the signature

Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
author: Andreas Schneider <asn@samba.org> 2016-04-01 10:15:39 +0200
committer: Andreas Schneider <asn@cryptomilk.org> 2016-04-19 09:37:14 +0200
commit: 5035f1afa9b9f34e68b6743f3f4a66b9377dedab (patch)
tree: 6703996c18f88f221655c74236600c39098c3005 /libcli
parent: ba6e39076bdc5222f77c4d7615e44db0aac14e91 (diff)
download: samba-5035f1afa9b9f34e68b6743f3f4a66b9377dedab.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index b72355429ef..90d80cc9ba0 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -167,7 +167,7 @@ NTSTATUS smb2_signing_check_pdu(DATA_BLOB signing_key,
 		memcpy(res, digest, 16);
 	}
 
-	if (memcmp(res, sig, 16) != 0) {
+	if (memcmp_const_time(res, sig, 16) != 0) {
 		DEBUG(0,("Bad SMB2 signature for message\n"));
 		dump_data(0, sig, 16);
 		dump_data(0, res, 16);
author	Andreas Schneider <asn@samba.org>	2016-04-01 10:15:39 +0200
committer	Andreas Schneider <asn@cryptomilk.org>	2016-04-19 09:37:14 +0200
commit	5035f1afa9b9f34e68b6743f3f4a66b9377dedab (patch)
tree	6703996c18f88f221655c74236600c39098c3005 /libcli
parent	ba6e39076bdc5222f77c4d7615e44db0aac14e91 (diff)
download	samba-5035f1afa9b9f34e68b6743f3f4a66b9377dedab.tar.gz