diff options
Diffstat (limited to 'libcli/auth/ntlm_check.c')
-rw-r--r-- | libcli/auth/ntlm_check.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c index 846e0c07cd5..d71bdb3b1a4 100644 --- a/libcli/auth/ntlm_check.c +++ b/libcli/auth/ntlm_check.c @@ -71,7 +71,7 @@ static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx, DEBUGADD(100,("Value from encryption was |\n")); dump_data(100, p24, 24); #endif - ok = (memcmp(p24, nt_response->data, 24) == 0); + ok = (memcmp_const_time(p24, nt_response->data, 24) == 0); if (!ok) { return false; } @@ -157,7 +157,7 @@ static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx, #endif data_blob_clear_free(&client_key_data); - ok = (memcmp(value_from_encryption, ntv2_response->data, 16) == 0); + ok = (memcmp_const_time(value_from_encryption, ntv2_response->data, 16) == 0); if (!ok) { return false; } @@ -271,7 +271,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, } if (client_nt && stored_nt) { - if (memcmp(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) { + if (memcmp_const_time(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: NT password check failed for user %s\n", @@ -289,7 +289,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_FOUND; } - if (memcmp(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) { + if (memcmp_const_time(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) { return NT_STATUS_OK; } else { DEBUG(3,("hash_password_check: Interactive logon: LANMAN password check failed for user %s\n", |