libsmbfs/smb/signing.c

613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * CDDL HEADER START
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * The contents of this file are subject to the terms of the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Common Development and Distribution License (the "License").
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * You may not use this file except in compliance with the License.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * or http://www.opensolaris.org/os/licensing.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * See the License for the specific language governing permissions
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and limitations under the License.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * When distributing Covered Code, include this CDDL HEADER in each
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * If applicable, add the following below this CDDL HEADER, with the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * fields enclosed by brackets "[]" replaced with your own identifying
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * information: Portions Copyright [yyyy] [name of copyright owner]
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * CDDL HEADER END
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Use is subject to license terms.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Signing support, using libmd
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <errno.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <stdio.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <stdlib.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <unistd.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <strings.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <sys/types.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <sys/md5.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <netsmb/mchain.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <netsmb/smb.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <netsmb/smb_lib.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include "private.h"
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#define SMBSIGOFF   14  /* SMB signature offset */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#define SMBSIGLEN   8   /* SMB signature length */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Set this to a small number to debug sequence numbers
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * that seem to get out of step.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#ifdef DEBUG
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossint nsmb_signing_fudge = 4;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#endif
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Compute MD5 digest of packet data, using the stored MAC key.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * See similar code in the driver:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *  uts/common/fs/smbclnt/netsmb/smb_signing.c
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and on the server side:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *  uts/common/fs/smbsrv/smb_signing.c
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossstatic int
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rosssmb_compute_MAC(struct smb_ctx *ctx, mbuf_t *m,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uint32_t seqno, uchar_t *signature)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    MD5_CTX md5;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uchar_t digest[MD5_DIGEST_LENGTH];
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * This union is a little bit of trickery to:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * (1) get the sequence number int aligned, and
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * (2) reduce the number of digest calls, at the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * cost of a copying 32 bytes instead of 8.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Both sides of this union are 2+32 bytes.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    union {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        struct {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint8_t skip[2]; /* not used - just alignment */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint8_t raw[SMB_HDRLEN];  /* header length (32) */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        } r;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        struct {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint8_t skip[2]; /* not used - just alignment */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint8_t hdr[SMBSIGOFF]; /* sig. offset (14) */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint32_t sig[2]; /* MAC signature, aligned! */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            uint16_t ids[5]; /* pad, Tid, Pid, Uid, Mid */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        } s;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    } smbhdr;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (m->m_len < SMB_HDRLEN)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (EIO);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (ctx->ct_mackey == NULL)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (EINVAL);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Make an aligned copy of the SMB header
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * and fill in the sequence number.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    bcopy(m->m_data, smbhdr.r.raw, SMB_HDRLEN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    smbhdr.s.sig[0] = htolel(seqno);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    smbhdr.s.sig[1] = 0;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Compute the MAC: MD5(concat(Key, message))
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    MD5Init(&md5);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /* Digest the MAC Key */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    MD5Update(&md5, ctx->ct_mackey, ctx->ct_mackeylen);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /* Digest the (copied) SMB header */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    MD5Update(&md5, smbhdr.r.raw, SMB_HDRLEN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /* Digest the rest of the first mbuf */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (m->m_len > SMB_HDRLEN) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        MD5Update(&md5, m->m_data + SMB_HDRLEN,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            m->m_len - SMB_HDRLEN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    m = m->m_next;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /* Digest rest of the SMB message. */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    while (m) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        MD5Update(&md5, m->m_data, m->m_len);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        m = m->m_next;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /* Final */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    MD5Final(digest, &md5);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Finally, store the signature.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * (first 8 bytes of the digest)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (signature)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        bcopy(digest, signature, SMBSIGLEN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross}
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Sign a request with HMAC-MD5.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Rossvoid
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rosssmb_rq_sign(struct smb_rq *rqp)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    struct smb_ctx *ctx = rqp->rq_ctx;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    mbuf_t *m = rqp->rq_rq.mb_top;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uint8_t *sigloc;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    int err;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Our mblk allocation ensures this,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * but just in case...
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (m->m_len < SMB_HDRLEN)
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross        return;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    sigloc = (uchar_t *)m->m_data + SMBSIGOFF;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (ctx->ct_mackey == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         * Signing is required, but we have no key yet
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         * fill in with the magic fake signing value.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         * This happens with SPNEGO, NTLMSSP, ...
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        bcopy("BSRSPLY", sigloc, 8);
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross        return;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * This will compute the MAC and store it
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * directly into the message at sigloc.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    rqp->rq_seqno = ctx->ct_mac_seqno;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    ctx->ct_mac_seqno += 2;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    err = smb_compute_MAC(ctx, m, rqp->rq_seqno, sigloc);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (err) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        DPRINT("compute MAC, err %d", err);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        bzero(sigloc, SMBSIGLEN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross}
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Verify reply signature.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossint
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rosssmb_rq_verify(struct smb_rq *rqp)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    struct smb_ctx *ctx = rqp->rq_ctx;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    mbuf_t *m = rqp->rq_rp.mb_top;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uint8_t sigbuf[SMBSIGLEN];
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uint8_t *sigloc;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    uint32_t rseqno;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    int err, fudge;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Note ct_mackey and ct_mackeylen gets initialized by
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * smb_smb_ssnsetup.  It's normal to have a null MAC key
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * during extended security session setup.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (ctx->ct_mackey == NULL)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Let caller deal with empty reply or short messages by
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * returning zero.  Caller will fail later, in parsing.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (m == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        DPRINT("empty reply");
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (m->m_len < SMB_HDRLEN) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        DPRINT("short reply");
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    sigloc = (uchar_t *)m->m_data + SMBSIGOFF;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    rseqno = rqp->rq_seqno + 1;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    DPRINT("rq_rseqno = 0x%x", rseqno);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    err = smb_compute_MAC(ctx, m, rseqno, sigbuf);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (err) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        DPRINT("compute MAC, err %d", err);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         * If we can't compute a MAC, then there's
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         * no point trying other seqno values.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross         */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (EBADRPC);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * Compare the computed signature with the
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * one found in the message (at sigloc)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (bcmp(sigbuf, sigloc, SMBSIGLEN) == 0)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    DPRINT("BAD signature, MID=0x%x", rqp->rq_mid);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#ifdef DEBUG
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * For diag purposes, we check whether the client/server idea
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     * of the sequence # has gotten a bit out of sync.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross     */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    for (fudge = 1; fudge <= nsmb_signing_fudge; fudge++) {
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross        (void) smb_compute_MAC(ctx, m, rseqno + fudge, sigbuf);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        if (bcmp(sigbuf, sigloc, SMBSIGLEN) == 0)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            break;
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross        (void) smb_compute_MAC(ctx, m, rseqno - fudge, sigbuf);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        if (bcmp(sigbuf, sigloc, SMBSIGLEN) == 0) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            fudge = -fudge;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            break;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    if (fudge <= nsmb_signing_fudge) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross        DPRINT("rseqno=%d, but %d would have worked",
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross            rseqno, rseqno + fudge);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#endif
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross    return (EBADRPC);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross}