Hello, Attached is a patch that moves the handling of the auth padding until after the decryption has occurred. This is done because the auth padding is actually INSIDE the encrypted payload when NTLMSSP is used. It is also necessary that the auth padding be decrypted as part of the payload, or else decryption will fail for all subsequent packets.
I also removed a piece of code which changes the auth padding length to "auth_pad_len % 4". This is because the auth padding is being represented as zero length in these conditions, which it isn't clear to me in which case this would be right. If anyone has a trace that contradicts this, or is now broken as a result of this change, PLEASE send it to me and I will straighten it out. Thanks, Devin Heitmueller Senior Software Engineer Netilla Networks Inc
auth_padding_fix.gz
Description: application/gzip
