From 4fd8f1b83fefe6d54768df4c1460b2061ddfcf64 Mon Sep 17 00:00:00 2001
From: Paul van Tilburg <paul.van.tilburg@leftclick.eu>
Date: Wed, 4 May 2022 16:05:24 +0200
Subject: [PATCH] Fix applying DES-CBC when using OpenSSL 3

After calling `#final` on the cipher object, it will return garbage from
that moment forward. The cipher object can therefore not be reused in
the iteration over keys. Reinitialize it everytime instead.

This seems to be new behaviour in Ruby/OpenSSL3. See also:
https://ruby.github.io/openssl/OpenSSL/Cipher.html#class-OpenSSL::Cipher-label-Calling+Cipher-23final
---
 lib/net/ntlm.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/net/ntlm.rb b/lib/net/ntlm.rb
index e085a0d..09c1262 100644
--- a/lib/net/ntlm.rb
+++ b/lib/net/ntlm.rb
@@ -123,9 +123,9 @@ def gen_keys(str)
       end
 
       def apply_des(plain, keys)
-        dec = OpenSSL::Cipher.new("des-cbc").encrypt
-        dec.padding = 0
         keys.map {|k|
+          dec = OpenSSL::Cipher.new("des-cbc").encrypt
+          dec.padding = 0
           dec.key = k
           dec.update(plain) + dec.final
         }