[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-685-g2a700c5
Jeremy Allison
jra at samba.org
Mon Dec 17 02:43:42 GMT 2007
The branch, v3-2-test has been updated
via 2a700c5a57a417add3b1975b2c396d20c8a5f301 (commit)
from 898c56c0ead6331721de9645ce55608cbe7cf34d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 2a700c5a57a417add3b1975b2c396d20c8a5f301
Author: Jeremy Allison <jra at samba.org>
Date: Sun Dec 16 18:32:03 2007 -0800
Remove another static string and static passwd.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/auth/auth_server.c | 41 ++++++++++++++++++++++-------------------
1 files changed, 22 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/auth/auth_server.c b/source/auth/auth_server.c
index 7c99848..9f90ef8 100644
--- a/source/auth/auth_server.c
+++ b/source/auth/auth_server.c
@@ -268,8 +268,6 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context
auth_serversupplied_info **server_info)
{
struct cli_state *cli;
- static unsigned char badpass[24];
- static fstring baduser;
static bool tested_password_server = False;
static bool bad_password_server = False;
NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
@@ -300,23 +298,6 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context
}
}
- if(badpass[0] == 0)
- memset(badpass, 0x1f, sizeof(badpass));
-
- if((user_info->nt_resp.length == sizeof(badpass)) &&
- !memcmp(badpass, user_info->nt_resp.data, sizeof(badpass))) {
- /*
- * Very unlikely, our random bad password is the same as the users
- * password.
- */
- memset(badpass, badpass[0]+1, sizeof(badpass));
- }
-
- if(baduser[0] == 0) {
- fstrcpy(baduser, INVALID_USER_PREFIX);
- fstrcat(baduser, global_myname());
- }
-
/*
* Attempt a session setup with a totally incorrect password.
* If this succeeds with the guest bit *NOT* set then the password
@@ -330,6 +311,28 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context
*/
if ((!tested_password_server) && (lp_paranoid_server_security())) {
+ unsigned char badpass[24];
+ char *baduser = NULL;
+
+ memset(badpass, 0x1f, sizeof(badpass));
+
+ if((user_info->nt_resp.length == sizeof(badpass)) &&
+ !memcmp(badpass, user_info->nt_resp.data, sizeof(badpass))) {
+ /*
+ * Very unlikely, our random bad password is the same as the users
+ * password.
+ */
+ memset(badpass, badpass[0]+1, sizeof(badpass));
+ }
+
+ baduser = talloc_asprintf(mem_ctx,
+ "%s%s",
+ INVALID_USER_PREFIX,
+ global_myname());
+ if (!baduser) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
if (NT_STATUS_IS_OK(cli_session_setup(cli, baduser,
(char *)badpass,
sizeof(badpass),
--
Samba Shared Repository
More information about the samba-cvs
mailing list