[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Mon Jun 26 11:08:03 UTC 2017
The branch, master has been updated
via 27e43e1 auth/ntlmssp: make ntlmssp_server_check_password() shorter
via c6b37a0 auth/ntlmssp: remove useless talloc_steal calls in ntlmssp_server_check_password()
via ebb63e1 s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_auto_name_to_nt4_name()
via f054130 s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_name_to_nt4_name()
via bfb25f9 s4:auth/unix_token: remove unused tevent_context from auth_session_info_fill_unix()
via a2efaef s4:auth/unix_token: remove unused tevent_context from security_token_to_unix_token()
via d254984 s3:smbd: call auth_check_password_session_info() only in one central place
via fc41aeb s3:smbd: introduce a reply_sesssetup_and_X_state
via c990d2b s3:smbd: inline check_guest_password() into reply_sesssetup_and_X()
via 5810f74 s3:smbd: only set user_info->auth_description on success
via 823bc4c pidl:NDR/Parser: initialize [skip] values in ndr_pull_*
via 5a08c98 ntprinting.idl: make use of [skip_noinit] for string_flags
via b922472 pidl:NDR/Parser: add "skip_noinit" element
via 3bc6b55 pidl:NDR/Parser: fix "skip" for pointers
from 2fa069e ctdb-scripts: Don't send empty argument string to logger
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 27e43e1d0c35550e227c127f3c857fa4420cc8dc
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 16 17:11:17 2017 +0200
auth/ntlmssp: make ntlmssp_server_check_password() shorter
We move as must as possible into ntlmssp_server_{pre,post}auth().
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jun 26 13:07:30 CEST 2017 on sn-devel-144
commit c6b37a0e1dff557ca8e200b47eff50d89c180e30
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 16 18:03:11 2017 +0200
auth/ntlmssp: remove useless talloc_steal calls in ntlmssp_server_check_password()
We only create a temporary auth_usersupplied_info structure and pass it
down as const, lets keep the values on ntlmssp_state otherwise we may derefence
stale pointers.
We finally free the memory at the end of ntlmssp_server_postauth() now.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ebb63e1cb3a40b3af691c56dd0ae2c6cfdccf9ec
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 19 08:39:19 2017 +0200
s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_auto_name_to_nt4_name()
There's no point in creating a temporary ldb_context as
the only callers already have a valid struct ldb_context for
the local sam.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f0541309d77e51e1169d6a534b5e11bd3a24d4cd
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 19 08:39:19 2017 +0200
s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_name_to_nt4_name()
There's no point in creating a temporary ldb_context as
all direct callers already have a valid struct ldb_context for
the local sam.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bfb25f92aac335d2b96ae5353fbeacf90bbdcb43
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 19 08:26:26 2017 +0200
s4:auth/unix_token: remove unused tevent_context from auth_session_info_fill_unix()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit a2efaef15fc0311111a83a2bfc8f80490f2ea051
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 19 08:26:26 2017 +0200
s4:auth/unix_token: remove unused tevent_context from security_token_to_unix_token()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d254984d371bb614e11c6ed13a58e1921813a4ff
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jun 18 12:53:05 2017 +0200
s3:smbd: call auth_check_password_session_info() only in one central place
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit fc41aebf452e80869d80e3f0d6f3c7dfea65da01
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jun 18 12:48:11 2017 +0200
s3:smbd: introduce a reply_sesssetup_and_X_state
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c990d2bd1c37e95c9e38540148cde37542aaf36f
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jun 18 12:08:58 2017 +0200
s3:smbd: inline check_guest_password() into reply_sesssetup_and_X()
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5810f7468bc0c2592056d100f3174e6e2342b3b5
Author: Stefan Metzmacher <metze at samba.org>
Date: Sun Jun 18 12:06:10 2017 +0200
s3:smbd: only set user_info->auth_description on success
Otherwise we'll derefence a NULL pointer.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 823bc4c07add242a5a1d0cd25942ebaab3cd0e23
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 13 09:57:33 2017 +0200
pidl:NDR/Parser: initialize [skip] values in ndr_pull_*
It's too dangerous to leave values uninitialzed!
[skip_noinit] can be used if required.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 5a08c9887cb3e9354ed697c649d5f9965436fe50
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 21 15:11:28 2017 +0200
ntprinting.idl: make use of [skip_noinit] for string_flags
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit b922472fd683235fde3abc69ee09d9d8bfdb8644
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 21 15:05:35 2017 +0200
pidl:NDR/Parser: add "skip_noinit" element
In future "skip" will be changed to initialize the element
with ZERO_STRUCT() on ndr_pull_*.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 3bc6b55385894691792962ecc15978a3b158eca4
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 19 12:15:21 2017 +0200
pidl:NDR/Parser: fix "skip" for pointers
We should handle the "skip" at the element level before
we traverse trough the element levels.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/ntlmssp/ntlmssp_server.c | 109 ++++++++-------
librpc/idl/ntprinting.idl | 8 +-
pidl/lib/Parse/Pidl/NDR.pm | 1 +
pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 43 ++++--
source3/smbd/sesssetup.c | 225 ++++++++++++++-----------------
source4/auth/ntlm/auth.c | 6 +-
source4/auth/ntlm/auth_sam.c | 3 +-
source4/auth/ntlm/auth_simple.c | 4 +-
source4/auth/ntlm/auth_winbind.c | 3 +-
source4/auth/unix_token.c | 6 +-
source4/dsdb/samdb/cracknames.c | 14 +-
source4/ntvfs/unixuid/vfs_unixuid.c | 4 +-
source4/rpc_server/lsa/lsa_lookup.c | 5 +-
13 files changed, 216 insertions(+), 215 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index c525a93..e17074e 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -294,6 +294,7 @@ NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security
}
struct ntlmssp_server_auth_state {
+ struct auth_usersupplied_info *user_info;
DATA_BLOB user_session_key;
DATA_BLOB lm_session_key;
/* internal variables used by KEY_EXCH (client-supplied user session key */
@@ -318,6 +319,7 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
{
struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
struct auth4_context *auth_context = gensec_security->auth_context;
+ struct auth_usersupplied_info *user_info = NULL;
uint32_t ntlmssp_command, auth_flags;
NTSTATUS nt_status;
const unsigned int version_len = 8;
@@ -686,27 +688,8 @@ static NTSTATUS ntlmssp_server_preauth(struct gensec_security *gensec_security,
ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
}
}
- return NT_STATUS_OK;
-}
-
-/**
- * Check the password on an NTLMSSP login.
- *
- * Return the session keys used on the connection.
- */
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
- struct gensec_ntlmssp_context *gensec_ntlmssp,
- TALLOC_CTX *mem_ctx,
- DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
-{
- struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
- struct auth4_context *auth_context = gensec_security->auth_context;
- NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
- struct auth_session_info *session_info = NULL;
- struct auth_usersupplied_info *user_info;
-
- user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info);
+ user_info = talloc_zero(state, struct auth_usersupplied_info);
if (!user_info) {
return NT_STATUS_NO_MEMORY;
}
@@ -732,9 +715,26 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
user_info->password_state = AUTH_PASSWORD_RESPONSE;
user_info->password.response.lanman = ntlmssp_state->lm_resp;
- user_info->password.response.lanman.data = talloc_steal(user_info, ntlmssp_state->lm_resp.data);
user_info->password.response.nt = ntlmssp_state->nt_resp;
- user_info->password.response.nt.data = talloc_steal(user_info, ntlmssp_state->nt_resp.data);
+
+ state->user_info = user_info;
+ return NT_STATUS_OK;
+}
+
+/**
+ * Check the password on an NTLMSSP login.
+ *
+ * Return the session keys used on the connection.
+ */
+
+static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_security,
+ struct gensec_ntlmssp_context *gensec_ntlmssp,
+ const struct auth_usersupplied_info *user_info,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
+{
+ struct auth4_context *auth_context = gensec_security->auth_context;
+ NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
if (auth_context->check_ntlm_password) {
uint8_t authoritative = 0;
@@ -750,10 +750,37 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s failed: %s\n", user_info->client.domain_name, user_info->client.account_name, nt_errstr(nt_status)));
}
- TALLOC_FREE(user_info);
-
NT_STATUS_NOT_OK_RETURN(nt_status);
+ talloc_steal(mem_ctx, user_session_key->data);
+ talloc_steal(mem_ctx, lm_session_key->data);
+
+ return nt_status;
+}
+
+/**
+ * Next state function for the Authenticate packet
+ * (after authentication - figures out the session keys etc)
+ *
+ * @param ntlmssp_state NTLMSSP State
+ * @return Errors or NT_STATUS_OK.
+ */
+
+static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
+ struct gensec_ntlmssp_context *gensec_ntlmssp,
+ struct ntlmssp_server_auth_state *state,
+ DATA_BLOB request)
+{
+ struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
+ struct auth4_context *auth_context = gensec_security->auth_context;
+ DATA_BLOB user_session_key = state->user_session_key;
+ DATA_BLOB lm_session_key = state->lm_session_key;
+ NTSTATUS nt_status = NT_STATUS_OK;
+ DATA_BLOB session_key = data_blob(NULL, 0);
+ struct auth_session_info *session_info = NULL;
+
+ TALLOC_FREE(state->user_info);
+
if (lpcfg_map_to_guest(gensec_security->settings->lp_ctx) != NEVER_MAP_TO_GUEST
&& auth_context->generate_session_info != NULL)
{
@@ -762,7 +789,7 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
/*
* We need to check if the auth is anonymous or mapped to guest
*/
- tmp_status = auth_context->generate_session_info(auth_context, mem_ctx,
+ tmp_status = auth_context->generate_session_info(auth_context, state,
gensec_ntlmssp->server_returned_info,
gensec_ntlmssp->ntlmssp_state->user,
AUTH_SESSION_INFO_SIMPLE_PRIVILEGES,
@@ -790,31 +817,6 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
TALLOC_FREE(session_info);
}
- talloc_steal(mem_ctx, user_session_key->data);
- talloc_steal(mem_ctx, lm_session_key->data);
-
- return nt_status;
-}
-
-/**
- * Next state function for the Authenticate packet
- * (after authentication - figures out the session keys etc)
- *
- * @param ntlmssp_state NTLMSSP State
- * @return Errors or NT_STATUS_OK.
- */
-
-static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
- struct gensec_ntlmssp_context *gensec_ntlmssp,
- struct ntlmssp_server_auth_state *state,
- DATA_BLOB request)
-{
- struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
- DATA_BLOB user_session_key = state->user_session_key;
- DATA_BLOB lm_session_key = state->lm_session_key;
- NTSTATUS nt_status = NT_STATUS_OK;
- DATA_BLOB session_key = data_blob(NULL, 0);
-
dump_data_pw("NT session key:\n", user_session_key.data, user_session_key.length);
dump_data_pw("LM first-8:\n", lm_session_key.data, lm_session_key.length);
@@ -977,6 +979,11 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
nt_status = ntlmssp_sign_init(ntlmssp_state);
}
+ data_blob_clear_free(&ntlmssp_state->internal_chal);
+ data_blob_clear_free(&ntlmssp_state->chal);
+ data_blob_clear_free(&ntlmssp_state->lm_resp);
+ data_blob_clear_free(&ntlmssp_state->nt_resp);
+
ntlmssp_state->expected_state = NTLMSSP_DONE;
return nt_status;
@@ -1026,7 +1033,7 @@ NTSTATUS gensec_ntlmssp_server_auth(struct gensec_security *gensec_security,
/* Finally, actually ask if the password is OK */
nt_status = ntlmssp_server_check_password(gensec_security, gensec_ntlmssp,
- state,
+ state->user_info, state,
&state->user_session_key,
&state->lm_session_key);
if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/librpc/idl/ntprinting.idl b/librpc/idl/ntprinting.idl
index 8152144..30af141 100644
--- a/librpc/idl/ntprinting.idl
+++ b/librpc/idl/ntprinting.idl
@@ -36,7 +36,7 @@ interface ntprinting
* "dffffffff" followed by a remaining buffer of "f" array */
typedef [flag(NDR_NOALIGN),public] struct {
- [skip] uint32 string_flags;
+ [skip_noinit] uint32 string_flags;
uint32 version;
[flag(ndr_ntprinting_string_flags(r->string_flags))] string name;
@@ -61,7 +61,7 @@ interface ntprinting
* "B" private data blob */
typedef [flag(NDR_NOALIGN),public] struct {
- [skip] uint32 string_flags;
+ [skip_noinit] uint32 string_flags;
/* uint32 devicemode_ptr; */
[flag(ndr_ntprinting_string_flags(r->string_flags))] string devicename;
@@ -108,7 +108,7 @@ interface ntprinting
* "fdB" */
typedef [flag(NDR_NOALIGN),public] struct {
- [skip] uint32 string_flags;
+ [skip_noinit] uint32 string_flags;
uint32 ptr;
[flag(ndr_ntprinting_string_flags(r->string_flags))] string name;
@@ -123,7 +123,7 @@ interface ntprinting
*/
typedef [flag(NDR_NOALIGN),public] struct {
- [skip] uint32 string_flags;
+ [skip_noinit] uint32 string_flags;
uint32 attributes;
uint32 priority;
diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm
index 4659e31..003156e 100644
--- a/pidl/lib/Parse/Pidl/NDR.pm
+++ b/pidl/lib/Parse/Pidl/NDR.pm
@@ -1104,6 +1104,7 @@ my %property_list = (
"nopython" => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", "ENUM", "BITMAP"],
"todo" => ["FUNCTION"],
"skip" => ["ELEMENT"],
+ "skip_noinit" => ["ELEMENT"],
# union
"switch_is" => ["ELEMENT"],
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 87ef6ce..7a73126 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -721,6 +721,11 @@ sub ParseElementPush($$$$$$)
my $var_name = $env->{$e->{NAME}};
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ $self->pidl("/* [skip] '$var_name' */");
+ return;
+ }
+
return if ContainsPipe($e, $e->{LEVELS}[0]);
return unless $primitives or ($deferred and ContainsDeferred($e, $e->{LEVELS}[0]));
@@ -983,11 +988,7 @@ sub ParseDataPull($$$$$$$)
$var_name = get_pointer_to($var_name);
- if (has_property($e, "skip")) {
- $self->pidl("/* [skip] '$var_name' */");
- } else {
- $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_pull", $l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
- }
+ $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_pull", $l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
my $pl = GetPrevLevel($e, $l);
@@ -1025,11 +1026,7 @@ sub ParseDataPush($$$$$$$)
$var_name = get_pointer_to($var_name);
}
- if (has_property($e, "skip")) {
- $self->pidl("/* [skip] '$var_name' */");
- } else {
- $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_push", $l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
- }
+ $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_push", $l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
} else {
$self->ParseTypePush($l->{DATA_TYPE}, $ndr, $var_name, $primitives, $deferred);
}
@@ -1129,6 +1126,14 @@ sub ParseElementPullLevel
my $ndr_flags = CalcNdrFlags($l, $primitives, $deferred);
my $array_length = undef;
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ $self->pidl("/* [skip] '$var_name' */");
+ if (not has_property($e, "skip_noinit")) {
+ $self->pidl("ZERO_STRUCT($var_name);");
+ }
+ return;
+ }
+
if ($l->{TYPE} eq "ARRAY" and ($l->{IS_VARYING} or $l->{IS_CONFORMANT})) {
$var_name = get_pointer_to($var_name);
}
@@ -1652,6 +1657,11 @@ sub ParseStructPrint($$$$$)
sub DeclarePtrVariables($$)
{
my ($self,$e) = @_;
+
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ return;
+ }
+
foreach my $l (@{$e->{LEVELS}}) {
my $size = 32;
if ($l->{TYPE} eq "POINTER" and
@@ -1669,6 +1679,10 @@ sub DeclareArrayVariables($$;$)
{
my ($self,$e,$pull) = @_;
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ return;
+ }
+
foreach my $l (@{$e->{LEVELS}}) {
next if ($l->{TYPE} ne "ARRAY");
if (defined($pull)) {
@@ -1687,6 +1701,10 @@ sub DeclareArrayVariablesNoZero($$$)
{
my ($self,$e,$env) = @_;
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ return;
+ }
+
foreach my $l (@{$e->{LEVELS}}) {
next if ($l->{TYPE} ne "ARRAY");
next if has_fast_array($e,$l);
@@ -1703,6 +1721,11 @@ sub DeclareArrayVariablesNoZero($$$)
sub DeclareMemCtxVariables($$)
{
my ($self,$e) = @_;
+
+ if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+ return;
+ }
+
foreach my $l (@{$e->{LEVELS}}) {
my $mem_flags = $self->ParseMemCtxPullFlags($e, $l);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a44af7f..e1fc7fd 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -75,45 +75,6 @@ static int push_signature(uint8_t **outbuf)
}
/****************************************************************************
- Do a 'guest' logon, getting back the
-****************************************************************************/
-
-static NTSTATUS check_guest_password(const struct tsocket_address *remote_address,
- const struct tsocket_address *local_address,
- TALLOC_CTX *mem_ctx,
- struct auth_session_info **session_info)
-{
- struct auth4_context *auth_context;
- struct auth_usersupplied_info *user_info = NULL;
- uint8_t chal[8];
- NTSTATUS nt_status;
-
- DEBUG(3,("Got anonymous request\n"));
-
- nt_status = make_auth4_context(talloc_tos(), &auth_context);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- auth_context->get_ntlm_challenge(auth_context,
- chal);
-
- if (!make_user_info_guest(talloc_tos(), remote_address, local_address,
- "SMB", &user_info)) {
- TALLOC_FREE(auth_context);
- return NT_STATUS_NO_MEMORY;
- }
-
- user_info->auth_description = "guest";
-
- nt_status = auth_check_password_session_info(auth_context,
- mem_ctx, user_info, session_info);
- TALLOC_FREE(user_info);
- TALLOC_FREE(auth_context);
- return nt_status;
-}
-
-/****************************************************************************
Reply to a session setup command.
conn POINTER CAN BE NULL HERE !
****************************************************************************/
@@ -594,21 +555,36 @@ static void setup_new_vc_session(struct smbd_server_connection *sconn)
Reply to a session setup command.
****************************************************************************/
+struct reply_sesssetup_and_X_state {
+ struct smb_request *req;
+ struct auth4_context *auth_context;
+ struct auth_usersupplied_info *user_info;
+ const char *user;
+ const char *domain;
+ DATA_BLOB lm_resp;
+ DATA_BLOB nt_resp;
+ DATA_BLOB plaintext_password;
+};
+
+static int reply_sesssetup_and_X_state_destructor(
+ struct reply_sesssetup_and_X_state *state)
+{
+ data_blob_clear_free(&state->nt_resp);
+ data_blob_clear_free(&state->lm_resp);
+ data_blob_clear_free(&state->plaintext_password);
+ return 0;
+}
+
void reply_sesssetup_and_X(struct smb_request *req)
{
+ struct reply_sesssetup_and_X_state *state = NULL;
uint64_t sess_vuid;
uint16_t smb_bufsize;
- DATA_BLOB lm_resp;
- DATA_BLOB nt_resp;
- DATA_BLOB plaintext_password;
char *tmp;
- const char *user;
fstring sub_user; /* Sanitised username for substituion */
- const char *domain;
const char *native_os;
const char *native_lanman;
const char *primary_domain;
- struct auth_usersupplied_info *user_info = NULL;
struct auth_session_info *session_info = NULL;
uint16_t smb_flag2 = req->flags2;
uint16_t action = 0;
@@ -625,12 +601,17 @@ void reply_sesssetup_and_X(struct smb_request *req)
START_PROFILE(SMBsesssetupX);
- ZERO_STRUCT(lm_resp);
- ZERO_STRUCT(nt_resp);
- ZERO_STRUCT(plaintext_password);
-
DEBUG(3,("wct=%d flg2=0x%x\n", req->wct, req->flags2));
+ state = talloc_zero(req, struct reply_sesssetup_and_X_state);
+ if (state == NULL) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBsesssetupX);
+ return;
+ }
+ state->req = req;
+ talloc_set_destructor(state, reply_sesssetup_and_X_state_destructor);
+
if (req->flags2 & FLAGS2_SMB_SECURITY_SIGNATURES) {
signing_allowed = true;
}
@@ -688,18 +669,22 @@ void reply_sesssetup_and_X(struct smb_request *req)
}
if (doencrypt) {
- lm_resp = data_blob(req->buf, passlen1);
+ state->lm_resp = data_blob_talloc(state,
+ req->buf,
+ passlen1);
} else {
- plaintext_password = data_blob(req->buf, passlen1+1);
+ state->plaintext_password = data_blob_talloc(state,
+ req->buf,
+ passlen1+1);
/* Ensure null termination */
- plaintext_password.data[passlen1] = 0;
+ state->plaintext_password.data[passlen1] = 0;
}
- srvstr_pull_req_talloc(talloc_tos(), req, &tmp,
+ srvstr_pull_req_talloc(state, req, &tmp,
req->buf + passlen1, STR_TERMINATE);
- user = tmp ? tmp : "";
+ state->user = tmp ? tmp : "";
- domain = "";
+ state->domain = "";
} else {
uint16_t passlen1 = SVAL(req->vwv+7, 0);
@@ -774,15 +759,15 @@ void reply_sesssetup_and_X(struct smb_request *req)
}
if (doencrypt) {
- lm_resp = data_blob(p, passlen1);
- nt_resp = data_blob(p+passlen1, passlen2);
+ state->lm_resp = data_blob_talloc(state, p, passlen1);
+ state->nt_resp = data_blob_talloc(state, p+passlen1, passlen2);
} else {
char *pass = NULL;
bool unic= smb_flag2 & FLAGS2_UNICODE_STRINGS;
if (unic && (passlen2 == 0) && passlen1) {
/* Only a ascii plaintext password was sent. */
- (void)srvstr_pull_talloc(talloc_tos(),
+ (void)srvstr_pull_talloc(state,
req->inbuf,
req->flags2,
&pass,
@@ -790,7 +775,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
passlen1,
--
Samba Shared Repository
More information about the samba-cvs
mailing list