[PATCH] Use "all_zero()"
Volker Lendecke
vl at samba.org
Mon Jan 2 14:37:43 UTC 2017
Hi!
A few days ago I found the "all_zero()" routine. This patchset replaces
all "memcmp(zeros, ..)" with a call to all_zeros().
Two reasons: First I find the "all_zeros" metaphor nice to read, much
nicer than memcmp(zeros...)==0 or "!=0". Second, probably not measurable:
I think all_zero() is more cache-friendly. We don't have to read in
stuff from main memory that we know is 0.
Review appreciated!
Thanks, Volker
-------------- next part --------------
>From 5f20a553e4c34e1e2a904ab82f66ebfded3aa829 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:38:45 +0000
Subject: [PATCH 01/22] lib: Remove a duplicate prototype
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/include/proto.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 4535a14..642900e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -324,7 +324,6 @@ const char *my_sam_name(void);
enum protocol_types get_Protocol(void);
void set_Protocol(enum protocol_types p);
-bool all_zero(const uint8_t *ptr, size_t size);
void gfree_names(void);
void gfree_all( void );
const char *my_netbios_names(int i);
--
2.1.4
>From e23eb7b2228941000adf6ea4ca9c171bcb971d9a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 02/22] libcli: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/auth/credentials.c | 33 ++++++++++++++-------------------
1 file changed, 14 insertions(+), 19 deletions(-)
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index 91f37b7..ddff5e9 100644
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -512,7 +512,6 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede
union netr_Validation *validation,
bool do_encrypt)
{
- static const char zeros[16];
struct netr_SamBaseInfo *base = NULL;
if (validation == NULL) {
@@ -549,8 +548,7 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede
/* they aren't encrypted! */
} else if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- if (memcmp(base->key.key, zeros,
- sizeof(base->key.key)) != 0) {
+ if (!all_zero(base->key.key, sizeof(base->key.key))) {
if (do_encrypt) {
netlogon_creds_aes_encrypt(creds,
base->key.key,
@@ -562,8 +560,8 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede
}
}
- if (memcmp(base->LMSessKey.key, zeros,
- sizeof(base->LMSessKey.key)) != 0) {
+ if (!all_zero(base->LMSessKey.key,
+ sizeof(base->LMSessKey.key))) {
if (do_encrypt) {
netlogon_creds_aes_encrypt(creds,
base->LMSessKey.key,
@@ -577,23 +575,22 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede
}
} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- if (memcmp(base->key.key, zeros,
- sizeof(base->key.key)) != 0) {
+ if (!all_zero(base->key.key, sizeof(base->key.key))) {
netlogon_creds_arcfour_crypt(creds,
base->key.key,
sizeof(base->key.key));
}
- if (memcmp(base->LMSessKey.key, zeros,
- sizeof(base->LMSessKey.key)) != 0) {
+ if (!all_zero(base->LMSessKey.key,
+ sizeof(base->LMSessKey.key))) {
netlogon_creds_arcfour_crypt(creds,
base->LMSessKey.key,
sizeof(base->LMSessKey.key));
}
} else {
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
- if (memcmp(base->LMSessKey.key, zeros,
- sizeof(base->LMSessKey.key)) != 0) {
+ if (!all_zero(base->LMSessKey.key,
+ sizeof(base->LMSessKey.key))) {
if (do_encrypt) {
netlogon_creds_des_encrypt_LMKey(creds,
&base->LMSessKey);
@@ -626,8 +623,6 @@ static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Credential
union netr_LogonLevel *logon,
bool do_encrypt)
{
- static const char zeros[16];
-
if (logon == NULL) {
return;
}
@@ -645,7 +640,7 @@ static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Credential
uint8_t *h;
h = logon->password->lmpassword.hash;
- if (memcmp(h, zeros, 16) != 0) {
+ if (!all_zero(h, 16)) {
if (do_encrypt) {
netlogon_creds_aes_encrypt(creds, h, 16);
} else {
@@ -654,7 +649,7 @@ static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Credential
}
h = logon->password->ntpassword.hash;
- if (memcmp(h, zeros, 16) != 0) {
+ if (!all_zero(h, 16)) {
if (do_encrypt) {
netlogon_creds_aes_encrypt(creds, h, 16);
} else {
@@ -665,19 +660,19 @@ static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Credential
uint8_t *h;
h = logon->password->lmpassword.hash;
- if (memcmp(h, zeros, 16) != 0) {
+ if (!all_zero(h, 16)) {
netlogon_creds_arcfour_crypt(creds, h, 16);
}
h = logon->password->ntpassword.hash;
- if (memcmp(h, zeros, 16) != 0) {
+ if (!all_zero(h, 16)) {
netlogon_creds_arcfour_crypt(creds, h, 16);
}
} else {
struct samr_Password *p;
p = &logon->password->lmpassword;
- if (memcmp(p->hash, zeros, 16) != 0) {
+ if (!all_zero(p->hash, 16)) {
if (do_encrypt) {
netlogon_creds_des_encrypt(creds, p);
} else {
@@ -685,7 +680,7 @@ static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Credential
}
}
p = &logon->password->ntpassword;
- if (memcmp(p->hash, zeros, 16) != 0) {
+ if (!all_zero(p->hash, 16)) {
if (do_encrypt) {
netlogon_creds_des_encrypt(creds, p);
} else {
--
2.1.4
>From eb7d810ddc3e6f69aab5dc39259239d5d7ae536c Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 03/22] auth3: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/auth/auth_util.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 25f27e8..58639a0 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1358,8 +1358,6 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
struct auth_serversupplied_info **server_info,
const struct netr_SamInfo3 *info3)
{
- static const char zeros[16] = {0, };
-
NTSTATUS nt_status = NT_STATUS_OK;
char *found_username = NULL;
const char *nt_domain;
@@ -1460,7 +1458,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* ensure we are never given NULL session keys */
- if (memcmp(info3->base.key.key, zeros, sizeof(zeros)) == 0) {
+ if (all_zero(info3->base.key.key, sizeof(info3->base.key.key))) {
result->session_key = data_blob_null;
} else {
result->session_key = data_blob_talloc(
@@ -1468,7 +1466,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
sizeof(info3->base.key.key));
}
- if (memcmp(info3->base.LMSessKey.key, zeros, 8) == 0) {
+ if (all_zero(info3->base.LMSessKey.key,
+ sizeof(info3->base.LMSessKey.key))) {
result->lm_session_key = data_blob_null;
} else {
result->lm_session_key = data_blob_talloc(
--
2.1.4
>From da273cbead7b3bc4013a366a46cb6cd6f79f7511 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 04/22] libcli: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/auth/ntlm_check.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
index 7f91b52..d7fba34 100644
--- a/libcli/auth/ntlm_check.c
+++ b/libcli/auth/ntlm_check.c
@@ -293,7 +293,6 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
DATA_BLOB *user_sess_key,
DATA_BLOB *lm_sess_key)
{
- const static uint8_t zeros[8];
DATA_BLOB tmp_sess_key;
const char *upper_client_domain = NULL;
@@ -314,8 +313,8 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
/* Check for cleartext netlogon. Used by Exchange 5.5. */
if ((logon_parameters & MSV1_0_CLEARTEXT_PASSWORD_ALLOWED)
- && challenge->length == sizeof(zeros)
- && (memcmp(challenge->data, zeros, challenge->length) == 0 )) {
+ && challenge->length == 8
+ && (all_zero(challenge->data, challenge->length))) {
struct samr_Password client_nt;
struct samr_Password client_lm;
char *unix_pw = NULL;
--
2.1.4
>From 263243b3fbebeb5125bcdfea9a63683fb6c16788 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 05/22] libcli: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/smb/smbXcli_base.c | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index e24090d..a7b24f0 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -3851,13 +3851,9 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
}
}
if (signing_key) {
- int cmp;
- static const uint8_t zeros[16];
-
- cmp = memcmp(inhdr+SMB2_HDR_SIGNATURE,
- zeros,
- 16);
- if (cmp == 0) {
+ bool zero;
+ zero = all_zero(inhdr+SMB2_HDR_SIGNATURE, 16);
+ if (zero) {
state->smb2.signing_skipped = true;
signing_key = NULL;
}
--
2.1.4
>From 9bec11d20b8780042ec8e92c05820ef8cc04099a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 06/22] ntlm_auth: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/utils/ntlm_auth.c | 22 +++++++++-------------
1 file changed, 9 insertions(+), 13 deletions(-)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 57279ab..829eb8f 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -946,7 +946,6 @@ static NTSTATUS winbind_pw_check(struct auth4_context *auth4_context,
void **server_returned_info,
DATA_BLOB *session_key, DATA_BLOB *lm_session_key)
{
- static const char zeros[16] = { 0, };
NTSTATUS nt_status;
char *error_string = NULL;
uint8_t lm_key[8];
@@ -964,13 +963,13 @@ static NTSTATUS winbind_pw_check(struct auth4_context *auth4_context,
&error_string, &unix_name);
if (NT_STATUS_IS_OK(nt_status)) {
- if (memcmp(lm_key, zeros, 8) != 0) {
+ if (!all_zero(lm_key, 8)) {
*lm_session_key = data_blob_talloc(mem_ctx, NULL, 16);
memcpy(lm_session_key->data, lm_key, 8);
memset(lm_session_key->data+8, '\0', 8);
}
- if (memcmp(user_sess_key, zeros, 16) != 0) {
+ if (!all_zero(user_sess_key, 16)) {
*session_key = data_blob_talloc(mem_ctx, user_sess_key, 16);
}
*server_returned_info = talloc_strdup(mem_ctx,
@@ -1748,15 +1747,14 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
printf("Authentication-Error: %s\n.\n",
error_string);
} else {
- static char zeros[16];
char *hex_lm_key;
char *hex_user_session_key;
printf("Authenticated: Yes\n");
if (ntlm_server_1_lm_session_key
- && (memcmp(zeros, lm_key,
- sizeof(lm_key)) != 0)) {
+ && (!all_zero(lm_key,
+ sizeof(lm_key)))) {
hex_lm_key = hex_encode_talloc(NULL,
(const unsigned char *)lm_key,
sizeof(lm_key));
@@ -1766,8 +1764,8 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
}
if (ntlm_server_1_user_session_key
- && (memcmp(zeros, user_session_key,
- sizeof(user_session_key)) != 0)) {
+ && (!all_zero(user_session_key,
+ sizeof(user_session_key)))) {
hex_user_session_key = hex_encode_talloc(NULL,
(const unsigned char *)user_session_key,
sizeof(user_session_key));
@@ -2187,7 +2185,6 @@ static bool check_auth_crap(void)
char *hex_lm_key;
char *hex_user_session_key;
char *error_string;
- static uint8_t zeros[16];
setbuf(stdout, NULL);
@@ -2217,16 +2214,15 @@ static bool check_auth_crap(void)
}
if (request_lm_key
- && (memcmp(zeros, lm_key,
- sizeof(lm_key)) != 0)) {
+ && (!all_zero((uint8_t *)lm_key, sizeof(lm_key)))) {
hex_lm_key = hex_encode_talloc(talloc_tos(), (const unsigned char *)lm_key,
sizeof(lm_key));
printf("LM_KEY: %s\n", hex_lm_key);
TALLOC_FREE(hex_lm_key);
}
if (request_user_session_key
- && (memcmp(zeros, user_session_key,
- sizeof(user_session_key)) != 0)) {
+ && (!all_zero((uint8_t *)user_session_key,
+ sizeof(user_session_key)))) {
hex_user_session_key = hex_encode_talloc(talloc_tos(), (const unsigned char *)user_session_key,
sizeof(user_session_key));
printf("NT_KEY: %s\n", hex_user_session_key);
--
2.1.4
>From b563f98d061aca955fe6461b9d1a141a4ee1a62a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 13:11:10 +0000
Subject: [PATCH 07/22] auth3: Avoid some zeros footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/auth/auth_util.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 58639a0..ae6bfb3 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -811,7 +811,6 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_info, struct auth_serversupplied_info **server_info)
{
- static const char zeros[16] = {0};
const char *guest_account = lp_guest_account();
const char *domain = lp_netbios_name();
struct netr_SamInfo3 info3;
@@ -861,7 +860,7 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i
/* annoying, but the Guest really does have a session key, and it is
all zeros! */
- (*session_info)->session_key = data_blob(zeros, sizeof(zeros));
+ (*session_info)->session_key = data_blob_talloc_zero(NULL, 16);
status = NT_STATUS_OK;
done:
--
2.1.4
>From afac3eb8922249ffbf2ba2757eb03ad4a0889438 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 08/22] passdb: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/passdb/pdb_samba_dsdb.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
index 97806c4..97c05c6 100644
--- a/source3/passdb/pdb_samba_dsdb.c
+++ b/source3/passdb/pdb_samba_dsdb.c
@@ -443,10 +443,10 @@ static int pdb_samba_dsdb_replace_by_sam(struct pdb_samba_dsdb_state *state,
invalid_history = true;
} else {
unsigned int i;
- static const uint8_t zeros[16];
/* Parse the history into the correct format */
for (i = 0; i < current_hist_len; i++) {
- if (memcmp(&history[i*PW_HISTORY_ENTRY_LEN], zeros, 16) != 0) {
+ if (!all_zero(&history[i*PW_HISTORY_ENTRY_LEN],
+ 16)) {
/* If the history is in the old format, with a salted hash, then we can't migrate it to AD format */
invalid_history = true;
break;
--
2.1.4
>From cad55a76e6b0544729159620c7fa8a12daa005ac Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 09/22] libcli: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
libcli/samsync/decrypt.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/libcli/samsync/decrypt.c b/libcli/samsync/decrypt.c
index 117151e..66cc915 100644
--- a/libcli/samsync/decrypt.c
+++ b/libcli/samsync/decrypt.c
@@ -44,15 +44,12 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
struct netr_DELTA_USER *user = delta->delta_union.user;
struct samr_Password lm_hash;
struct samr_Password nt_hash;
- unsigned char zero_buf[16];
-
- memset(zero_buf, '\0', sizeof(zero_buf));
/* Note that win2000 may send us all zeros
* for the hashes if it doesn't
* think this channel is secure enough. */
if (user->lm_password_present) {
- if (memcmp(user->lmpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(user->lmpassword.hash, 16)) {
sam_rid_crypt(rid, user->lmpassword.hash, lm_hash.hash, 0);
} else {
memset(lm_hash.hash, '\0', sizeof(lm_hash.hash));
@@ -61,7 +58,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
}
if (user->nt_password_present) {
- if (memcmp(user->ntpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(user->ntpassword.hash, 16)) {
sam_rid_crypt(rid, user->ntpassword.hash, nt_hash.hash, 0);
} else {
memset(nt_hash.hash, '\0', sizeof(nt_hash.hash));
@@ -90,8 +87,8 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
* for the hashes if it doesn't
* think this channel is secure enough. */
if (keys.keys.keys2.lmpassword.length == 16) {
- if (memcmp(keys.keys.keys2.lmpassword.pwd.hash,
- zero_buf, 16) != 0) {
+ if (!all_zero(keys.keys.keys2.lmpassword.pwd.hash,
+ 16)) {
sam_rid_crypt(rid,
keys.keys.keys2.lmpassword.pwd.hash,
lm_hash.hash, 0);
@@ -102,8 +99,8 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
user->lm_password_present = true;
}
if (keys.keys.keys2.ntpassword.length == 16) {
- if (memcmp(keys.keys.keys2.ntpassword.pwd.hash,
- zero_buf, 16) != 0) {
+ if (!all_zero(keys.keys.keys2.ntpassword.pwd.hash,
+ 16)) {
sam_rid_crypt(rid,
keys.keys.keys2.ntpassword.pwd.hash,
nt_hash.hash, 0);
--
2.1.4
>From cacc8a2efe8342bff8729356882c310778e9ec97 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 10/22] librpc: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
librpc/ndr/ndr_sec_helper.c | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/librpc/ndr/ndr_sec_helper.c b/librpc/ndr/ndr_sec_helper.c
index ea082d1..ecc0511 100644
--- a/librpc/ndr/ndr_sec_helper.c
+++ b/librpc/ndr/ndr_sec_helper.c
@@ -128,13 +128,9 @@ size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags)
size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags)
{
- struct dom_sid zero_sid;
-
if (!sid) return 0;
- ZERO_STRUCT(zero_sid);
-
- if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
+ if (all_zero((const uint8_t *)sid, sizeof(struct dom_sid))) {
return 0;
}
@@ -287,8 +283,6 @@ enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct
*/
enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid)
{
- struct dom_sid zero_sid;
-
if (!(ndr_flags & NDR_SCALARS)) {
return NDR_ERR_SUCCESS;
}
@@ -297,9 +291,7 @@ enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const s
return NDR_ERR_SUCCESS;
}
- ZERO_STRUCT(zero_sid);
-
- if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) {
+ if (all_zero((const uint8_t *)sid, sizeof(struct dom_sid))) {
return NDR_ERR_SUCCESS;
}
--
2.1.4
>From e978691c41697ccf6a4990dec8fae802ccb575ce Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 11/22] auth: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/auth/check_samsec.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index cbcde08..7347ed1 100644
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -322,7 +322,6 @@ static bool need_to_increment_bad_pw_count(
username = pdb_get_username(sampass);
for (i=1; i < MIN(MIN(3, policy_pwhistory_len), pwhistory_len); i++) {
- static const uint8_t zero16[SALTED_MD5_HASH_LEN];
const uint8_t *salt;
const uint8_t *nt_pw;
NTSTATUS status;
@@ -332,12 +331,12 @@ static bool need_to_increment_bad_pw_count(
salt = &pwhistory[i*PW_HISTORY_ENTRY_LEN];
nt_pw = salt + PW_HISTORY_SALT_LEN;
- if (memcmp(zero16, nt_pw, NT_HASH_LEN) == 0) {
+ if (!all_zero(nt_pw, NT_HASH_LEN)) {
/* skip zero password hash */
continue;
}
- if (memcmp(zero16, salt, PW_HISTORY_SALT_LEN) != 0) {
+ if (!all_zero(salt, PW_HISTORY_SALT_LEN)) {
/* skip nonzero salt (old format entry) */
continue;
}
--
2.1.4
>From 3766f938200405f788deb2e07a1e2ccf734dbfea Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 12/22] libnet: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/libnet/libnet_dssync_passdb.c | 7 ++-----
source3/libnet/libnet_keytab.h | 1 -
source3/libnet/libnet_samsync_display.c | 6 ++----
source3/libnet/libnet_samsync_keytab.c | 2 +-
source3/libnet/libnet_samsync_ldif.c | 7 ++-----
source3/libnet/libnet_samsync_passdb.c | 7 ++-----
6 files changed, 9 insertions(+), 21 deletions(-)
diff --git a/source3/libnet/libnet_dssync_passdb.c b/source3/libnet/libnet_dssync_passdb.c
index 99e65c2..8e2a459 100644
--- a/source3/libnet/libnet_dssync_passdb.c
+++ b/source3/libnet/libnet_dssync_passdb.c
@@ -1105,7 +1105,6 @@ static NTSTATUS sam_account_from_object(struct samu *account,
TALLOC_CTX *mem_ctx = account;
const char *old_string, *new_string;
time_t unix_time, stored_time;
- uchar zero_buf[16];
NTSTATUS status;
NTTIME lastLogon;
@@ -1134,8 +1133,6 @@ static NTSTATUS sam_account_from_object(struct samu *account,
uint32_t acct_flags;
uint32_t units_per_week;
- memset(zero_buf, '\0', sizeof(zero_buf));
-
objectSid = cur->object.identifier->sid;
GET_STRING_EX(sAMAccountName, true);
DEBUG(0,("sam_account_from_object(%s, %s) start\n",
@@ -1329,11 +1326,11 @@ static NTSTATUS sam_account_from_object(struct samu *account,
think this channel is secure enough - don't set the passwords at all
in that case
*/
- if (dBCSPwd.length == 16 && memcmp(dBCSPwd.data, zero_buf, 16) != 0) {
+ if (dBCSPwd.length == 16 && !all_zero(dBCSPwd.data, 16)) {
pdb_set_lanman_passwd(account, dBCSPwd.data, PDB_CHANGED);
}
- if (unicodePwd.length == 16 && memcmp(unicodePwd.data, zero_buf, 16) != 0) {
+ if (unicodePwd.length == 16 && !all_zero(unicodePwd.data, 16)) {
pdb_set_nt_passwd(account, unicodePwd.data, PDB_CHANGED);
}
diff --git a/source3/libnet/libnet_keytab.h b/source3/libnet/libnet_keytab.h
index 43071ce..df6e957 100644
--- a/source3/libnet/libnet_keytab.h
+++ b/source3/libnet/libnet_keytab.h
@@ -35,7 +35,6 @@ struct libnet_keytab_context {
const char *keytab_name;
struct ads_struct *ads;
const char *dns_domain_name;
- uint8_t zero_buf[16];
uint32_t count;
struct libnet_keytab_entry *entries;
bool clean_old_entries;
diff --git a/source3/libnet/libnet_samsync_display.c b/source3/libnet/libnet_samsync_display.c
index 034a23f..040742d 100644
--- a/source3/libnet/libnet_samsync_display.c
+++ b/source3/libnet/libnet_samsync_display.c
@@ -60,19 +60,17 @@ static void display_account_info(uint32_t rid,
struct netr_DELTA_USER *r)
{
fstring hex_nt_passwd, hex_lm_passwd;
- uchar zero_buf[16];
- memset(zero_buf, '\0', sizeof(zero_buf));
/* Decode hashes from password hash (if they are not NULL) */
- if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->lmpassword.hash, 16)) {
pdb_sethexpwd(hex_lm_passwd, r->lmpassword.hash, r->acct_flags);
} else {
pdb_sethexpwd(hex_lm_passwd, NULL, 0);
}
- if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->ntpassword.hash, 16)) {
pdb_sethexpwd(hex_nt_passwd, r->ntpassword.hash, r->acct_flags);
} else {
pdb_sethexpwd(hex_nt_passwd, NULL, 0);
diff --git a/source3/libnet/libnet_samsync_keytab.c b/source3/libnet/libnet_samsync_keytab.c
index 3f7e895..5c072b9 100644
--- a/source3/libnet/libnet_samsync_keytab.c
+++ b/source3/libnet/libnet_samsync_keytab.c
@@ -76,7 +76,7 @@ static NTSTATUS fetch_sam_entry_keytab(TALLOC_CTX *mem_ctx,
uint32_t kvno = 0;
DATA_BLOB blob;
- if (memcmp(r->ntpassword.hash, ctx->zero_buf, 16) == 0) {
+ if (all_zero(r->ntpassword.hash, 16)) {
return NT_STATUS_OK;
}
diff --git a/source3/libnet/libnet_samsync_ldif.c b/source3/libnet/libnet_samsync_ldif.c
index dafeade..1702316 100644
--- a/source3/libnet/libnet_samsync_ldif.c
+++ b/source3/libnet/libnet_samsync_ldif.c
@@ -652,13 +652,10 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx,
char *flags, *user_rdn;
const char *ou;
const char* nopasswd = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
- uchar zero_buf[16];
uint32_t rid = 0, group_rid = 0, gidNumber = 0;
time_t unix_time;
int i, ret;
- memset(zero_buf, '\0', sizeof(zero_buf));
-
/* Get the username */
fstrcpy(username, r->account_name.string);
@@ -703,12 +700,12 @@ static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx,
fstrcpy(profilepath, r->profile_path.string);
/* Get lm and nt password data */
- if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->lmpassword.hash, 16)) {
pdb_sethexpwd(hex_lm_passwd, r->lmpassword.hash, r->acct_flags);
} else {
pdb_sethexpwd(hex_lm_passwd, NULL, 0);
}
- if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->ntpassword.hash, 16)) {
pdb_sethexpwd(hex_nt_passwd, r->ntpassword.hash, r->acct_flags);
} else {
pdb_sethexpwd(hex_nt_passwd, NULL, 0);
diff --git a/source3/libnet/libnet_samsync_passdb.c b/source3/libnet/libnet_samsync_passdb.c
index 01373de..9ba637e 100644
--- a/source3/libnet/libnet_samsync_passdb.c
+++ b/source3/libnet/libnet_samsync_passdb.c
@@ -47,9 +47,6 @@ static NTSTATUS sam_account_from_delta(struct samu *account,
{
const char *old_string, *new_string;
time_t unix_time, stored_time;
- uchar zero_buf[16];
-
- memset(zero_buf, '\0', sizeof(zero_buf));
/* Username, fullname, home dir, dir drive, logon script, acct
desc, workstations, profile. */
@@ -217,11 +214,11 @@ static NTSTATUS sam_account_from_delta(struct samu *account,
think this channel is secure enough - don't set the passwords at all
in that case
*/
- if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->lmpassword.hash, 16)) {
pdb_set_lanman_passwd(account, r->lmpassword.hash, PDB_CHANGED);
}
- if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
+ if (!all_zero(r->ntpassword.hash, 16)) {
pdb_set_nt_passwd(account, r->ntpassword.hash, PDB_CHANGED);
}
--
2.1.4
>From 627fd0f85da5128365af07e5a9f8f312047b968d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 13/22] librpc: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/librpc/crypto/gse_krb5.c | 38 ++++++++++----------------------------
1 file changed, 10 insertions(+), 28 deletions(-)
diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c
index f7aac9e..83afd16 100644
--- a/source3/librpc/crypto/gse_krb5.c
+++ b/source3/librpc/crypto/gse_krb5.c
@@ -283,13 +283,9 @@ static krb5_error_code fill_mem_keytab_from_secrets(krb5_context krbctx,
}
}
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
- if ((memcmp(&kt_cursor, &zero_csr, sizeof(krb5_kt_cursor)) != 0) && *keytab) {
- krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
- }
- }
+ if (!all_zero((uint8_t *)&kt_cursor, sizeof(kt_cursor)) && *keytab) {
+ krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
+ }
/* keytab is not up to date, fill it up */
@@ -347,13 +343,9 @@ out:
SAFE_FREE(pwd);
SAFE_FREE(pwd_old);
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
- if ((memcmp(&kt_cursor, &zero_csr, sizeof(krb5_kt_cursor)) != 0) && *keytab) {
- krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
- }
- }
+ if (!all_zero((uint8_t *)&kt_cursor, sizeof(kt_cursor)) && *keytab) {
+ krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
+ }
if (princ) {
krb5_free_principal(krbctx, princ);
@@ -495,22 +487,12 @@ out:
TALLOC_FREE(entry_princ_s);
- {
- krb5_keytab_entry zero_kt_entry;
- ZERO_STRUCT(zero_kt_entry);
- if (memcmp(&zero_kt_entry, &kt_entry,
- sizeof(krb5_keytab_entry))) {
- smb_krb5_kt_free_entry(krbctx, &kt_entry);
- }
+ if (!all_zero((uint8_t *)&kt_entry, sizeof(kt_entry))) {
+ smb_krb5_kt_free_entry(krbctx, &kt_entry);
}
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
- if ((memcmp(&kt_cursor, &zero_csr,
- sizeof(krb5_kt_cursor)) != 0) && keytab) {
- krb5_kt_end_seq_get(krbctx, keytab, &kt_cursor);
- }
+ if (!all_zero((uint8_t *)&kt_cursor, sizeof(kt_cursor)) && keytab) {
+ krb5_kt_end_seq_get(krbctx, keytab, &kt_cursor);
}
if (keytab) {
--
2.1.4
>From dff295f24e66c24daafe60886909a8edb2fb01ce Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 14/22] lib: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/krb5_wrap/krb5_samba.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 307be93..f8f3b16 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -1229,17 +1229,13 @@ krb5_error_code smb_krb5_kt_seek_and_delete_old_entries(krb5_context context,
{
krb5_error_code ret;
krb5_kt_cursor cursor;
- krb5_kt_cursor zero_csr;
krb5_keytab_entry kt_entry;
- krb5_keytab_entry zero_kt_entry;
char *ktprinc = NULL;
krb5_kvno old_kvno = kvno - 1;
TALLOC_CTX *tmp_ctx;
ZERO_STRUCT(cursor);
- ZERO_STRUCT(zero_csr);
ZERO_STRUCT(kt_entry);
- ZERO_STRUCT(zero_kt_entry);
ret = krb5_kt_start_seq_get(context, keytab, &cursor);
if (ret == KRB5_KT_END || ret == ENOENT ) {
@@ -1374,10 +1370,10 @@ krb5_error_code smb_krb5_kt_seek_and_delete_old_entries(krb5_context context,
out:
talloc_free(tmp_ctx);
- if (memcmp(&zero_kt_entry, &kt_entry, sizeof(krb5_keytab_entry))) {
+ if (!all_zero((uint8_t *)&kt_entry, sizeof(kt_entry))) {
smb_krb5_kt_free_entry(context, &kt_entry);
}
- if (memcmp(&cursor, &zero_csr, sizeof(krb5_kt_cursor)) != 0) {
+ if (!all_zero((uint8_t *)&cursor, sizeof(cursor))) {
krb5_kt_end_seq_get(context, keytab, &cursor);
}
return ret;
--
2.1.4
>From 07a8a416fbb2cf1120d7fd141ee3d73474085716 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 15/22] libads: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/libads/kerberos_keytab.c | 30 ++++++------------------------
1 file changed, 6 insertions(+), 24 deletions(-)
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 8c7c1c3..3c73b08 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -553,18 +553,10 @@ done:
TALLOC_FREE(frame);
if (context) {
- krb5_keytab_entry zero_kt_entry;
- krb5_kt_cursor zero_csr;
-
- ZERO_STRUCT(zero_kt_entry);
- ZERO_STRUCT(zero_csr);
-
- if (memcmp(&zero_kt_entry, &kt_entry,
- sizeof(krb5_keytab_entry))) {
+ if (!all_zero((uint8_t *)&kt_entry, sizeof(kt_entry))) {
smb_krb5_kt_free_entry(context, &kt_entry);
}
- if ((memcmp(&cursor, &zero_csr,
- sizeof(krb5_kt_cursor)) != 0) && keytab) {
+ if (!all_zero((uint8_t *)&cursor, sizeof(cursor)) && keytab) {
krb5_kt_end_seq_get(context, keytab, &cursor);
}
if (keytab) {
@@ -657,21 +649,11 @@ int ads_keytab_list(const char *keytab_name)
ZERO_STRUCT(cursor);
out:
- {
- krb5_keytab_entry zero_kt_entry;
- ZERO_STRUCT(zero_kt_entry);
- if (memcmp(&zero_kt_entry, &kt_entry,
- sizeof(krb5_keytab_entry))) {
- smb_krb5_kt_free_entry(context, &kt_entry);
- }
+ if (!all_zero((uint8_t *)&kt_entry, sizeof(kt_entry))) {
+ smb_krb5_kt_free_entry(context, &kt_entry);
}
- {
- krb5_kt_cursor zero_csr;
- ZERO_STRUCT(zero_csr);
- if ((memcmp(&cursor, &zero_csr,
- sizeof(krb5_kt_cursor)) != 0) && keytab) {
- krb5_kt_end_seq_get(context, keytab, &cursor);
- }
+ if (!all_zero((uint8_t *)&cursor, sizeof(cursor)) && keytab) {
+ krb5_kt_end_seq_get(context, keytab, &cursor);
}
if (keytab) {
--
2.1.4
>From 897ddae9c695b76bba5fb85b42d7b98ef13dfeb5 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 16/22] samr3: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source3/rpc_server/samr/srv_samr_chgpasswd.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/source3/rpc_server/samr/srv_samr_chgpasswd.c b/source3/rpc_server/samr/srv_samr_chgpasswd.c
index ad4eaa7..ab9e92a 100644
--- a/source3/rpc_server/samr/srv_samr_chgpasswd.c
+++ b/source3/rpc_server/samr/srv_samr_chgpasswd.c
@@ -838,7 +838,6 @@ static bool password_in_history(uint8_t nt_pw[NT_HASH_LEN],
uint32_t pw_history_len,
const uint8_t *pw_history)
{
- static const uint8_t zero_md5_nt_pw[SALTED_MD5_HASH_LEN] = { 0, };
int i;
dump_data(100, nt_pw, NT_HASH_LEN);
@@ -852,15 +851,12 @@ static bool password_in_history(uint8_t nt_pw[NT_HASH_LEN],
current_salt = &pw_history[i*PW_HISTORY_ENTRY_LEN];
old_nt_pw_salted_md5_hash = current_salt + PW_HISTORY_SALT_LEN;
- if (memcmp(zero_md5_nt_pw, old_nt_pw_salted_md5_hash,
- SALTED_MD5_HASH_LEN) == 0) {
+ if (all_zero(old_nt_pw_salted_md5_hash, SALTED_MD5_HASH_LEN)) {
/* Ignore zero valued entries. */
continue;
}
- if (memcmp(zero_md5_nt_pw, current_salt,
- PW_HISTORY_SALT_LEN) == 0)
- {
+ if (all_zero(current_salt, PW_HISTORY_SALT_LEN)) {
/*
* New format: zero salt and then plain nt hash.
* Directly compare the hashes.
--
2.1.4
>From d1f028751d473aec37137e912823c7a3b306e592 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 17/22] kdc: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/kdc/pac-glue.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 99140fc..079030e 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -120,8 +120,6 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
{
enum ndr_err_code ndr_err;
NTSTATUS nt_status;
- int ret;
- static const struct samr_Password zero_hash;
struct samr_Password *lm_hash = NULL;
struct samr_Password *nt_hash = NULL;
struct PAC_CREDENTIAL_NTLM_SECPKG ntlm_secpkg = {
@@ -142,8 +140,8 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
lm_hash = samdb_result_hash(mem_ctx, msg, "dBCSPwd");
if (lm_hash != NULL) {
- ret = memcmp(lm_hash->hash, zero_hash.hash, 16);
- if (ret == 0) {
+ bool zero = all_zero(lm_hash->hash, 16);
+ if (zero) {
lm_hash = NULL;
}
}
@@ -157,8 +155,8 @@ NTSTATUS samba_get_cred_info_ndr_blob(TALLOC_CTX *mem_ctx,
nt_hash = samdb_result_hash(mem_ctx, msg, "unicodePwd");
if (nt_hash != NULL) {
- ret = memcmp(nt_hash->hash, zero_hash.hash, 16);
- if (ret == 0) {
+ bool zero = all_zero(nt_hash->hash, 16);
+ if (zero) {
nt_hash = NULL;
}
}
--
2.1.4
>From b48b7414c71a9c3c093c4666766fe4b4a2db0cd0 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 18/22] auth4: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/auth/ntlm/auth_sam.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 4498193..90eabca 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -289,7 +289,6 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con
}
for (i = 1; i < MIN(history_len, 3); i++) {
- static const struct samr_Password zero_hash;
struct samr_Password zero_string_hash;
struct samr_Password zero_string_des_hash;
struct samr_Password *nt_history_pwd = NULL;
@@ -328,8 +327,8 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con
}
/* Skip over all-zero hashes in the history */
- if (memcmp(nt_history_pwd->hash, zero_hash.hash,
- sizeof(zero_hash.hash)) == 0) {
+ if (all_zero(nt_history_pwd->hash,
+ sizeof(nt_history_pwd->hash))) {
continue;
}
--
2.1.4
>From 714eb40588f66bda449379dd5899946a88911357 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 19/22] torture-dfs: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/torture/dfs/domaindfs.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/source4/torture/dfs/domaindfs.c b/source4/torture/dfs/domaindfs.c
index 4981d0f..ee884f1 100644
--- a/source4/torture/dfs/domaindfs.c
+++ b/source4/torture/dfs/domaindfs.c
@@ -307,9 +307,6 @@ static bool test_getsysvolreferral(struct torture_context *tctx,
const char* str;
struct dfs_GetDFSReferral r, r2, r3;
struct dfs_referral_resp resp, resp2, resp3;
- uint8_t zeros[16];
-
- memset(zeros, 0, sizeof(zeros));
r.in.req.max_referral_level = 3;
r.in.req.servername = "";
@@ -394,8 +391,8 @@ static bool test_getsysvolreferral(struct torture_context *tctx,
talloc_asprintf(tctx,
"Not expected version for referral entry 0 got %d expected 4",
resp3.referral_entries[0].version));
- torture_assert_int_equal(tctx, memcmp(resp3.referral_entries[0].referral.v3.service_site_guid.value, zeros, 16), 0,
- talloc_asprintf(tctx,
+ torture_assert(tctx, all_zero(resp3.referral_entries[0].referral.v3.service_site_guid.value, 16),
+ talloc_asprintf(tctx,
"Service_site_guid is not NULL as expected"));
#if 0
/* Shouldn't be needed anymore*/
--
2.1.4
>From 08a9481c8caaaafc20c35b2a908252731290ef92 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 20/22] torture-samlogon: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/torture/rpc/samlogon.c | 13 +++----------
1 file changed, 3 insertions(+), 10 deletions(-)
diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c
index cefc4f5..bd42ec9 100644
--- a/source4/torture/rpc/samlogon.c
+++ b/source4/torture/rpc/samlogon.c
@@ -921,14 +921,11 @@ static bool test_lmv2_ntlm_broken(struct samlogon_state *samlogon_state,
pass = false;
}
} else {
- static const uint8_t zeros[8];
- if (memcmp(zeros, lm_session_key,
- sizeof(lm_session_key)) != 0) {
+ if (!all_zero(lm_session_key,
+ sizeof(lm_session_key))) {
torture_comment(samlogon_state->tctx, "LM Session Key does not match expectations (zeros)!\n");
torture_comment(samlogon_state->tctx, "lm_session_key:\n");
dump_data(1, lm_session_key, 8);
- torture_comment(samlogon_state->tctx, "expected:\n");
- dump_data(1, zeros, 8);
pass = false;
}
}
@@ -1176,14 +1173,10 @@ static bool test_ntlm2(struct samlogon_state *samlogon_state, char **error_strin
pass = false;
}
} else {
- static const uint8_t zeros[8];
- if (memcmp(zeros, lm_key,
- sizeof(lm_key)) != 0) {
+ if (!all_zero(lm_key, sizeof(lm_key))) {
torture_comment(samlogon_state->tctx, "LM Session Key does not match expectations (zeros)!\n");
torture_comment(samlogon_state->tctx, "lm_key:\n");
dump_data(1, lm_key, 8);
- torture_comment(samlogon_state->tctx, "expected:\n");
- dump_data(1, zeros, 8);
pass = false;
}
}
--
2.1.4
>From ad5f298b39f2b8e0e4a6d347eb31bf606af7ad3a Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sun, 1 Jan 2017 16:28:36 +0000
Subject: [PATCH 21/22] torture-samlogon: Avoid static zeros
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/torture/rpc/samlogon.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c
index bd42ec9..d8a1c29 100644
--- a/source4/torture/rpc/samlogon.c
+++ b/source4/torture/rpc/samlogon.c
@@ -1203,8 +1203,7 @@ static bool test_plaintext(struct samlogon_state *samlogon_state, enum ntlm_brea
uint8_t user_session_key[16];
uint8_t lm_key[16];
uint8_t lm_hash[16];
- static const uint8_t zeros[8];
- DATA_BLOB chall = data_blob_talloc(samlogon_state->mem_ctx, zeros, sizeof(zeros));
+ DATA_BLOB chall = data_blob_talloc_zero(samlogon_state->mem_ctx, 8);
bool lm_good = E_deshash(samlogon_state->password, lm_hash);
ZERO_STRUCT(user_session_key);
--
2.1.4
>From 1bdbf238ebf2003283c03dd7a93a2dec00a6f1d2 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Sat, 31 Dec 2016 12:45:51 +0000
Subject: [PATCH 22/22] torture-netlogon: Use "all_zero" where appropriate
... Saves a few bytes of footprint
Signed-off-by: Volker Lendecke <vl at samba.org>
---
source4/torture/rpc/netlogon.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 1d24f07..455fce6 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -932,7 +932,6 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
NTSTATUS status;
struct netr_LogonSamLogon r;
struct netr_Authenticator auth, auth2;
- static const struct netr_Authenticator auth_zero;
union netr_LogonLevel logon;
union netr_Validation validation;
uint8_t authoritative;
@@ -1032,7 +1031,7 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
torture_assert_int_equal(tctx, *r.out.authoritative, 1,
"LogonSamLogon invalid *r.out.authoritative");
torture_assert(tctx,
- memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+ all_zero((uint8_t *)&auth2, sizeof(auth2)),
"Return authenticator non zero");
}
@@ -1070,7 +1069,7 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
"LogonSamLogon expected INVALID_PARAMETER");
torture_assert(tctx,
- memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+ all_zero((uint8_t *)&auth2, sizeof(auth2)),
"Return authenticator non zero");
torture_assert_int_equal(tctx, *r.out.authoritative, 1,
"LogonSamLogon invalid *r.out.authoritative");
@@ -1091,7 +1090,7 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
"LogonSamLogon expected INVALID_PARAMETER");
torture_assert(tctx,
- memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+ all_zero((uint8_t *)&auth2, sizeof(auth2)),
"Return authenticator non zero");
torture_assert_int_equal(tctx, *r.out.authoritative, 1,
"LogonSamLogon invalid *r.out.authoritative");
--
2.1.4
More information about the samba-technical
mailing list