diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-07-15 17:45:48 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-07-20 09:17:11 +1000 |
commit | eea444f4655a954c238991eccd742337535d3fcc (patch) | |
tree | 88211d303f4e35f3fcc39d040fc5c57c3a2938d7 /source3 | |
parent | 058f5e60c5e3a9ac91a1d28b3165f84252cfecad (diff) | |
download | samba-eea444f4655a954c238991eccd742337535d3fcc.tar.gz samba-eea444f4655a954c238991eccd742337535d3fcc.tar.bz2 samba-eea444f4655a954c238991eccd742337535d3fcc.zip |
s3-auth: Remove unused lm_session_key from auth3_session_info
The long term authorization state needs only the final, negotiated
session key, and not the original LM key that may possibly have been
an input.
The special case of the guest account simply needs both values filled
back in with the zeros to avoid changing behaviour in the cached
server_info.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth_util.c | 15 | ||||
-rw-r--r-- | source3/include/auth.h | 1 |
2 files changed, 5 insertions, 11 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 6a4e71f77e..acef47907f 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -820,7 +820,6 @@ static NTSTATUS make_new_session_info_guest(struct auth3_session_info **session_ /* annoying, but the Guest really does have a session key, and it is all zeros! */ (*session_info)->session_key = data_blob(zeros, sizeof(zeros)); - (*session_info)->lm_session_key = data_blob(zeros, sizeof(zeros)); alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string, ". _-$", sizeof(tmp)); @@ -908,7 +907,7 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx, return status; } - +/* This function MUST only used to create the cached server_info for guest */ static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX *mem_ctx, const struct auth3_session_info *src) { @@ -949,8 +948,10 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX dst->session_key = data_blob_talloc( dst, src->session_key.data, src->session_key.length); - dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data, - src->lm_session_key.length); + /* This is OK because this functions is only used for the + * GUEST account, which has all-zero keys for both values */ + dst->lm_session_key = data_blob_talloc(dst, src->session_key.data, + src->session_key.length); dst->info3 = copy_netr_SamInfo3(dst, src->info3); if (!dst->info3) { @@ -1011,9 +1012,6 @@ static struct auth3_session_info *copy_serverinfo_session_info(TALLOC_CTX *mem_c dst->session_key = data_blob_talloc( dst, src->session_key.data, src->session_key.length); - dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data, - src->lm_session_key.length); - dst->info3 = copy_netr_SamInfo3(dst, src->info3); if (!dst->info3) { TALLOC_FREE(dst); @@ -1086,9 +1084,6 @@ struct auth3_session_info *copy_session_info(TALLOC_CTX *mem_ctx, dst->session_key = data_blob_talloc( dst, src->session_key.data, src->session_key.length); - dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data, - src->lm_session_key.length); - dst->info3 = copy_netr_SamInfo3(dst, src->info3); if (!dst->info3) { TALLOC_FREE(dst); diff --git a/source3/include/auth.h b/source3/include/auth.h index 8d95fb4ebb..1c1fb36200 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -93,7 +93,6 @@ struct auth3_session_info { */ DATA_BLOB session_key; - DATA_BLOB lm_session_key; struct netr_SamInfo3 *info3; |