summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-15 17:45:48 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-07-20 09:17:11 +1000
commiteea444f4655a954c238991eccd742337535d3fcc (patch)
tree88211d303f4e35f3fcc39d040fc5c57c3a2938d7 /source3
parent058f5e60c5e3a9ac91a1d28b3165f84252cfecad (diff)
downloadsamba-eea444f4655a954c238991eccd742337535d3fcc.tar.gz
samba-eea444f4655a954c238991eccd742337535d3fcc.tar.bz2
samba-eea444f4655a954c238991eccd742337535d3fcc.zip
s3-auth: Remove unused lm_session_key from auth3_session_info
The long term authorization state needs only the final, negotiated session key, and not the original LM key that may possibly have been an input. The special case of the guest account simply needs both values filled back in with the zeros to avoid changing behaviour in the cached server_info. Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_util.c15
-rw-r--r--source3/include/auth.h1
2 files changed, 5 insertions, 11 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 6a4e71f77e..acef47907f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -820,7 +820,6 @@ static NTSTATUS make_new_session_info_guest(struct auth3_session_info **session_
/* annoying, but the Guest really does have a session key, and it is
all zeros! */
(*session_info)->session_key = data_blob(zeros, sizeof(zeros));
- (*session_info)->lm_session_key = data_blob(zeros, sizeof(zeros));
alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string,
". _-$", sizeof(tmp));
@@ -908,7 +907,7 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx,
return status;
}
-
+/* This function MUST only used to create the cached server_info for guest */
static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX *mem_ctx,
const struct auth3_session_info *src)
{
@@ -949,8 +948,10 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX
dst->session_key = data_blob_talloc( dst, src->session_key.data,
src->session_key.length);
- dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
- src->lm_session_key.length);
+ /* This is OK because this functions is only used for the
+ * GUEST account, which has all-zero keys for both values */
+ dst->lm_session_key = data_blob_talloc(dst, src->session_key.data,
+ src->session_key.length);
dst->info3 = copy_netr_SamInfo3(dst, src->info3);
if (!dst->info3) {
@@ -1011,9 +1012,6 @@ static struct auth3_session_info *copy_serverinfo_session_info(TALLOC_CTX *mem_c
dst->session_key = data_blob_talloc( dst, src->session_key.data,
src->session_key.length);
- dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
- src->lm_session_key.length);
-
dst->info3 = copy_netr_SamInfo3(dst, src->info3);
if (!dst->info3) {
TALLOC_FREE(dst);
@@ -1086,9 +1084,6 @@ struct auth3_session_info *copy_session_info(TALLOC_CTX *mem_ctx,
dst->session_key = data_blob_talloc( dst, src->session_key.data,
src->session_key.length);
- dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
- src->lm_session_key.length);
-
dst->info3 = copy_netr_SamInfo3(dst, src->info3);
if (!dst->info3) {
TALLOC_FREE(dst);
diff --git a/source3/include/auth.h b/source3/include/auth.h
index 8d95fb4ebb..1c1fb36200 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -93,7 +93,6 @@ struct auth3_session_info {
*/
DATA_BLOB session_key;
- DATA_BLOB lm_session_key;
struct netr_SamInfo3 *info3;