diff options
-rw-r--r-- | source3/auth/auth_util.c | 9 | ||||
-rw-r--r-- | source3/libsmb/ntlm_check.c | 5 | ||||
-rw-r--r-- | source3/libsmb/ntlmssp.c | 7 | ||||
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 10 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 14 |
5 files changed, 31 insertions, 14 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 3f65e6b126..fea1b2d761 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1103,7 +1103,7 @@ static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_inf struct samu *sampass = NULL; DOM_SID guest_sid; bool ret; - static const char zeros[16] = { 0, }; + char zeros[16]; if ( !(sampass = samu_new( NULL )) ) { return NT_STATUS_NO_MEMORY; @@ -1138,6 +1138,7 @@ static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_inf /* annoying, but the Guest really does have a session key, and it is all zeros! */ + ZERO_STRUCT(zeros); (*server_info)->user_session_key = data_blob(zeros, sizeof(zeros)); (*server_info)->lm_session_key = data_blob(zeros, sizeof(zeros)); @@ -1420,7 +1421,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, auth_serversupplied_info **server_info, NET_USER_INFO_3 *info3) { - static const char zeros[16] = { 0, }; + char zeros[16]; NTSTATUS nt_status = NT_STATUS_OK; char *found_username = NULL; @@ -1624,7 +1625,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, &(info3->uni_logon_srv)); /* ensure we are never given NULL session keys */ - + + ZERO_STRUCT(zeros); + if (memcmp(info3->user_sess_key, zeros, sizeof(zeros)) == 0) { result->user_session_key = data_blob_null; } else { diff --git a/source3/libsmb/ntlm_check.c b/source3/libsmb/ntlm_check.c index f8ed044f8a..ae10d7373d 100644 --- a/source3/libsmb/ntlm_check.c +++ b/source3/libsmb/ntlm_check.c @@ -182,7 +182,10 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx, DATA_BLOB *user_sess_key, DATA_BLOB *lm_sess_key) { - static const unsigned char zeros[8] = { 0, }; + unsigned char zeros[8]; + + ZERO_STRUCT(zeros); + if (nt_pw == NULL) { DEBUG(3,("ntlm_password_check: NO NT password stored for user %s.\n", username)); diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index ed08e8102b..35c20ed647 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -823,7 +823,8 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, session_key.data); DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n")); } else { - static const uint8 zeros[24] = { 0, }; + uint8 zeros[24]; + ZERO_STRUCT(zeros); session_key = data_blob_talloc( ntlmssp_state->mem_ctx, NULL, 16); if (session_key.data == NULL) { @@ -1066,9 +1067,11 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, } if (!ntlmssp_state->nt_hash || !ntlmssp_state->lm_hash) { - static const uchar zeros[16] = { 0, }; + uchar zeros[16]; /* do nothing - blobs are zero length */ + ZERO_STRUCT(zeros); + /* session key is all zeros */ session_key = data_blob_talloc(ntlmssp_state->mem_ctx, zeros, 16); diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 26d2124da0..e192e4ca26 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -978,11 +978,12 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, int validation_level = 3; const char *workstation_name_slash; const char *server_name_slash; - static uint8 zeros[16]; + uint8 zeros[16]; DOM_CRED clnt_creds; DOM_CRED ret_creds; int i; - + + ZERO_STRUCT(zeros); ZERO_STRUCT(q); ZERO_STRUCT(r); ZERO_STRUCT(ret_creds); @@ -1084,9 +1085,10 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, int validation_level = 3; const char *workstation_name_slash; const char *server_name_slash; - static uint8 zeros[16]; + uint8 zeros[16]; int i; - + + ZERO_STRUCT(zeros); ZERO_STRUCT(q); ZERO_STRUCT(r); diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 23dae9f3a1..638d71a73e 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -1544,9 +1544,11 @@ static void schannel_digest(struct schannel_auth_struct *a, uchar digest_final[16]) { uchar whole_packet_digest[16]; - static const uchar zeros[4] = { 0, }; + uchar zeros[4]; struct MD5Context ctx3; - + + ZERO_STRUCT(zeros); + /* verfiy the signature on the packet by MD5 over various bits */ MD5Init(&ctx3); /* use our sequence number, which ensures the packet is not @@ -1573,11 +1575,13 @@ static void schannel_get_sealing_key(struct schannel_auth_struct *a, RPC_AUTH_SCHANNEL_CHK *verf, uchar sealing_key[16]) { - static const uchar zeros[4] = { 0, }; + uchar zeros[4]; uchar digest2[16]; uchar sess_kf0[16]; int i; + ZERO_STRUCT(zeros); + for (i = 0; i < sizeof(sess_kf0); i++) { sess_kf0[i] = a->sess_key[i] ^ 0xf0; } @@ -1600,10 +1604,12 @@ static void schannel_get_sealing_key(struct schannel_auth_struct *a, static void schannel_deal_with_seq_num(struct schannel_auth_struct *a, RPC_AUTH_SCHANNEL_CHK *verf) { - static const uchar zeros[4] = { 0, }; + uchar zeros[4]; uchar sequence_key[16]; uchar digest1[16]; + ZERO_STRUCT(zeros); + hmac_md5(a->sess_key, zeros, sizeof(zeros), digest1); dump_data_pw("(sequence key) digest1:\n", digest1, sizeof(digest1)); |