sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-01 05:47:28 +03:00
Code

s3:libsmb: let the callers only pass the password string to cli_session_setup[_send]()

Browse Source 
There're no callers which tried to pass raw {lm,nt}_response any more.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-10-25 11:31:07 +02:00 committed by Andreas Schneider
parent d6d8893d56
commit 482d3b35e9
12 changed files with 50 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
source3/client/client.c
View File

@ -4575,8 +4575,7 @@ static int cmd_logon(void)
}
nt_status = cli_session_setup(cli, l_username,
l_password, strlen(l_password),
l_password, strlen(l_password),
l_password,
lp_workgroup());
if (!NT_STATUS_IS_OK(nt_status)) {
d_printf("session setup failed: %s\n", nt_errstr(nt_status));

3
source3/client/smbspool.c
View File

@ -425,8 +425,7 @@ smb_complete_connection(const char *myname,
}
nt_status = cli_session_setup(cli, username,
password, strlen(password) + 1,
password, strlen(password) + 1,
password,
workgroup);
if (!NT_STATUS_IS_OK(nt_status)) {
fprintf(stderr, "ERROR: Session setup failed: %s\n", nt_errstr(nt_status));

28
source3/libsmb/cliconnect.c
View File

@ -2010,8 +2010,7 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct cli_state *cli,
const char *user,
const char *pass, int passlen,
const char *ntpass, int ntpasslen,
const char *pass,
const char *workgroup)
{
struct tevent_req *req, *subreq;
@ -2019,6 +2018,18 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
char *p;
char *user2;
uint16_t sec_mode = smb1cli_conn_server_security_mode(cli->conn);
int passlen = 0;
if (pass != NULL) {
passlen = strlen(pass);
if (passlen > 0) {
/*
* If we have a realm password
* we include the terminating '\0'
*/
passlen += 1;
}
}
req = tevent_req_create(mem_ctx, &state,
struct cli_session_setup_state);
@ -2178,7 +2189,7 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
}
subreq = cli_session_setup_nt1_send(
state, ev, cli, user, pass, passlen, ntpass, ntpasslen,
state, ev, cli, user, pass, passlen, pass, passlen,
workgroup);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
@ -2277,8 +2288,7 @@ NTSTATUS cli_session_setup_recv(struct tevent_req *req)
NTSTATUS cli_session_setup(struct cli_state *cli,
const char *user,
const char *pass, int passlen,
const char *ntpass, int ntpasslen,
const char *pass,
const char *workgroup)
{
struct tevent_context *ev;
@ -2292,8 +2302,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
if (ev == NULL) {
goto fail;
}
req = cli_session_setup_send(ev, ev, cli, user, pass, passlen,
ntpass, ntpasslen, workgroup);
req = cli_session_setup_send(ev, ev, cli, user, pass, workgroup);
if (req == NULL) {
goto fail;
}
@ -3437,8 +3446,7 @@ static void cli_full_connection_started(struct tevent_req *subreq)
}
subreq = cli_session_setup_send(
state, state->ev, state->cli, state->user,
state->password, state->pw_len, state->password, state->pw_len,
state->domain);
state->password, state->domain);
if (tevent_req_nomem(subreq, req)) {
return;
}
@ -3462,7 +3470,7 @@ static void cli_full_connection_sess_set_up(struct tevent_req *subreq)
state->flags &= ~CLI_FULL_CONNECTION_ANONYMOUS_FALLBACK;
subreq = cli_session_setup_send(
state, state->ev, state->cli, "", "", 0, "", 0,
state, state->ev, state->cli, "", "",
state->domain);
if (tevent_req_nomem(subreq, req)) {
return;

7
source3/libsmb/clidfs.c
View File

@ -196,17 +196,14 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
}
status = cli_session_setup(c, username,
password, strlen(password),
password, strlen(password),
password,
domain);
if (!NT_STATUS_IS_OK(status)) {
/* If a password was not supplied then
* try again with a null username. */
if (password[0] || !username[0] ||
get_cmdline_auth_info_use_kerberos(auth_info) ||
!NT_STATUS_IS_OK(status = cli_session_setup(c, "",
"", 0,
"", 0,
!NT_STATUS_IS_OK(status = cli_session_setup(c, "", "",
lp_workgroup()))) {
d_printf("session setup failed: %s\n",
nt_errstr(status));

21
source3/libsmb/libsmb_server.c
View File

@ -274,7 +274,8 @@ SMBC_server_internal(TALLOC_CTX *ctx,
const char *server_n = server;
int is_ipc = (share != NULL && strcmp(share, "IPC$") == 0);
uint32_t fs_attrs = 0;
const char *username_used;
const char *username_used = NULL;
const char *password_used = NULL;
NTSTATUS status;
char *newserver, *newshare;
int flags = 0;
@ -491,22 +492,20 @@ SMBC_server_internal(TALLOC_CTX *ctx,
smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS);
}
username_used = *pp_username;
username_used = *pp_username;
password_used = *pp_password;
if (!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
*pp_password,
strlen(*pp_password),
*pp_password,
strlen(*pp_password),
password_used,
*pp_workgroup))) {
/* Failed. Try an anonymous login, if allowed by flags. */
username_used = "";
username_used = "";
password_used = "";
if (smbc_getOptionNoAutoAnonymousLogin(context) ||
!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
*pp_password, 1,
*pp_password, 0,
!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
password_used,
*pp_workgroup))) {
cli_shutdown(c);
@ -593,7 +592,7 @@ SMBC_server_internal(TALLOC_CTX *ctx,
/* Attempt UNIX smb encryption. */
if (!NT_STATUS_IS_OK(cli_force_encryption(c,
username_used,
*pp_password,
password_used,
*pp_workgroup))) {
/*

5
source3/libsmb/passchange.c
View File

@ -84,8 +84,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
/* Given things like SMB signing, restrict anonymous and the like,
try an authenticated connection first */
result = cli_session_setup(cli, user_name,
old_passwd, strlen(old_passwd)+1,
old_passwd, strlen(old_passwd)+1, "");
old_passwd, "");
if (!NT_STATUS_IS_OK(result)) {
@ -112,7 +111,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
* Thanks to <Nicholas.S.Jenkins@cdc.com> for this fix.
*/
result = cli_session_setup(cli, "", "", 0, "", 0, "");
result = cli_session_setup(cli, "", "", "");
if (!NT_STATUS_IS_OK(result)) {
if (asprintf(err_str, "machine %s rejected the session "

6
source3/libsmb/proto.h
View File

@ -37,14 +37,12 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct cli_state *cli,
const char *user,
const char *pass, int passlen,
const char *ntpass, int ntpasslen,
const char *pass,
const char *workgroup);
NTSTATUS cli_session_setup_recv(struct tevent_req *req);
NTSTATUS cli_session_setup(struct cli_state *cli,
const char *user,
const char *pass, int passlen,
const char *ntpass, int ntpasslen,
const char *pass,
const char *workgroup);
struct tevent_req *cli_session_setup_guest_create(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,

2
source3/nmbd/nmbd_synclists.c
View File

@ -95,7 +95,7 @@ static void sync_child(char *name, int nm_type,
return;
}
if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 1, "", 0,
if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "",
workgroup))) {
cli_shutdown(cli);
return;

3
source3/torture/masktest.c
View File

@ -208,8 +208,7 @@ static struct cli_state *connect_one(char *share)
}
status = cli_session_setup(c, username,
password, strlen(password),
password, strlen(password),
password,
lp_workgroup());
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("session setup failed: %s\n", nt_errstr(status)));

15
source3/torture/test_smb2.c
View File

@ -58,8 +58,7 @@ bool run_smb2_basic(int dummy)
}
status = cli_session_setup(cli, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("cli_session_setup returned %s\n", nt_errstr(status));
@ -333,8 +332,7 @@ bool run_smb2_session_reconnect(int dummy)
}
status = cli_session_setup(cli1, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("cli_session_setup returned %s\n", nt_errstr(status));
@ -755,8 +753,7 @@ bool run_smb2_tcon_dependence(int dummy)
}
status = cli_session_setup(cli, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("cli_session_setup returned %s\n", nt_errstr(status));
@ -910,8 +907,7 @@ bool run_smb2_multi_channel(int dummy)
}
status = cli_session_setup(cli1, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("smb2cli_sesssetup returned %s\n", nt_errstr(status));
@ -1503,8 +1499,7 @@ bool run_smb2_session_reauth(int dummy)
}
status = cli_session_setup(cli, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("smb2cli_sesssetup returned %s\n", nt_errstr(status));

20
source3/torture/torture.c
View File

@ -413,14 +413,12 @@ bool torture_init_connection(struct cli_state **pcli)
bool torture_cli_session_setup2(struct cli_state *cli, uint16_t *new_vuid)
{
uint16_t old_vuid = cli_state_get_uid(cli);
size_t passlen = strlen(password);
NTSTATUS status;
bool ret;
cli_state_set_uid(cli, 0);
status = cli_session_setup(cli, username,
password, passlen,
password, passlen,
password,
workgroup);
ret = NT_STATUS_IS_OK(status);
*new_vuid = cli_state_get_uid(cli);
@ -7115,7 +7113,7 @@ static bool run_error_map_extract(int dummy) {
return False;
}
status = cli_session_setup(c_nt, "", "", 0, "", 0, workgroup);
status = cli_session_setup(c_nt, "", "", workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("%s rejected the NT-error initial session setup (%s)\n",host, nt_errstr(status));
return False;
@ -7142,7 +7140,7 @@ static bool run_error_map_extract(int dummy) {
return False;
}
status = cli_session_setup(c_dos, "", "", 0, "", 0, workgroup);
status = cli_session_setup(c_dos, "", "", workgroup);
if (!NT_STATUS_IS_OK(status)) {
printf("%s rejected the DOS-error initial session setup (%s)\n",
host, nt_errstr(status));
@ -7156,8 +7154,7 @@ static bool run_error_map_extract(int dummy) {
fstr_sprintf(user, "%X", error);
status = cli_session_setup(c_nt, user,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (NT_STATUS_IS_OK(status)) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
@ -7173,8 +7170,7 @@ static bool run_error_map_extract(int dummy) {
}
status = cli_session_setup(c_dos, user,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (NT_STATUS_IS_OK(status)) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
@ -7227,8 +7223,7 @@ static bool run_sesssetup_bench(int dummy)
for (i=0; i<torture_numops; i++) {
status = cli_session_setup(
c, username,
password, strlen(password),
password, strlen(password),
password,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) cli_session_setup failed: %s\n",
@ -8168,9 +8163,6 @@ static bool run_large_readx(int dummy)
status = cli_session_setup(cli2,
username,
password,
strlen(password)+1,
password,
strlen(password)+1,
workgroup);
if (!NT_STATUS_IS_OK(status)) {
goto out;

11
source3/winbindd/winbindd_cm.c
View File

@ -1129,9 +1129,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
result = cli_session_setup(*cli,
machine_krb5_principal,
machine_password,
strlen(machine_password)+1,
machine_password,
strlen(machine_password)+1,
machine_domain);
if (NT_STATUS_IS_OK(result)) {
@ -1153,9 +1150,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
result = cli_session_setup(*cli,
machine_account,
machine_password,
strlen(machine_password)+1,
machine_password,
strlen(machine_password)+1,
machine_domain);
}
@ -1219,9 +1213,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
result = cli_session_setup(*cli,
machine_account,
machine_password,
strlen(machine_password)+1,
machine_password,
strlen(machine_password)+1,
machine_domain);
if (NT_STATUS_IS_OK(result)) {
@ -1260,7 +1251,7 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
(*cli)->use_kerberos = False;
result = cli_session_setup(*cli, "", "", 0, "", 0, "");
result = cli_session_setup(*cli, "", "", "");
if (NT_STATUS_IS_OK(result)) {
DEBUG(5, ("Connected anonymously\n"));
goto session_setup_done;