libcli: Pass buf/len to smb2_negotiate_context_add

Every caller did a data_blob_const() right before calling
smb2_negotiate_context_add(). Avoid that.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Feb 25 21:07:22 CET 2019 on sn-devel-144

libcli/smb/smb2_negotiate_context.c

@@ -39,7 +39,6 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
 	while (true) {
 		uint16_t data_length;
 		uint16_t type;
-		DATA_BLOB b;
 		NTSTATUS status;
 		size_t pad;
 		uint32_t next_offset;
@@ -58,8 +57,8 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 
-		b = data_blob_const(data+0x08, data_length);
-		status = smb2_negotiate_context_add(mem_ctx, contexts, type, b);
+		status = smb2_negotiate_context_add(
+			mem_ctx, contexts, type, data+0x08, data_length);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}
@@ -148,8 +147,11 @@ NTSTATUS smb2_negotiate_context_push(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
 	return NT_STATUS_OK;
 }
 
-NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_contexts *c,
-				    uint16_t type, DATA_BLOB data)
+NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx,
+				    struct smb2_negotiate_contexts *c,
+				    uint16_t type,
+				    const uint8_t *buf,
+				    size_t buflen)
 {
 	struct smb2_negotiate_context *array;
 
@@ -161,10 +163,9 @@ NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_c
 
 	c->contexts[c->num_contexts].type = type;
 
-	if (data.data) {
-		c->contexts[c->num_contexts].data = data_blob_talloc(c->contexts,
-								     data.data,
-								     data.length);
+	if (buf != NULL) {
+		c->contexts[c->num_contexts].data = data_blob_talloc(
+			c->contexts, buf, buflen);
 		NT_STATUS_HAVE_NO_MEMORY(c->contexts[c->num_contexts].data.data);
 	} else {
 		c->contexts[c->num_contexts].data = data_blob_null;

libcli/smb/smb2_negotiate_context.h

@@ -42,8 +42,11 @@ NTSTATUS smb2_negotiate_context_parse(TALLOC_CTX *mem_ctx, const DATA_BLOB buffe
 NTSTATUS smb2_negotiate_context_push(TALLOC_CTX *mem_ctx, DATA_BLOB *buffer,
 			       const struct smb2_negotiate_contexts contexts);
 
-NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx, struct smb2_negotiate_contexts *c,
-				    uint16_t type, DATA_BLOB data);
+NTSTATUS smb2_negotiate_context_add(TALLOC_CTX *mem_ctx,
+				    struct smb2_negotiate_contexts *c,
+				    uint16_t type,
+				    const uint8_t *buf,
+				    size_t buflen);
 
 /*
  * return the first context with the given tag

libcli/smb/smbXcli_base.c

@@ -4768,9 +4768,8 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
 		SSVAL(p, 4, SMB2_PREAUTH_INTEGRITY_SHA512);
 		generate_random_buffer(p + 6, 32);
 
-		b = data_blob_const(p, 38);
-		status = smb2_negotiate_context_add(state, &c,
-					SMB2_PREAUTH_INTEGRITY_CAPABILITIES, b);
+		status = smb2_negotiate_context_add(
+			state, &c, SMB2_PREAUTH_INTEGRITY_CAPABILITIES, p, 38);
 		if (!NT_STATUS_IS_OK(status)) {
 			return NULL;
 		}
@@ -4783,9 +4782,8 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
 		SSVAL(p, 2, SMB2_ENCRYPTION_AES128_CCM);
 		SSVAL(p, 4, SMB2_ENCRYPTION_AES128_GCM);
 
-		b = data_blob_const(p, 6);
-		status = smb2_negotiate_context_add(state, &c,
-					SMB2_ENCRYPTION_CAPABILITIES, b);
+		status = smb2_negotiate_context_add(
+			state, &c, SMB2_ENCRYPTION_CAPABILITIES, p, 6);
 		if (!NT_STATUS_IS_OK(status)) {
 			return NULL;
 		}

source3/smbd/smb2_negprot.c

@@ -388,7 +388,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 		uint16_t selected_preauth = 0;
 		const uint8_t *p;
 		uint8_t buf[38];
-		DATA_BLOB b;
 		size_t i;
 
 		if (in_preauth->data.length < needed) {
@@ -435,9 +434,12 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 		SSVAL(buf, 4, selected_preauth);
 		generate_random_buffer(buf + 6, 32);
 
-		b = data_blob_const(buf, sizeof(buf));
-		status = smb2_negotiate_context_add(req, &out_c,
-					SMB2_PREAUTH_INTEGRITY_CAPABILITIES, b);
+		status = smb2_negotiate_context_add(
+			req,
+			&out_c,
+			SMB2_PREAUTH_INTEGRITY_CAPABILITIES,
+			buf,
+			sizeof(buf));
 		if (!NT_STATUS_IS_OK(status)) {
 			return smbd_smb2_request_error(req, status);
 		}
@@ -450,7 +452,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 		uint16_t cipher_count;
 		const uint8_t *p;
 		uint8_t buf[4];
-		DATA_BLOB b;
 		size_t i;
 		bool aes_128_ccm_supported = false;
 		bool aes_128_gcm_supported = false;
@@ -504,9 +505,12 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 		SSVAL(buf, 0, 1); /* ChiperCount */
 		SSVAL(buf, 2, xconn->smb2.server.cipher);
 
-		b = data_blob_const(buf, sizeof(buf));
-		status = smb2_negotiate_context_add(req, &out_c,
-					SMB2_ENCRYPTION_CAPABILITIES, b);
+		status = smb2_negotiate_context_add(
+			req,
+			&out_c,
+			SMB2_ENCRYPTION_CAPABILITIES,
+			buf,
+			sizeof(buf));
 		if (!NT_STATUS_IS_OK(status)) {
 			return smbd_smb2_request_error(req, status);
 		}