[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher Mon, 26 Jun 2017 04:09:08 -0700

The branch, master has been updated
       via  27e43e1 auth/ntlmssp: make ntlmssp_server_check_password() shorter
       via  c6b37a0 auth/ntlmssp: remove useless talloc_steal calls in 
ntlmssp_server_check_password()
       via  ebb63e1 s4:dsdb/samdb: pass an existing 'struct ldb_context' to 
crack_auto_name_to_nt4_name()
       via  f054130 s4:dsdb/samdb: pass an existing 'struct ldb_context' to 
crack_name_to_nt4_name()
       via  bfb25f9 s4:auth/unix_token: remove unused tevent_context from 
auth_session_info_fill_unix()
       via  a2efaef s4:auth/unix_token: remove unused tevent_context from 
security_token_to_unix_token()
       via  d254984 s3:smbd: call auth_check_password_session_info() only in 
one central place
       via  fc41aeb s3:smbd: introduce a reply_sesssetup_and_X_state
       via  c990d2b s3:smbd: inline check_guest_password() into 
reply_sesssetup_and_X()
       via  5810f74 s3:smbd: only set user_info->auth_description on success
       via  823bc4c pidl:NDR/Parser: initialize [skip] values in ndr_pull_*
       via  5a08c98 ntprinting.idl: make use of [skip_noinit] for string_flags
       via  b922472 pidl:NDR/Parser: add "skip_noinit" element
       via  3bc6b55 pidl:NDR/Parser: fix "skip" for pointers
      from  2fa069e ctdb-scripts: Don't send empty argument string to logger


https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 27e43e1d0c35550e227c127f3c857fa4420cc8dc
Author: Stefan Metzmacher <me...@samba.org>
Date:   Fri Jun 16 17:11:17 2017 +0200

    auth/ntlmssp: make ntlmssp_server_check_password() shorter
    
    We move as must as possible into ntlmssp_server_{pre,post}auth().
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
    Autobuild-Date(master): Mon Jun 26 13:07:30 CEST 2017 on sn-devel-144

commit c6b37a0e1dff557ca8e200b47eff50d89c180e30
Author: Stefan Metzmacher <me...@samba.org>
Date:   Fri Jun 16 18:03:11 2017 +0200

    auth/ntlmssp: remove useless talloc_steal calls in 
ntlmssp_server_check_password()
    
    We only create a temporary auth_usersupplied_info structure and pass it
    down as const, lets keep the values on ntlmssp_state otherwise we may 
derefence
    stale pointers.
    
    We finally free the memory at the end of ntlmssp_server_postauth() now.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit ebb63e1cb3a40b3af691c56dd0ae2c6cfdccf9ec
Author: Stefan Metzmacher <me...@samba.org>
Date:   Mon Jun 19 08:39:19 2017 +0200

    s4:dsdb/samdb: pass an existing 'struct ldb_context' to 
crack_auto_name_to_nt4_name()
    
    There's no point in creating a temporary ldb_context as
    the only callers already have a valid struct ldb_context for
    the local sam.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit f0541309d77e51e1169d6a534b5e11bd3a24d4cd
Author: Stefan Metzmacher <me...@samba.org>
Date:   Mon Jun 19 08:39:19 2017 +0200

    s4:dsdb/samdb: pass an existing 'struct ldb_context' to 
crack_name_to_nt4_name()
    
    There's no point in creating a temporary ldb_context as
    all direct callers already have a valid struct ldb_context for
    the local sam.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit bfb25f92aac335d2b96ae5353fbeacf90bbdcb43
Author: Stefan Metzmacher <me...@samba.org>
Date:   Mon Jun 19 08:26:26 2017 +0200

    s4:auth/unix_token: remove unused tevent_context from 
auth_session_info_fill_unix()
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit a2efaef15fc0311111a83a2bfc8f80490f2ea051
Author: Stefan Metzmacher <me...@samba.org>
Date:   Mon Jun 19 08:26:26 2017 +0200

    s4:auth/unix_token: remove unused tevent_context from 
security_token_to_unix_token()
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit d254984d371bb614e11c6ed13a58e1921813a4ff
Author: Stefan Metzmacher <me...@samba.org>
Date:   Sun Jun 18 12:53:05 2017 +0200

    s3:smbd: call auth_check_password_session_info() only in one central place
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit fc41aebf452e80869d80e3f0d6f3c7dfea65da01
Author: Stefan Metzmacher <me...@samba.org>
Date:   Sun Jun 18 12:48:11 2017 +0200

    s3:smbd: introduce a reply_sesssetup_and_X_state
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit c990d2bd1c37e95c9e38540148cde37542aaf36f
Author: Stefan Metzmacher <me...@samba.org>
Date:   Sun Jun 18 12:08:58 2017 +0200

    s3:smbd: inline check_guest_password() into reply_sesssetup_and_X()
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit 5810f7468bc0c2592056d100f3174e6e2342b3b5
Author: Stefan Metzmacher <me...@samba.org>
Date:   Sun Jun 18 12:06:10 2017 +0200

    s3:smbd: only set user_info->auth_description on success
    
    Otherwise we'll derefence a NULL pointer.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>

commit 823bc4c07add242a5a1d0cd25942ebaab3cd0e23
Author: Stefan Metzmacher <me...@samba.org>
Date:   Tue Jun 13 09:57:33 2017 +0200

    pidl:NDR/Parser: initialize [skip] values in ndr_pull_*
    
    It's too dangerous to leave values uninitialzed!
    [skip_noinit] can be used if required.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

commit 5a08c9887cb3e9354ed697c649d5f9965436fe50
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Jun 21 15:11:28 2017 +0200

    ntprinting.idl: make use of [skip_noinit] for string_flags
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

commit b922472fd683235fde3abc69ee09d9d8bfdb8644
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Jun 21 15:05:35 2017 +0200

    pidl:NDR/Parser: add "skip_noinit" element
    
    In future "skip" will be changed to initialize the element
    with ZERO_STRUCT() on ndr_pull_*.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

commit 3bc6b55385894691792962ecc15978a3b158eca4
Author: Stefan Metzmacher <me...@samba.org>
Date:   Mon Jun 19 12:15:21 2017 +0200

    pidl:NDR/Parser: fix "skip" for pointers
    
    We should handle the "skip" at the element level before
    we traverse trough the element levels.
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Volker Lendecke <v...@samba.org>

-----------------------------------------------------------------------

Summary of changes:
 auth/ntlmssp/ntlmssp_server.c            | 109 ++++++++-------
 librpc/idl/ntprinting.idl                |   8 +-
 pidl/lib/Parse/Pidl/NDR.pm               |   1 +
 pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm |  43 ++++--
 source3/smbd/sesssetup.c                 | 225 ++++++++++++++-----------------
 source4/auth/ntlm/auth.c                 |   6 +-
 source4/auth/ntlm/auth_sam.c             |   3 +-
 source4/auth/ntlm/auth_simple.c          |   4 +-
 source4/auth/ntlm/auth_winbind.c         |   3 +-
 source4/auth/unix_token.c                |   6 +-
 source4/dsdb/samdb/cracknames.c          |  14 +-
 source4/ntvfs/unixuid/vfs_unixuid.c      |   4 +-
 source4/rpc_server/lsa/lsa_lookup.c      |   5 +-
 13 files changed, 216 insertions(+), 215 deletions(-)


Changeset truncated at 500 lines:

diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
index c525a93..e17074e 100644
--- a/auth/ntlmssp/ntlmssp_server.c
+++ b/auth/ntlmssp/ntlmssp_server.c
@@ -294,6 +294,7 @@ NTSTATUS gensec_ntlmssp_server_negotiate(struct 
gensec_security *gensec_security
 }
 
 struct ntlmssp_server_auth_state {
+       struct auth_usersupplied_info *user_info;
        DATA_BLOB user_session_key;
        DATA_BLOB lm_session_key;
        /* internal variables used by KEY_EXCH (client-supplied user session 
key */
@@ -318,6 +319,7 @@ static NTSTATUS ntlmssp_server_preauth(struct 
gensec_security *gensec_security,
 {
        struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
        struct auth4_context *auth_context = gensec_security->auth_context;
+       struct auth_usersupplied_info *user_info = NULL;
        uint32_t ntlmssp_command, auth_flags;
        NTSTATUS nt_status;
        const unsigned int version_len = 8;
@@ -686,27 +688,8 @@ static NTSTATUS ntlmssp_server_preauth(struct 
gensec_security *gensec_security,
                        ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
                }
        }
-       return NT_STATUS_OK;
-}
-
-/**
- * Check the password on an NTLMSSP login.
- *
- * Return the session keys used on the connection.
- */
 
-static NTSTATUS ntlmssp_server_check_password(struct gensec_security 
*gensec_security,
-                                             struct gensec_ntlmssp_context 
*gensec_ntlmssp,
-                                             TALLOC_CTX *mem_ctx,
-                                             DATA_BLOB *user_session_key, 
DATA_BLOB *lm_session_key)
-{
-       struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
-       struct auth4_context *auth_context = gensec_security->auth_context;
-       NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
-       struct auth_session_info *session_info = NULL;
-       struct auth_usersupplied_info *user_info;
-
-       user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info);
+       user_info = talloc_zero(state, struct auth_usersupplied_info);
        if (!user_info) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -732,9 +715,26 @@ static NTSTATUS ntlmssp_server_check_password(struct 
gensec_security *gensec_sec
 
        user_info->password_state = AUTH_PASSWORD_RESPONSE;
        user_info->password.response.lanman = ntlmssp_state->lm_resp;
-       user_info->password.response.lanman.data = talloc_steal(user_info, 
ntlmssp_state->lm_resp.data);
        user_info->password.response.nt = ntlmssp_state->nt_resp;
-       user_info->password.response.nt.data = talloc_steal(user_info, 
ntlmssp_state->nt_resp.data);
+
+       state->user_info = user_info;
+       return NT_STATUS_OK;
+}
+
+/**
+ * Check the password on an NTLMSSP login.
+ *
+ * Return the session keys used on the connection.
+ */
+
+static NTSTATUS ntlmssp_server_check_password(struct gensec_security 
*gensec_security,
+                                             struct gensec_ntlmssp_context 
*gensec_ntlmssp,
+                                             const struct 
auth_usersupplied_info *user_info,
+                                             TALLOC_CTX *mem_ctx,
+                                             DATA_BLOB *user_session_key, 
DATA_BLOB *lm_session_key)
+{
+       struct auth4_context *auth_context = gensec_security->auth_context;
+       NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
 
        if (auth_context->check_ntlm_password) {
                uint8_t authoritative = 0;
@@ -750,10 +750,37 @@ static NTSTATUS ntlmssp_server_check_password(struct 
gensec_security *gensec_sec
        if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(5, (__location__ ": Checking NTLMSSP password for %s\\%s 
failed: %s\n", user_info->client.domain_name, user_info->client.account_name, 
nt_errstr(nt_status)));
        }
-       TALLOC_FREE(user_info);
-
        NT_STATUS_NOT_OK_RETURN(nt_status);
 
+       talloc_steal(mem_ctx, user_session_key->data);
+       talloc_steal(mem_ctx, lm_session_key->data);
+
+       return nt_status;
+}
+
+/**
+ * Next state function for the Authenticate packet
+ * (after authentication - figures out the session keys etc)
+ *
+ * @param ntlmssp_state NTLMSSP State
+ * @return Errors or NT_STATUS_OK.
+ */
+
+static NTSTATUS ntlmssp_server_postauth(struct gensec_security 
*gensec_security,
+                                       struct gensec_ntlmssp_context 
*gensec_ntlmssp,
+                                       struct ntlmssp_server_auth_state *state,
+                                       DATA_BLOB request)
+{
+       struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
+       struct auth4_context *auth_context = gensec_security->auth_context;
+       DATA_BLOB user_session_key = state->user_session_key;
+       DATA_BLOB lm_session_key = state->lm_session_key;
+       NTSTATUS nt_status = NT_STATUS_OK;
+       DATA_BLOB session_key = data_blob(NULL, 0);
+       struct auth_session_info *session_info = NULL;
+
+       TALLOC_FREE(state->user_info);
+
        if (lpcfg_map_to_guest(gensec_security->settings->lp_ctx) != 
NEVER_MAP_TO_GUEST
            && auth_context->generate_session_info != NULL)
        {
@@ -762,7 +789,7 @@ static NTSTATUS ntlmssp_server_check_password(struct 
gensec_security *gensec_sec
                /*
                 * We need to check if the auth is anonymous or mapped to guest
                 */
-               tmp_status = auth_context->generate_session_info(auth_context, 
mem_ctx,
+               tmp_status = auth_context->generate_session_info(auth_context, 
state,
                                                                 
gensec_ntlmssp->server_returned_info,
                                                                 
gensec_ntlmssp->ntlmssp_state->user,
                                                                 
AUTH_SESSION_INFO_SIMPLE_PRIVILEGES,
@@ -790,31 +817,6 @@ static NTSTATUS ntlmssp_server_check_password(struct 
gensec_security *gensec_sec
                TALLOC_FREE(session_info);
        }
 
-       talloc_steal(mem_ctx, user_session_key->data);
-       talloc_steal(mem_ctx, lm_session_key->data);
-
-       return nt_status;
-}
-
-/**
- * Next state function for the Authenticate packet
- * (after authentication - figures out the session keys etc)
- *
- * @param ntlmssp_state NTLMSSP State
- * @return Errors or NT_STATUS_OK.
- */
-
-static NTSTATUS ntlmssp_server_postauth(struct gensec_security 
*gensec_security,
-                                       struct gensec_ntlmssp_context 
*gensec_ntlmssp,
-                                       struct ntlmssp_server_auth_state *state,
-                                       DATA_BLOB request)
-{
-       struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
-       DATA_BLOB user_session_key = state->user_session_key;
-       DATA_BLOB lm_session_key = state->lm_session_key;
-       NTSTATUS nt_status = NT_STATUS_OK;
-       DATA_BLOB session_key = data_blob(NULL, 0);
-
        dump_data_pw("NT session key:\n", user_session_key.data, 
user_session_key.length);
        dump_data_pw("LM first-8:\n", lm_session_key.data, 
lm_session_key.length);
 
@@ -977,6 +979,11 @@ static NTSTATUS ntlmssp_server_postauth(struct 
gensec_security *gensec_security,
                nt_status = ntlmssp_sign_init(ntlmssp_state);
        }
 
+       data_blob_clear_free(&ntlmssp_state->internal_chal);
+       data_blob_clear_free(&ntlmssp_state->chal);
+       data_blob_clear_free(&ntlmssp_state->lm_resp);
+       data_blob_clear_free(&ntlmssp_state->nt_resp);
+
        ntlmssp_state->expected_state = NTLMSSP_DONE;
 
        return nt_status;
@@ -1026,7 +1033,7 @@ NTSTATUS gensec_ntlmssp_server_auth(struct 
gensec_security *gensec_security,
 
        /* Finally, actually ask if the password is OK */
        nt_status = ntlmssp_server_check_password(gensec_security, 
gensec_ntlmssp,
-                                                 state,
+                                                 state->user_info, state,
                                                  &state->user_session_key,
                                                  &state->lm_session_key);
        if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/librpc/idl/ntprinting.idl b/librpc/idl/ntprinting.idl
index 8152144..30af141 100644
--- a/librpc/idl/ntprinting.idl
+++ b/librpc/idl/ntprinting.idl
@@ -36,7 +36,7 @@ interface ntprinting
         * "dffffffff" followed by a remaining buffer of "f" array */
 
        typedef [flag(NDR_NOALIGN),public] struct {
-               [skip] uint32 string_flags;
+               [skip_noinit] uint32 string_flags;
 
                uint32 version;
                [flag(ndr_ntprinting_string_flags(r->string_flags))] string 
name;
@@ -61,7 +61,7 @@ interface ntprinting
         * "B" private data blob */
 
        typedef [flag(NDR_NOALIGN),public] struct {
-               [skip] uint32 string_flags;
+               [skip_noinit] uint32 string_flags;
 
                /* uint32 devicemode_ptr; */
                [flag(ndr_ntprinting_string_flags(r->string_flags))] string 
devicename;
@@ -108,7 +108,7 @@ interface ntprinting
         * "fdB" */
 
        typedef [flag(NDR_NOALIGN),public] struct {
-               [skip] uint32 string_flags;
+               [skip_noinit] uint32 string_flags;
 
                uint32 ptr;
                [flag(ndr_ntprinting_string_flags(r->string_flags))] string 
name;
@@ -123,7 +123,7 @@ interface ntprinting
         */
 
        typedef [flag(NDR_NOALIGN),public] struct {
-               [skip] uint32 string_flags;
+               [skip_noinit] uint32 string_flags;
 
                uint32 attributes;
                uint32 priority;
diff --git a/pidl/lib/Parse/Pidl/NDR.pm b/pidl/lib/Parse/Pidl/NDR.pm
index 4659e31..003156e 100644
--- a/pidl/lib/Parse/Pidl/NDR.pm
+++ b/pidl/lib/Parse/Pidl/NDR.pm
@@ -1104,6 +1104,7 @@ my %property_list = (
        "nopython"              => ["FUNCTION", "TYPEDEF", "STRUCT", "UNION", 
"ENUM", "BITMAP"],
        "todo"                  => ["FUNCTION"],
        "skip"                  => ["ELEMENT"],
+       "skip_noinit"           => ["ELEMENT"],
 
        # union
        "switch_is"             => ["ELEMENT"],
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm 
b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 87ef6ce..7a73126 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -721,6 +721,11 @@ sub ParseElementPush($$$$$$)
 
        my $var_name = $env->{$e->{NAME}};
 
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               $self->pidl("/* [skip] '$var_name' */");
+               return;
+       }
+
        return if ContainsPipe($e, $e->{LEVELS}[0]);
 
        return unless $primitives or ($deferred and ContainsDeferred($e, 
$e->{LEVELS}[0]));
@@ -983,11 +988,7 @@ sub ParseDataPull($$$$$$$)
 
                $var_name = get_pointer_to($var_name);
 
-               if (has_property($e, "skip")) {
-                       $self->pidl("/* [skip] '$var_name' */");
-               } else {
-                       $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_pull", 
$l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
-               }
+               $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_pull", 
$l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
 
                my $pl = GetPrevLevel($e, $l);
 
@@ -1025,11 +1026,7 @@ sub ParseDataPush($$$$$$$)
                        $var_name = get_pointer_to($var_name);
                }
 
-               if (has_property($e, "skip")) {
-                       $self->pidl("/* [skip] '$var_name' */");
-               } else {
-                       $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_push", 
$l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
-               }
+               $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_push", 
$l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));");
        } else {
                $self->ParseTypePush($l->{DATA_TYPE}, $ndr, $var_name, 
$primitives, $deferred);
        }
@@ -1129,6 +1126,14 @@ sub ParseElementPullLevel
        my $ndr_flags = CalcNdrFlags($l, $primitives, $deferred);
        my $array_length = undef;
 
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               $self->pidl("/* [skip] '$var_name' */");
+               if (not has_property($e, "skip_noinit")) {
+                       $self->pidl("ZERO_STRUCT($var_name);");
+               }
+               return;
+       }
+
        if ($l->{TYPE} eq "ARRAY" and ($l->{IS_VARYING} or 
$l->{IS_CONFORMANT})) {
                $var_name = get_pointer_to($var_name);
        }
@@ -1652,6 +1657,11 @@ sub ParseStructPrint($$$$$)
 sub DeclarePtrVariables($$)
 {
        my ($self,$e) = @_;
+
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               return;
+       }
+
        foreach my $l (@{$e->{LEVELS}}) {
                my $size = 32;
                if ($l->{TYPE} eq "POINTER" and 
@@ -1669,6 +1679,10 @@ sub DeclareArrayVariables($$;$)
 {
        my ($self,$e,$pull) = @_;
 
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               return;
+       }
+
        foreach my $l (@{$e->{LEVELS}}) {
                next if ($l->{TYPE} ne "ARRAY");
                if (defined($pull)) {
@@ -1687,6 +1701,10 @@ sub DeclareArrayVariablesNoZero($$$)
 {
        my ($self,$e,$env) = @_;
 
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               return;
+       }
+
        foreach my $l (@{$e->{LEVELS}}) {
                next if ($l->{TYPE} ne "ARRAY");
                next if has_fast_array($e,$l);
@@ -1703,6 +1721,11 @@ sub DeclareArrayVariablesNoZero($$$)
 sub DeclareMemCtxVariables($$)
 {
        my ($self,$e) = @_;
+
+       if (has_property($e, "skip") or has_property($e, "skip_noinit")) {
+               return;
+       }
+
        foreach my $l (@{$e->{LEVELS}}) {
                my $mem_flags = $self->ParseMemCtxPullFlags($e, $l);
 
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a44af7f..e1fc7fd 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -75,45 +75,6 @@ static int push_signature(uint8_t **outbuf)
 }
 
 /****************************************************************************
- Do a 'guest' logon, getting back the
-****************************************************************************/
-
-static NTSTATUS check_guest_password(const struct tsocket_address 
*remote_address,
-                                    const struct tsocket_address 
*local_address,
-                                    TALLOC_CTX *mem_ctx, 
-                                    struct auth_session_info **session_info)
-{
-       struct auth4_context *auth_context;
-       struct auth_usersupplied_info *user_info = NULL;
-       uint8_t chal[8];
-       NTSTATUS nt_status;
-
-       DEBUG(3,("Got anonymous request\n"));
-
-       nt_status = make_auth4_context(talloc_tos(), &auth_context);
-       if (!NT_STATUS_IS_OK(nt_status)) {
-               return nt_status;
-       }
-
-       auth_context->get_ntlm_challenge(auth_context,
-                                        chal);
-
-       if (!make_user_info_guest(talloc_tos(), remote_address, local_address,
-                                 "SMB", &user_info)) {
-               TALLOC_FREE(auth_context);
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       user_info->auth_description = "guest";
-
-       nt_status = auth_check_password_session_info(auth_context, 
-                                                    mem_ctx, user_info, 
session_info);
-       TALLOC_FREE(user_info);
-       TALLOC_FREE(auth_context);
-       return nt_status;
-}
-
-/****************************************************************************
  Reply to a session setup command.
  conn POINTER CAN BE NULL HERE !
 ****************************************************************************/
@@ -594,21 +555,36 @@ static void setup_new_vc_session(struct 
smbd_server_connection *sconn)
  Reply to a session setup command.
 ****************************************************************************/
 
+struct reply_sesssetup_and_X_state {
+       struct smb_request *req;
+       struct auth4_context *auth_context;
+       struct auth_usersupplied_info *user_info;
+       const char *user;
+       const char *domain;
+       DATA_BLOB lm_resp;
+       DATA_BLOB nt_resp;
+       DATA_BLOB plaintext_password;
+};
+
+static int reply_sesssetup_and_X_state_destructor(
+               struct reply_sesssetup_and_X_state *state)
+{
+       data_blob_clear_free(&state->nt_resp);
+       data_blob_clear_free(&state->lm_resp);
+       data_blob_clear_free(&state->plaintext_password);
+       return 0;
+}
+
 void reply_sesssetup_and_X(struct smb_request *req)
 {
+       struct reply_sesssetup_and_X_state *state = NULL;
        uint64_t sess_vuid;
        uint16_t smb_bufsize;
-       DATA_BLOB lm_resp;
-       DATA_BLOB nt_resp;
-       DATA_BLOB plaintext_password;
        char *tmp;
-       const char *user;
        fstring sub_user; /* Sanitised username for substituion */
-       const char *domain;
        const char *native_os;
        const char *native_lanman;
        const char *primary_domain;
-       struct auth_usersupplied_info *user_info = NULL;
        struct auth_session_info *session_info = NULL;
        uint16_t smb_flag2 = req->flags2;
        uint16_t action = 0;
@@ -625,12 +601,17 @@ void reply_sesssetup_and_X(struct smb_request *req)
 
        START_PROFILE(SMBsesssetupX);
 
-       ZERO_STRUCT(lm_resp);
-       ZERO_STRUCT(nt_resp);
-       ZERO_STRUCT(plaintext_password);
-
        DEBUG(3,("wct=%d flg2=0x%x\n", req->wct, req->flags2));
 
+       state = talloc_zero(req, struct reply_sesssetup_and_X_state);
+       if (state == NULL) {
+               reply_nterror(req, NT_STATUS_NO_MEMORY);
+               END_PROFILE(SMBsesssetupX);
+               return;
+       }
+       state->req = req;
+       talloc_set_destructor(state, reply_sesssetup_and_X_state_destructor);
+
        if (req->flags2 & FLAGS2_SMB_SECURITY_SIGNATURES) {
                signing_allowed = true;
        }
@@ -688,18 +669,22 @@ void reply_sesssetup_and_X(struct smb_request *req)
                }
 
                if (doencrypt) {
-                       lm_resp = data_blob(req->buf, passlen1);
+                       state->lm_resp = data_blob_talloc(state,
+                                                         req->buf,
+                                                         passlen1);
                } else {
-                       plaintext_password = data_blob(req->buf, passlen1+1);
+                       state->plaintext_password = data_blob_talloc(state,
+                                                               req->buf,
+                                                               passlen1+1);
                        /* Ensure null termination */
-                       plaintext_password.data[passlen1] = 0;
+                       state->plaintext_password.data[passlen1] = 0;
                }
 
-               srvstr_pull_req_talloc(talloc_tos(), req, &tmp,
+               srvstr_pull_req_talloc(state, req, &tmp,
                                       req->buf + passlen1, STR_TERMINATE);
-               user = tmp ? tmp : "";
+               state->user = tmp ? tmp : "";
 
-               domain = "";
+               state->domain = "";
 
        } else {
                uint16_t passlen1 = SVAL(req->vwv+7, 0);
@@ -774,15 +759,15 @@ void reply_sesssetup_and_X(struct smb_request *req)
                }
 
                if (doencrypt) {
-                       lm_resp = data_blob(p, passlen1);
-                       nt_resp = data_blob(p+passlen1, passlen2);
+                       state->lm_resp = data_blob_talloc(state, p, passlen1);
+                       state->nt_resp = data_blob_talloc(state, p+passlen1, 
passlen2);
                } else {
                        char *pass = NULL;
                        bool unic= smb_flag2 & FLAGS2_UNICODE_STRINGS;
 
                        if (unic && (passlen2 == 0) && passlen1) {
                                /* Only a ascii plaintext password was sent. */
-                               (void)srvstr_pull_talloc(talloc_tos(),
+                               (void)srvstr_pull_talloc(state,
                                                        req->inbuf,
                                                        req->flags2,
                                                        &pass,
@@ -790,7 +775,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
                                                        passlen1,


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

Reply via email to