s3-auth: Remove unused lm_session_key from auth3_session_info

The long term authorization state needs only the final, negotiated
session key, and not the original LM key that may possibly have been
an input.

The special case of the guest account simply needs both values filled
back in with the zeros to avoid changing behaviour in the cached
server_info.

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 6a4e71f77ee0ae2350d9e46728e4f027955eb50e..acef47907fcebaebc098afaaaa16123b0c207abc 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -820,7 +820,6 @@ static NTSTATUS make_new_session_info_guest(struct auth3_session_info **session_
        /* annoying, but the Guest really does have a session key, and it is
           all zeros! */
        (*session_info)->session_key = data_blob(zeros, sizeof(zeros));
-       (*session_info)->lm_session_key = data_blob(zeros, sizeof(zeros));
 
        alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string,
                     ". _-$", sizeof(tmp));
@@ -908,7 +907,7 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx,
        return status;
 }
 
-
+/* This function MUST only used to create the cached server_info for guest */
 static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX *mem_ctx,
                                                              const struct auth3_session_info *src)
 {
@@ -949,8 +948,10 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo(TALLOC_CTX
        dst->session_key = data_blob_talloc( dst, src->session_key.data,
                                                src->session_key.length);
 
-       dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
-                                               src->lm_session_key.length);
+       /* This is OK because this functions is only used for the
+        * GUEST account, which has all-zero keys for both values */
+       dst->lm_session_key = data_blob_talloc(dst, src->session_key.data,
+                                               src->session_key.length);
 
        dst->info3 = copy_netr_SamInfo3(dst, src->info3);
        if (!dst->info3) {
@@ -1011,9 +1012,6 @@ static struct auth3_session_info *copy_serverinfo_session_info(TALLOC_CTX *mem_c
        dst->session_key = data_blob_talloc( dst, src->session_key.data,
                                                src->session_key.length);
 
-       dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
-                                               src->lm_session_key.length);
-
        dst->info3 = copy_netr_SamInfo3(dst, src->info3);
        if (!dst->info3) {
                TALLOC_FREE(dst);
@@ -1086,9 +1084,6 @@ struct auth3_session_info *copy_session_info(TALLOC_CTX *mem_ctx,
        dst->session_key = data_blob_talloc( dst, src->session_key.data,
                                                src->session_key.length);
 
-       dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
-                                               src->lm_session_key.length);
-
        dst->info3 = copy_netr_SamInfo3(dst, src->info3);
        if (!dst->info3) {
                TALLOC_FREE(dst);

diff --git a/source3/include/auth.h b/source3/include/auth.h
index 8d95fb4ebb5627d02867e361e2bee46375800522..1c1fb3620074bd497534add9f0fdebdc425b170e 100644 (file)
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -93,7 +93,6 @@ struct auth3_session_info {
         */
 
        DATA_BLOB session_key;
-       DATA_BLOB lm_session_key;
 
        struct netr_SamInfo3 *info3;