s3:libsmb/samlogon_cache: zero session keys before storing the info2 structure master4-smart-base master4-smart-ok master4-smart-tmp
authorStefan Metzmacher <metze@samba.org>
Thu, 3 Feb 2011 01:23:21 +0000 (02:23 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 30 Jan 2018 23:48:31 +0000 (00:48 +0100)
The samlogon_cache is only used to get group memberships of the account
without asking the dc.

But for authentication we always ask the dc.

metze

source3/libsmb/samlogon_cache.c

index 70645f2..ae77610 100644 (file)
@@ -193,6 +193,10 @@ bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3)
        r.timestamp = time(NULL);
        r.info3 = *info3;
 
+       /* avoid storing secret information */
+       ZERO_STRUCT(r.info3.base.key);
+       ZERO_STRUCT(r.info3.base.LMSessKey);
+
        if (DEBUGLEVEL >= 10) {
                NDR_PRINT_DEBUG(netsamlogoncache_entry, &r);
        }