s3:libsmb: let the callers only pass the password string to cli_sessi…

…on_setup[_send]()

There're no callers which tried to pass raw {lm,nt}_response any more.

Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>

source3/client/client.c

@@ -4575,8 +4575,7 @@ static int cmd_logon(void)
 	}
 
 	nt_status = cli_session_setup(cli, l_username,
-				      l_password, strlen(l_password),
-				      l_password, strlen(l_password),
+				      l_password,
 				      lp_workgroup());
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		d_printf("session setup failed: %s\n", nt_errstr(nt_status));

source3/client/smbspool.c

@@ -425,8 +425,7 @@ smb_complete_connection(const char *myname,
 	}
 
 	nt_status = cli_session_setup(cli, username,
-				      password, strlen(password) + 1,
-				      password, strlen(password) + 1,
+				      password,
 				      workgroup);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		fprintf(stderr, "ERROR: Session setup failed: %s\n", nt_errstr(nt_status));

source3/libsmb/cliconnect.c

@@ -2010,15 +2010,26 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
 					  struct tevent_context *ev,
 					  struct cli_state *cli,
 					  const char *user,
-					  const char *pass, int passlen,
-					  const char *ntpass, int ntpasslen,
+					  const char *pass,
 					  const char *workgroup)
 {
 	struct tevent_req *req, *subreq;
 	struct cli_session_setup_state *state;
 	char *p;
 	char *user2;
 	uint16_t sec_mode = smb1cli_conn_server_security_mode(cli->conn);
+	int passlen = 0;
+
+	if (pass != NULL) {
+		passlen = strlen(pass);
+		if (passlen > 0) {
+			/*
+			 * If we have a realm password
+			 * we include the terminating '\0'
+			 */
+			passlen += 1;
+		}
+	}
 
 	req = tevent_req_create(mem_ctx, &state,
 				struct cli_session_setup_state);
@@ -2178,7 +2189,7 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
 		}
 
 		subreq = cli_session_setup_nt1_send(
-			state, ev, cli, user, pass, passlen, ntpass, ntpasslen,
+			state, ev, cli, user, pass, passlen, pass, passlen,
 			workgroup);
 		if (tevent_req_nomem(subreq, req)) {
 			return tevent_req_post(req, ev);
@@ -2277,8 +2288,7 @@ NTSTATUS cli_session_setup_recv(struct tevent_req *req)
 
 NTSTATUS cli_session_setup(struct cli_state *cli,
 			   const char *user,
-			   const char *pass, int passlen,
-			   const char *ntpass, int ntpasslen,
+			   const char *pass,
 			   const char *workgroup)
 {
 	struct tevent_context *ev;
@@ -2292,8 +2302,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
 	if (ev == NULL) {
 		goto fail;
 	}
-	req = cli_session_setup_send(ev, ev, cli, user, pass, passlen,
-				     ntpass, ntpasslen, workgroup);
+	req = cli_session_setup_send(ev, ev, cli, user, pass, workgroup);
 	if (req == NULL) {
 		goto fail;
 	}
@@ -3437,8 +3446,7 @@ static void cli_full_connection_started(struct tevent_req *subreq)
 	}
 	subreq = cli_session_setup_send(
 		state, state->ev, state->cli, state->user,
-		state->password, state->pw_len, state->password, state->pw_len,
-		state->domain);
+		state->password, state->domain);
 	if (tevent_req_nomem(subreq, req)) {
 		return;
 	}
@@ -3462,7 +3470,7 @@ static void cli_full_connection_sess_set_up(struct tevent_req *subreq)
 		state->flags &= ~CLI_FULL_CONNECTION_ANONYMOUS_FALLBACK;
 
 		subreq = cli_session_setup_send(
-			state, state->ev, state->cli, "", "", 0, "", 0,
+			state, state->ev, state->cli, "", "",
 			state->domain);
 		if (tevent_req_nomem(subreq, req)) {
 			return;

source3/libsmb/clidfs.c

@@ -196,17 +196,14 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
 	}
 
 	status = cli_session_setup(c, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   domain);
 	if (!NT_STATUS_IS_OK(status)) {
 		/* If a password was not supplied then
 		 * try again with a null username. */
 		if (password[0] || !username[0] ||
 			get_cmdline_auth_info_use_kerberos(auth_info) ||
-			!NT_STATUS_IS_OK(status = cli_session_setup(c, "",
-				    		"", 0,
-						"", 0,
+			!NT_STATUS_IS_OK(status = cli_session_setup(c, "", "",
 					       lp_workgroup()))) {
 			d_printf("session setup failed: %s\n",
 				 nt_errstr(status));

source3/libsmb/libsmb_server.c

@@ -274,7 +274,8 @@ SMBC_server_internal(TALLOC_CTX *ctx,
 	const char *server_n = server;
         int is_ipc = (share != NULL && strcmp(share, "IPC$") == 0);
 	uint32_t fs_attrs = 0;
-        const char *username_used;
+	const char *username_used = NULL;
+	const char *password_used = NULL;
  	NTSTATUS status;
 	char *newserver, *newshare;
 	int flags = 0;
@@ -491,22 +492,20 @@ SMBC_server_internal(TALLOC_CTX *ctx,
 		smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS);
 	}
 
-        username_used = *pp_username;
+	username_used = *pp_username;
+	password_used = *pp_password;
 
 	if (!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
-					       *pp_password,
-                                               strlen(*pp_password),
-					       *pp_password,
-                                               strlen(*pp_password),
+					       password_used,
 					       *pp_workgroup))) {
 
                 /* Failed.  Try an anonymous login, if allowed by flags. */
-                username_used = "";
+		username_used = "";
+		password_used = "";
 
                 if (smbc_getOptionNoAutoAnonymousLogin(context) ||
-                    !NT_STATUS_IS_OK(cli_session_setup(c, username_used,
-                                                       *pp_password, 1,
-                                                       *pp_password, 0,
+		    !NT_STATUS_IS_OK(cli_session_setup(c, username_used,
+						       password_used,
                                                        *pp_workgroup))) {
 
                         cli_shutdown(c);
@@ -593,7 +592,7 @@ SMBC_server_internal(TALLOC_CTX *ctx,
 		/* Attempt UNIX smb encryption. */
 		if (!NT_STATUS_IS_OK(cli_force_encryption(c,
                                                           username_used,
-                                                          *pp_password,
+                                                          password_used,
                                                           *pp_workgroup))) {
 
 			/*

source3/libsmb/passchange.c

@@ -84,8 +84,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
 	/* Given things like SMB signing, restrict anonymous and the like, 
 	   try an authenticated connection first */
 	result = cli_session_setup(cli, user_name,
-				   old_passwd, strlen(old_passwd)+1,
-				   old_passwd, strlen(old_passwd)+1, "");
+				   old_passwd, "");
 
 	if (!NT_STATUS_IS_OK(result)) {
 
@@ -112,7 +111,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
 		 * Thanks to <[email protected]> for this fix.
 		 */
 
-		result = cli_session_setup(cli, "", "", 0, "", 0, "");
+		result = cli_session_setup(cli, "", "", "");
 
 		if (!NT_STATUS_IS_OK(result)) {
 			if (asprintf(err_str, "machine %s rejected the session "

source3/libsmb/proto.h

@@ -37,14 +37,12 @@ struct tevent_req *cli_session_setup_send(TALLOC_CTX *mem_ctx,
 					  struct tevent_context *ev,
 					  struct cli_state *cli,
 					  const char *user,
-					  const char *pass, int passlen,
-					  const char *ntpass, int ntpasslen,
+					  const char *pass,
 					  const char *workgroup);
 NTSTATUS cli_session_setup_recv(struct tevent_req *req);
 NTSTATUS cli_session_setup(struct cli_state *cli,
 			   const char *user,
-			   const char *pass, int passlen,
-			   const char *ntpass, int ntpasslen,
+			   const char *pass,
 			   const char *workgroup);
 struct tevent_req *cli_session_setup_guest_create(TALLOC_CTX *mem_ctx,
 						  struct tevent_context *ev,

source3/nmbd/nmbd_synclists.c

@@ -95,7 +95,7 @@ static void sync_child(char *name, int nm_type,
 		return;
 	}
 
-	if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 1, "", 0,
+	if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "",
 					       workgroup))) {
 		cli_shutdown(cli);
 		return;

source3/torture/masktest.c

@@ -208,8 +208,7 @@ static struct cli_state *connect_one(char *share)
 	}
 
 	status = cli_session_setup(c, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   lp_workgroup());
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("session setup failed: %s\n", nt_errstr(status)));

source3/torture/test_smb2.c

@@ -58,8 +58,7 @@ bool run_smb2_basic(int dummy)
 	}
 
 	status = cli_session_setup(cli, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("cli_session_setup returned %s\n", nt_errstr(status));
@@ -333,8 +332,7 @@ bool run_smb2_session_reconnect(int dummy)
 	}
 
 	status = cli_session_setup(cli1, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("cli_session_setup returned %s\n", nt_errstr(status));
@@ -755,8 +753,7 @@ bool run_smb2_tcon_dependence(int dummy)
 	}
 
 	status = cli_session_setup(cli, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("cli_session_setup returned %s\n", nt_errstr(status));
@@ -910,8 +907,7 @@ bool run_smb2_multi_channel(int dummy)
 	}
 
 	status = cli_session_setup(cli1, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("smb2cli_sesssetup returned %s\n", nt_errstr(status));
@@ -1503,8 +1499,7 @@ bool run_smb2_session_reauth(int dummy)
 	}
 
 	status = cli_session_setup(cli, username,
-				   password, strlen(password),
-				   password, strlen(password),
+				   password,
 				   workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("smb2cli_sesssetup returned %s\n", nt_errstr(status));

source3/torture/torture.c

@@ -413,14 +413,12 @@ bool torture_init_connection(struct cli_state **pcli)
 bool torture_cli_session_setup2(struct cli_state *cli, uint16_t *new_vuid)
 {
 	uint16_t old_vuid = cli_state_get_uid(cli);
-	size_t passlen = strlen(password);
 	NTSTATUS status;
 	bool ret;
 
 	cli_state_set_uid(cli, 0);
 	status = cli_session_setup(cli, username,
-				   password, passlen,
-				   password, passlen,
+				   password,
 				   workgroup);
 	ret = NT_STATUS_IS_OK(status);
 	*new_vuid = cli_state_get_uid(cli);
@@ -7115,7 +7113,7 @@ static bool run_error_map_extract(int dummy) {
 		return False;
 	}
 
-	status = cli_session_setup(c_nt, "", "", 0, "", 0, workgroup);
+	status = cli_session_setup(c_nt, "", "", workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("%s rejected the NT-error initial session setup (%s)\n",host, nt_errstr(status));
 		return False;
@@ -7142,7 +7140,7 @@ static bool run_error_map_extract(int dummy) {
 		return False;
 	}
 
-	status = cli_session_setup(c_dos, "", "", 0, "", 0, workgroup);
+	status = cli_session_setup(c_dos, "", "", workgroup);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("%s rejected the DOS-error initial session setup (%s)\n",
 			host, nt_errstr(status));
@@ -7156,8 +7154,7 @@ static bool run_error_map_extract(int dummy) {
 		fstr_sprintf(user, "%X", error);
 
 		status = cli_session_setup(c_nt, user,
-					   password, strlen(password),
-					   password, strlen(password),
+					   password,
 					   workgroup);
 		if (NT_STATUS_IS_OK(status)) {
 			printf("/** Session setup succeeded.  This shouldn't happen...*/\n");
@@ -7173,8 +7170,7 @@ static bool run_error_map_extract(int dummy) {
 		}
 
 		status = cli_session_setup(c_dos, user,
-					   password, strlen(password),
-					   password, strlen(password),
+					   password,
 					   workgroup);
 		if (NT_STATUS_IS_OK(status)) {
 			printf("/** Session setup succeeded.  This shouldn't happen...*/\n");
@@ -7227,8 +7223,7 @@ static bool run_sesssetup_bench(int dummy)
 	for (i=0; i<torture_numops; i++) {
 		status = cli_session_setup(
 			c, username,
-			password, strlen(password),
-			password, strlen(password),
+			password,
 			workgroup);
 		if (!NT_STATUS_IS_OK(status)) {
 			d_printf("(%s) cli_session_setup failed: %s\n",
@@ -8168,9 +8163,6 @@ static bool run_large_readx(int dummy)
 		status = cli_session_setup(cli2,
 					username,
 					password,
-					strlen(password)+1,
-					password,
-					strlen(password)+1,
 					workgroup);
 		if (!NT_STATUS_IS_OK(status)) {
 			goto out;

source3/winbindd/winbindd_cm.c

@@ -1129,9 +1129,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
 		result = cli_session_setup(*cli,
 					   machine_krb5_principal,
 					   machine_password,
-					   strlen(machine_password)+1,
-					   machine_password,
-					   strlen(machine_password)+1,
 					   machine_domain);
 
 		if (NT_STATUS_IS_OK(result)) {
@@ -1153,9 +1150,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
 		result = cli_session_setup(*cli,
 					   machine_account,
 					   machine_password,
-					   strlen(machine_password)+1,
-					   machine_password,
-					   strlen(machine_password)+1,
 					   machine_domain);
 	}
 
@@ -1219,9 +1213,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
 	result = cli_session_setup(*cli,
 				   machine_account,
 				   machine_password,
-				   strlen(machine_password)+1,
-				   machine_password,
-				   strlen(machine_password)+1,
 				   machine_domain);
 
 	if (NT_STATUS_IS_OK(result)) {
@@ -1260,7 +1251,7 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
 
 	(*cli)->use_kerberos = False;
 
-	result = cli_session_setup(*cli, "", "", 0, "", 0, "");
+	result = cli_session_setup(*cli, "", "", "");
 	if (NT_STATUS_IS_OK(result)) {
 		DEBUG(5, ("Connected anonymously\n"));
 		goto session_setup_done;