svn commit: samba r13247 - in branches/SAMBA_4_0/source/auth: .
gensec
abartlet at samba.org
abartlet at samba.org
Tue Jan 31 01:50:55 GMT 2006
Author: abartlet
Date: 2006-01-31 01:50:54 +0000 (Tue, 31 Jan 2006)
New Revision: 13247
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13247
Log:
Try to make better use of talloc in the auth/ and auth/gensec code.
We don't want temporary memory hanging around on the long-term
contexts.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/auth_sam.c
branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/auth_sam.c
===================================================================
--- branches/SAMBA_4_0/source/auth/auth_sam.c 2006-01-31 01:49:56 UTC (rev 13246)
+++ branches/SAMBA_4_0/source/auth/auth_sam.c 2006-01-31 01:50:54 UTC (rev 13247)
@@ -616,14 +616,14 @@
return nt_status;
}
- nt_status = authsam_make_server_info(mem_ctx, sam_ctx, msgs[0], msgs_domain_ref[0],
+ nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], msgs_domain_ref[0],
user_sess_key, lm_sess_key,
server_info);
- if (!NT_STATUS_IS_OK(nt_status)) {
- talloc_free(tmp_ctx);
- return nt_status;
+ if (NT_STATUS_IS_OK(nt_status)) {
+ talloc_steal(mem_ctx, *server_info);
}
- return NT_STATUS_OK;
+ talloc_free(tmp_ctx);
+ return nt_status;
}
static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx,
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c 2006-01-31 01:49:56 UTC (rev 13246)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c 2006-01-31 01:50:54 UTC (rev 13247)
@@ -759,7 +759,7 @@
}
static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_security,
- struct auth_session_info **_session_info)
+ struct auth_session_info **_session_info)
{
NTSTATUS nt_status;
TALLOC_CTX *mem_ctx;
@@ -873,13 +873,17 @@
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(gensec_gssapi_state, server_info, &session_info);
- talloc_free(mem_ctx);
- talloc_free(server_info);
- NT_STATUS_NOT_OK_RETURN(nt_status);
+ nt_status = auth_generate_session_info(mem_ctx, server_info, &session_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
nt_status = gensec_gssapi_session_key(gensec_security, &session_info->session_key);
- NT_STATUS_NOT_OK_RETURN(nt_status);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
if (!(gensec_gssapi_state->got_flags & GSS_C_DELEG_FLAG)) {
DEBUG(10, ("gensec_gssapi: NO delegated credentials supplied by client\n"));
@@ -888,6 +892,7 @@
DEBUG(10, ("gensec_gssapi: delegated credentials supplied by client\n"));
session_info->credentials = cli_credentials_init(session_info);
if (!session_info->credentials) {
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -897,11 +902,13 @@
gensec_gssapi_state->delegated_cred_handle,
CRED_SPECIFIED);
if (ret) {
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
/* It has been taken from this place... */
gensec_gssapi_state->delegated_cred_handle = GSS_C_NO_CREDENTIAL;
}
+ talloc_steal(gensec_gssapi_state, session_info);
*_session_info = session_info;
return NT_STATUS_OK;
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2006-01-31 01:49:56 UTC (rev 13246)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2006-01-31 01:50:54 UTC (rev 13247)
@@ -546,6 +546,7 @@
} else {
pac = data_blob_talloc(mem_ctx, pac_data.data, pac_data.length);
if (!pac.data) {
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -554,6 +555,7 @@
DEBUG(5, ("krb5_ticket_get_client failed to get cleint principal: %s\n",
smb_get_krb5_error_message(context,
ret, mem_ctx)));
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -568,12 +570,11 @@
if (NT_STATUS_IS_OK(nt_status)) {
union netr_Validation validation;
validation.sam3 = &logon_info->info3;
- nt_status = make_server_info_netlogon_validation(gensec_krb5_state,
+ nt_status = make_server_info_netlogon_validation(mem_ctx,
NULL,
3, &validation,
&server_info);
}
- talloc_free(mem_ctx);
}
@@ -590,6 +591,7 @@
DEBUG(5, ("krb5_ticket_get_client failed to get cleint principal: %s\n",
smb_get_krb5_error_message(context,
ret, mem_ctx)));
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -597,6 +599,7 @@
client_principal, &principal_string);
krb5_free_principal(context, client_principal);
if (ret) {
+ talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
@@ -611,16 +614,24 @@
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(gensec_krb5_state, server_info, &session_info);
- talloc_free(mem_ctx);
+ nt_status = auth_generate_session_info(mem_ctx, server_info, &session_info);
- NT_STATUS_NOT_OK_RETURN(nt_status);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
nt_status = gensec_krb5_session_key(gensec_security, &session_info->session_key);
- NT_STATUS_NOT_OK_RETURN(nt_status);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
+
*_session_info = session_info;
+ talloc_steal(gensec_krb5_state, session_info);
+ talloc_free(mem_ctx);
return NT_STATUS_OK;
}
More information about the samba-cvs
mailing list