svn commit: samba r18198 - in branches/SAMBA_4_0/source/auth/gensec: .

abartlet at samba.org abartlet at samba.org
Thu Sep 7 03:24:08 GMT 2006 

Author: abartlet
Date: 2006-09-07 03:24:08 +0000 (Thu, 07 Sep 2006)
New Revision: 18198

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18198

Log:
Fix callbacks to use allocated or constant memory, not the stack.
These values are used by SASL at a later time, and must remain valid.

Make the password callback actually return the password.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/auth/gensec/cyrus_sasl.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/cyrus_sasl.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/cyrus_sasl.c	2006-09-07 02:15:31 UTC (rev 18197)
+++ branches/SAMBA_4_0/source/auth/gensec/cyrus_sasl.c	2006-09-07 03:24:08 UTC (rev 18198)
@@ -101,6 +101,7 @@
 	}
 	secret->len = strlen(password);
 	safe_strcpy(secret->data, password, secret->len+1);
+	*psecret = secret;
 	return SASL_OK;
 }
 
@@ -119,9 +120,16 @@
 	struct socket_address *remote_socket_addr = gensec_get_peer_addr(gensec_security);
 	char *local_addr = NULL;
 	char *remote_addr = NULL;
-	sasl_callback_t callbacks[5];
 	int sasl_ret;
 
+	sasl_callback_t *callbacks;
+
+	gensec_sasl_state = talloc(gensec_security, struct gensec_sasl_state);
+	if (!gensec_sasl_state) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	callbacks = talloc_array(gensec_sasl_state, sasl_callback_t, 5);
 	callbacks[0].id = SASL_CB_USER;
 	callbacks[0].proc = gensec_sasl_get_user;
 	callbacks[0].context = gensec_security;
@@ -142,11 +150,6 @@
 	callbacks[4].proc = NULL;
 	callbacks[4].context = NULL;
 
-	gensec_sasl_state = talloc(gensec_security, struct gensec_sasl_state);
-	if (!gensec_sasl_state) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
 	gensec_security->private_data = gensec_sasl_state;
 
 	if (local_socket_addr) {
@@ -342,7 +345,7 @@
 		debug_level = 0;
 		break;
 	}
-	DEBUG(debug_level, ("gensec_sasl: %s", message));
+	DEBUG(debug_level, ("gensec_sasl: %s\n", message));
 
 	return SASL_OK;
 }
@@ -351,17 +354,20 @@
 {
 	NTSTATUS ret;
 	int sasl_ret, i;
-	sasl_callback_t callbacks[2];
 	const char **sasl_mechs;
 	
-	callbacks[0].id = SASL_CB_LOG;
-	callbacks[0].proc = gensec_sasl_log;
-	callbacks[0].context = NULL;
-
-	callbacks[1].id = SASL_CB_LIST_END;
-	callbacks[1].proc = gensec_sasl_log;
-	callbacks[1].context = NULL;
-
+	static const sasl_callback_t callbacks[] = {
+		{ 
+			.id = SASL_CB_LOG,
+			.proc = gensec_sasl_log,
+			.context = NULL,
+		},
+		{
+			.id = SASL_CB_LIST_END,
+			.proc = gensec_sasl_log,
+			.context = NULL,
+		}
+	};
 	sasl_ret = sasl_client_init(callbacks);
 	
 	if (sasl_ret == SASL_NOMECH) {

More information about the samba-cvs mailing list