[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-28-130-geff92e2
Jeremy Allison
jra at samba.org
Fri Feb 15 01:44:11 GMT 2008
The branch, v3-0-test has been updated
via eff92e2ff0893eecbfc7c66ca4700429df5dc6bc (commit)
via 3f6c025526b2595081535c86b29a372bc6343c88 (commit)
via eb52363673c6c8e478477ee0a10a83d7c4e79d3d (commit)
from 05d5895a3bb0d8b001ed164c5720f10607dfbaca (commit)
http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-0-test
- Log -----------------------------------------------------------------
commit eff92e2ff0893eecbfc7c66ca4700429df5dc6bc
Author: Jeremy Allison <jra at samba.org>
Date: Thu Feb 14 17:43:34 2008 -0800
Ensure we call nt_status_squash() on returns. Smnall whitespace cleanup.
Jeremy.
commit 3f6c025526b2595081535c86b29a372bc6343c88
Author: Jeremy Allison <jra at samba.org>
Date: Thu Feb 14 17:42:03 2008 -0800
Ensure we call auth_ntlmssp_end in invalidate_vuid and invalidate_partical_vuid.
Jeremy.
commit eb52363673c6c8e478477ee0a10a83d7c4e79d3d
Author: Jeremy Allison <jra at samba.org>
Date: Thu Feb 14 17:41:06 2008 -0800
Allow a *NULL to be passed to auth_ntlmssp_end().
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/auth/auth_ntlmssp.c | 8 +++++++-
source/smbd/password.c | 12 ++++++++++--
source/smbd/sesssetup.c | 16 ++++++++--------
3 files changed, 25 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/auth/auth_ntlmssp.c b/source/auth/auth_ntlmssp.c
index 51b145a..a49b36a 100644
--- a/source/auth/auth_ntlmssp.c
+++ b/source/auth/auth_ntlmssp.c
@@ -187,7 +187,13 @@ NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
void auth_ntlmssp_end(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
{
- TALLOC_CTX *mem_ctx = (*auth_ntlmssp_state)->mem_ctx;
+ TALLOC_CTX *mem_ctx;
+
+ if (*auth_ntlmssp_state == NULL) {
+ return;
+ }
+
+ mem_ctx = (*auth_ntlmssp_state)->mem_ctx;
if ((*auth_ntlmssp_state)->ntlmssp_state) {
ntlmssp_end(&(*auth_ntlmssp_state)->ntlmssp_state);
diff --git a/source/smbd/password.c b/source/smbd/password.c
index 254d3cf..a617d3c 100644
--- a/source/smbd/password.c
+++ b/source/smbd/password.c
@@ -91,11 +91,15 @@ void invalidate_vuid(uint16 vuid)
if (vuser == NULL)
return;
-
+
SAFE_FREE(vuser->homedir);
SAFE_FREE(vuser->unix_homedir);
SAFE_FREE(vuser->logon_script);
-
+
+ if (vuser->auth_ntlmssp_state) {
+ auth_ntlmssp_end(&vuser->auth_ntlmssp_state);
+ }
+
session_yield(vuser);
SAFE_FREE(vuser->session_keystr);
@@ -123,6 +127,10 @@ void invalidate_intermediate_vuid(uint16 vuid)
if (vuser == NULL)
return;
+ if (vuser->auth_ntlmssp_state) {
+ auth_ntlmssp_end(&vuser->auth_ntlmssp_state);
+ }
+
DLIST_REMOVE(validated_users, vuser);
SAFE_FREE(vuser);
diff --git a/source/smbd/sesssetup.c b/source/smbd/sesssetup.c
index 4fe3ac3..378d8aa 100644
--- a/source/smbd/sesssetup.c
+++ b/source/smbd/sesssetup.c
@@ -716,7 +716,7 @@ static int reply_spnego_negotiate(connection_struct *conn,
"misconfiguration, client sent us a "
"krb5 ticket and kerberos security "
"not enabled"));
- return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+ return ERROR_NT(nt_status_squash(NT_STATUS_LOGON_FAILURE));
}
if (*auth_ntlmssp_state) {
@@ -766,7 +766,7 @@ static int reply_spnego_auth(connection_struct *conn, char *inbuf, char *outbuf,
/* Kill the intermediate vuid */
invalidate_intermediate_vuid(vuid);
- return ERROR_NT(nt_status_squash(NT_STATUS_INVALID_PARAMETER));
+ return ERROR_NT(nt_status_squash(NT_STATUS_LOGON_FAILURE));
}
if (auth.data[0] == ASN1_APPLICATION(0)) {
@@ -795,24 +795,24 @@ static int reply_spnego_auth(connection_struct *conn, char *inbuf, char *outbuf,
/* If we get here it wasn't a negTokenTarg auth packet. */
data_blob_free(&secblob);
-
+
if (!*auth_ntlmssp_state) {
/* Kill the intermediate vuid */
invalidate_intermediate_vuid(vuid);
/* auth before negotiatiate? */
- return ERROR_NT(nt_status_squash(NT_STATUS_INVALID_PARAMETER));
+ return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
-
- status = auth_ntlmssp_update(*auth_ntlmssp_state,
+
+ status = auth_ntlmssp_update(*auth_ntlmssp_state,
auth, &auth_reply);
data_blob_free(&auth);
- reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid,
+ reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid,
auth_ntlmssp_state,
&auth_reply, status, True);
-
+
data_blob_free(&auth_reply);
/* and tell smbd that we have already replied to this packet */
--
Samba Shared Repository
More information about the samba-cvs
mailing list