[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Tue Jun 8 03:38:23 MDT 2010 

The branch, master has been updated
       via  7a7f28d... Revert "s3:smbd Fix segfault if register_existing_vuid() fails"
       via  3e50215... Revert "s3:smbd Give the kerberos session key a parent"
       via  34b29b1... Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"
      from  984fec2... s3-waf: fix the the waf build.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 7a7f28d96dd80d3ce175b0caee0c2169de7b810b
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Jun 8 10:26:43 2010 +0200

    Revert "s3:smbd Fix segfault if register_existing_vuid() fails"
    
    This reverts commit 8f1cec5faf4e26de8b9797777059e99f2a66558b.

commit 3e502159c751d85c09df4e74a63c95738fad2d7d
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Jun 8 10:26:35 2010 +0200

    Revert "s3:smbd Give the kerberos session key a parent"
    
    This reverts commit 4a7f45b7e1cef13bc28d7ee50dd4b5519bdec397.

commit 34b29b11986095531488cd0139ecec6dd22e55d3
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Jun 8 10:26:08 2010 +0200

    Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"
    
    This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80.
    
    Conflicts:
    
    	source3/auth/auth_ntlmssp.c

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_ntlmssp.c   |   10 ++++------
 source3/include/proto.h       |    5 ++---
 source3/rpc_server/srv_pipe.c |    7 +++----
 source3/smbd/sesssetup.c      |   20 +++++---------------
 source3/smbd/smb2_sesssetup.c |    7 +++----
 5 files changed, 17 insertions(+), 32 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 7184fa6..df4666a 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -84,9 +84,8 @@ void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
 
 }
 
-NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-				  struct auth_ntlmssp_state *auth_ntlmssp_state,
-				  struct auth_serversupplied_info **_server_info)
+struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+							  struct auth_ntlmssp_state *auth_ntlmssp_state)
 {
 	struct auth_serversupplied_info *server_info = auth_ntlmssp_state->server_info;
 	data_blob_free(&server_info->user_session_key);
@@ -96,11 +95,10 @@ NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
 			auth_ntlmssp_state->ntlmssp_state->session_key.data,
 			auth_ntlmssp_state->ntlmssp_state->session_key.length);
 	if (auth_ntlmssp_state->ntlmssp_state->session_key.length && !server_info->user_session_key.data) {
-		return NT_STATUS_NO_MEMORY;
+		return NULL;
 	}
 	auth_ntlmssp_state->server_info = NULL;
-	*_server_info = talloc_steal(mem_ctx, server_info);
-	return NT_STATUS_OK;
+	return talloc_steal(mem_ctx, server_info);
 }
 
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2f68f0e..f0538ee 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -54,9 +54,8 @@ NTSTATUS auth_netlogond_init(void);
 
 /* The following definitions come from auth/auth_ntlmssp.c  */
 
-NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
-				  struct auth_ntlmssp_state *auth_ntlmssp_state,
-				  struct auth_serversupplied_info **_server_info);
+struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+							  struct auth_ntlmssp_state *auth_ntlmssp_state);
 struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
 const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 4678aeb..d1f9823 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -713,10 +713,9 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 
 	TALLOC_FREE(p->server_info);
 
-	status = auth_ntlmssp_server_info(p, a, &p->server_info);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user: %s\n",
-			  nt_errstr(status)));
+	p->server_info = auth_ntlmssp_server_info(p, a);
+	if (p->server_info == NULL) {
+		DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user\n"));
 		return false;
 	}
 
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 28e5aea..dba6dab 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -561,8 +561,6 @@ static void reply_spnego_kerberos(struct smb_request *req,
 
 	data_blob_free(&server_info->user_session_key);
 	server_info->user_session_key = session_key;
-	talloc_steal(server_info, session_key.data);
-
 	session_key = data_blob_null;
 
 	/* register_existing_vuid keeps the server info */
@@ -631,13 +629,12 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 				 const char *OID,
 				 bool wrap)
 {
-	bool do_invalidate = true;
 	DATA_BLOB response;
 	struct auth_serversupplied_info *server_info = NULL;
 	struct smbd_server_connection *sconn = smbd_server_conn;
 
 	if (NT_STATUS_IS_OK(nt_status)) {
-		nt_status = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state), &server_info);
+		server_info = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state));
 	} else {
 		/* Note that this server_info won't have a session
 		 * key.  But for map to guest, that's exactly the right
@@ -666,11 +663,6 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 					   server_info, nullblob,
 					   auth_ntlmssp_get_username(*auth_ntlmssp_state)) !=
 					   vuid) {
-			/* The problem is, *auth_ntlmssp_state points
-			 * into the vuser this will have
-			 * talloc_free()'ed in
-			 * register_existing_vuid() */
-			do_invalidate = false;
 			nt_status = NT_STATUS_LOGON_FAILURE;
 			goto out;
 		}
@@ -704,12 +696,10 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 
 	if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
 		/* NB. This is *NOT* an error case. JRA */
-		if (do_invalidate) {
-			auth_ntlmssp_end(auth_ntlmssp_state);
-			if (!NT_STATUS_IS_OK(nt_status)) {
-				/* Kill the intermediate vuid */
-				invalidate_vuid(sconn, vuid);
-			}
+		auth_ntlmssp_end(auth_ntlmssp_state);
+		if (!NT_STATUS_IS_OK(nt_status)) {
+			/* Kill the intermediate vuid */
+			invalidate_vuid(sconn, vuid);
 		}
 	}
 }
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 963dbe1..af91571 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -614,12 +614,11 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
 					uint64_t *out_session_id)
 {
 	fstring tmp;
-	NTSTATUS status = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state,
-						   &session->server_info);
-	if (!NT_STATUS_IS_OK(status)) {
+	session->server_info = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state);
+	if (!session->server_info) {
 		auth_ntlmssp_end(&session->auth_ntlmssp_state);
 		TALLOC_FREE(session);
-		return status;
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||


-- 
Samba Shared Repository

More information about the samba-cvs mailing list