[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Tue Jun 8 03:38:23 MDT 2010
The branch, master has been updated
via 7a7f28d... Revert "s3:smbd Fix segfault if register_existing_vuid() fails"
via 3e50215... Revert "s3:smbd Give the kerberos session key a parent"
via 34b29b1... Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"
from 984fec2... s3-waf: fix the the waf build.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7a7f28d96dd80d3ce175b0caee0c2169de7b810b
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 8 10:26:43 2010 +0200
Revert "s3:smbd Fix segfault if register_existing_vuid() fails"
This reverts commit 8f1cec5faf4e26de8b9797777059e99f2a66558b.
commit 3e502159c751d85c09df4e74a63c95738fad2d7d
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 8 10:26:35 2010 +0200
Revert "s3:smbd Give the kerberos session key a parent"
This reverts commit 4a7f45b7e1cef13bc28d7ee50dd4b5519bdec397.
commit 34b29b11986095531488cd0139ecec6dd22e55d3
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 8 10:26:08 2010 +0200
Revert "s3:auth Change auth_ntlmssp_server_info API to return NTSTATUS"
This reverts commit edba46ce94c335411ab337eeb4ef6f88fb3aae80.
Conflicts:
source3/auth/auth_ntlmssp.c
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_ntlmssp.c | 10 ++++------
source3/include/proto.h | 5 ++---
source3/rpc_server/srv_pipe.c | 7 +++----
source3/smbd/sesssetup.c | 20 +++++---------------
source3/smbd/smb2_sesssetup.c | 7 +++----
5 files changed, 17 insertions(+), 32 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 7184fa6..df4666a 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -84,9 +84,8 @@ void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
}
-NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
- struct auth_ntlmssp_state *auth_ntlmssp_state,
- struct auth_serversupplied_info **_server_info)
+struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+ struct auth_ntlmssp_state *auth_ntlmssp_state)
{
struct auth_serversupplied_info *server_info = auth_ntlmssp_state->server_info;
data_blob_free(&server_info->user_session_key);
@@ -96,11 +95,10 @@ NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
auth_ntlmssp_state->ntlmssp_state->session_key.data,
auth_ntlmssp_state->ntlmssp_state->session_key.length);
if (auth_ntlmssp_state->ntlmssp_state->session_key.length && !server_info->user_session_key.data) {
- return NT_STATUS_NO_MEMORY;
+ return NULL;
}
auth_ntlmssp_state->server_info = NULL;
- *_server_info = talloc_steal(mem_ctx, server_info);
- return NT_STATUS_OK;
+ return talloc_steal(mem_ctx, server_info);
}
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2f68f0e..f0538ee 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -54,9 +54,8 @@ NTSTATUS auth_netlogond_init(void);
/* The following definitions come from auth/auth_ntlmssp.c */
-NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
- struct auth_ntlmssp_state *auth_ntlmssp_state,
- struct auth_serversupplied_info **_server_info);
+struct auth_serversupplied_info *auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
+ struct auth_ntlmssp_state *auth_ntlmssp_state);
struct ntlmssp_state *auth_ntlmssp_get_ntlmssp_state(struct auth_ntlmssp_state *auth_ntlmssp_state);
const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *auth_ntlmssp_state);
const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_state);
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 4678aeb..d1f9823 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -713,10 +713,9 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
TALLOC_FREE(p->server_info);
- status = auth_ntlmssp_server_info(p, a, &p->server_info);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user: %s\n",
- nt_errstr(status)));
+ p->server_info = auth_ntlmssp_server_info(p, a);
+ if (p->server_info == NULL) {
+ DEBUG(0, ("auth_ntlmssp_server_info failed to obtain the server info for authenticated user\n"));
return false;
}
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 28e5aea..dba6dab 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -561,8 +561,6 @@ static void reply_spnego_kerberos(struct smb_request *req,
data_blob_free(&server_info->user_session_key);
server_info->user_session_key = session_key;
- talloc_steal(server_info, session_key.data);
-
session_key = data_blob_null;
/* register_existing_vuid keeps the server info */
@@ -631,13 +629,12 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
const char *OID,
bool wrap)
{
- bool do_invalidate = true;
DATA_BLOB response;
struct auth_serversupplied_info *server_info = NULL;
struct smbd_server_connection *sconn = smbd_server_conn;
if (NT_STATUS_IS_OK(nt_status)) {
- nt_status = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state), &server_info);
+ server_info = auth_ntlmssp_server_info(talloc_tos(), (*auth_ntlmssp_state));
} else {
/* Note that this server_info won't have a session
* key. But for map to guest, that's exactly the right
@@ -666,11 +663,6 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
server_info, nullblob,
auth_ntlmssp_get_username(*auth_ntlmssp_state)) !=
vuid) {
- /* The problem is, *auth_ntlmssp_state points
- * into the vuser this will have
- * talloc_free()'ed in
- * register_existing_vuid() */
- do_invalidate = false;
nt_status = NT_STATUS_LOGON_FAILURE;
goto out;
}
@@ -704,12 +696,10 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
/* NB. This is *NOT* an error case. JRA */
- if (do_invalidate) {
- auth_ntlmssp_end(auth_ntlmssp_state);
- if (!NT_STATUS_IS_OK(nt_status)) {
- /* Kill the intermediate vuid */
- invalidate_vuid(sconn, vuid);
- }
+ auth_ntlmssp_end(auth_ntlmssp_state);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ /* Kill the intermediate vuid */
+ invalidate_vuid(sconn, vuid);
}
}
}
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 963dbe1..af91571 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -614,12 +614,11 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
uint64_t *out_session_id)
{
fstring tmp;
- NTSTATUS status = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state,
- &session->server_info);
- if (!NT_STATUS_IS_OK(status)) {
+ session->server_info = auth_ntlmssp_server_info(session, session->auth_ntlmssp_state);
+ if (!session->server_info) {
auth_ntlmssp_end(&session->auth_ntlmssp_state);
TALLOC_FREE(session);
- return status;
+ return NT_STATUS_NO_MEMORY;
}
if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
--
Samba Shared Repository
More information about the samba-cvs
mailing list