[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Sep 9 02:21:03 UTC 2016
The branch, master has been updated
via 4a8b588 gensec_krb5: Do not leak memory of target_principal
via 1cbdfe9 Revert "krb5_wrap: Add MIT implmentation of smb_krb5_keyblock_init_contents()"
via 016f499 dsdb: Do not use free'd memory.
via dce3f1f util: Fix the documentation of push_utf8_talloc()
from 0ab3263 dbcheck: assert uSNChanged values in release-4-5-0-pre1
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4a8b588dc081ff8931eb405076cd237ab4728ac0
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 6 12:09:47 2016 +0200
gensec_krb5: Do not leak memory of target_principal
CID 1372504
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Sep 9 04:20:04 CEST 2016 on sn-devel-144
commit 1cbdfe91fe0d835ddfcaa7fd4bd0311209c8c25c
Author: Andreas Schneider <asn at samba.org>
Date: Fri Sep 2 10:53:41 2016 +0200
Revert "krb5_wrap: Add MIT implmentation of smb_krb5_keyblock_init_contents()"
This reverts commit c0e861666911d84f2d78cdab370077d9ac192005.
The krb5_init_keyblock function from MIT allocates the key but we
operate only on the contents.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 016f49997cddb7d0dcd8ea4a1ae721a105f6f62b
Author: Andreas Schneider <asn at samba.org>
Date: Tue Sep 6 11:08:04 2016 +0200
dsdb: Do not use free'd memory.
The msg has already been free'd at this point so we need to print the
user_dn which gets assigned to msg->dn.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit dce3f1fc60bde8b54180b45abdcfaaa9beb8e416
Author: Andreas Schneider <asn at samba.org>
Date: Wed Sep 7 15:15:00 2016 +0200
util: Fix the documentation of push_utf8_talloc()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/krb5_wrap/krb5_samba.c | 16 ----------------
lib/util/charset/pull_push.c | 25 +++++++++++++++++--------
source4/auth/gensec/gensec_krb5.c | 7 ++++---
source4/dsdb/common/util.c | 2 +-
4 files changed, 22 insertions(+), 28 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 841e3f8..dcd6185 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -1638,22 +1638,6 @@ krb5_error_code smb_krb5_keyblock_init_contents(krb5_context context,
{
#if defined(HAVE_KRB5_KEYBLOCK_INIT)
return krb5_keyblock_init(context, enctype, data, length, key);
-#elif defined(HAVE_KRB5_INIT_KEYBLOCK)
- krb5_error_code code;
-
- code = krb5_init_keyblock(context,
- enctype,
- length,
- key);
- if (code != 0) {
- return code;
- }
-
- if (length != 0) {
- memcpy(KRB5_KEY_DATA(key), data, length);
- }
-
- return 0;
#else
memset(key, 0, sizeof(krb5_keyblock));
KRB5_KEY_DATA(key) = SMB_MALLOC(length);
diff --git a/lib/util/charset/pull_push.c b/lib/util/charset/pull_push.c
index b7a5bcd..cf25efa 100644
--- a/lib/util/charset/pull_push.c
+++ b/lib/util/charset/pull_push.c
@@ -46,16 +46,25 @@ bool push_ucs2_talloc(TALLOC_CTX *ctx, smb_ucs2_t **dest, const char *src,
}
/**
- * Copy a string from a unix char* src to a UTF-8 destination, allocating a buffer using talloc
+ * @brief Create a UTF-8 string from a unix charset string.
*
- * @param dest always set at least to NULL
- * @parm converted_size set to the number of bytes occupied by the string in
- * the destination on success.
+ * The resulting UTF-8 string is talloc'ed.
*
- * @return true if new buffer was correctly allocated, and string was
- * converted.
- **/
-
+ * @param[in] ctx The talloc memory context.
+ *
+ * @param[in] dest A pointer to store the pointer to the talloc'ed UTF-8
+ * string.
+ *
+ * @param[in] src The unix charset string to convert.
+ *
+ * @param[in] converted_size A pointer to store the length of the talloc'ed
+ * UTF-8 string including the nul-termination bytes.
+ *
+ * The destination string should be free'd using talloc_free() if no longer
+ * needed.
+ *
+ * @return True on succcess, false otherwise.
+ */
bool push_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
size_t *converted_size)
{
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 404ffaf..1dcbb91 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -339,12 +339,16 @@ static NTSTATUS gensec_krb5_common_client_creds(struct gensec_security *gensec_s
ccache_container->ccache,
&this_cred.client);
if (ret != 0) {
+ krb5_free_principal(gensec_krb5_state->smb_krb5_context->krb5_context,
+ target_principal);
return NT_STATUS_UNSUCCESSFUL;
}
ret = krb5_copy_principal(gensec_krb5_state->smb_krb5_context->krb5_context,
target_principal,
&this_cred.server);
+ krb5_free_principal(gensec_krb5_state->smb_krb5_context->krb5_context,
+ target_principal);
if (ret != 0) {
krb5_free_cred_contents(gensec_krb5_state->smb_krb5_context->krb5_context,
&this_cred);
@@ -369,9 +373,6 @@ static NTSTATUS gensec_krb5_common_client_creds(struct gensec_security *gensec_s
in_data_p,
cred,
&gensec_krb5_state->enc_ticket);
-
- krb5_free_principal(gensec_krb5_state->smb_krb5_context->krb5_context,
- target_principal);
}
} else {
ret = krb5_mk_req(gensec_krb5_state->smb_krb5_context->krb5_context,
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 448b20a..d1777b3 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2339,7 +2339,7 @@ static NTSTATUS samdb_set_password_internal(struct ldb_context *ldb, TALLOC_CTX
status = NT_STATUS_ACCESS_DENIED;
} else if (ret != LDB_SUCCESS) {
DEBUG(1, ("Failed to set password on %s: %s\n",
- ldb_dn_get_linearized(msg->dn),
+ ldb_dn_get_linearized(user_dn),
ldb_errstring(ldb)));
status = NT_STATUS_UNSUCCESSFUL;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list