[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Fri Apr 7 18:43:02 UTC 2017 

The branch, master has been updated
       via  94e2aa7 WHATSNEW: Deprecate "auth methods" and "map untrusted to domain"
       via  e999b79 s3:ntlm_auth: fix memory leak in manage_gensec_request()
      from  0641653 python: Add a simple pam_winbind test

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 94e2aa7f7745f944b1d842d08f6ae6c600fb22e0
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Apr 7 11:21:20 2017 +0200

    WHATSNEW: Deprecate "auth methods" and "map untrusted to domain"
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Fri Apr  7 20:42:39 CEST 2017 on sn-devel-144

commit e999b798c6484de3cddad988406f97fc4cc7af79
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Apr 4 11:52:56 2017 +0200

    s3:ntlm_auth: fix memory leak in manage_gensec_request()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12736
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt              |  4 +++-
 source3/utils/ntlm_auth.c | 15 +++++++++------
 2 files changed, 12 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4216c4f..c276ce2 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -45,8 +45,10 @@ smb.conf changes
 
   Parameter Name                Description             Default
   --------------                -----------             -------
-  strict sync			Default changed		yes
   auth event notification       New parameter           no
+  auth methods                  Deprecated
+  map untrusted to domain       Deprecated
+  strict sync                   Default changed         yes
 
 KNOWN ISSUES
 ============
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 6a7a269..5a10e27 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1306,6 +1306,8 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 
 	TALLOC_CTX *mem_ctx;
 
+	mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx");
+
 	if (*private1) {
 		state = (struct gensec_ntlm_state *)*private1;
 	} else {
@@ -1323,6 +1325,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 	if (strlen(buf) < 2) {
 		DEBUG(1, ("query [%s] invalid", buf));
 		printf("BH Query invalid\n");
+		talloc_free(mem_ctx);
 		return;
 	}
 
@@ -1332,9 +1335,10 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 			talloc_free(want_feature_list);
 			want_feature_list = talloc_strndup(state, buf+3, strlen(buf)-3);
 			printf("OK\n");
+			talloc_free(mem_ctx);
 			return;
 		}
-		in = base64_decode_data_blob(buf + 3);
+		in = base64_decode_data_blob_talloc(mem_ctx, buf + 3);
 	} else {
 		in = data_blob(NULL, 0);
 	}
@@ -1347,7 +1351,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 	} else if ( (strncmp(buf, "OK", 2) == 0)) {
 		/* Just return BH, like ntlm_auth from Samba 3 does. */
 		printf("BH Command expected\n");
-		data_blob_free(&in);
+		talloc_free(mem_ctx);
 		return;
 	} else if ( (strncmp(buf, "TT ", 3) != 0) &&
 		    (strncmp(buf, "KK ", 3) != 0) &&
@@ -1359,12 +1363,10 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 		    (strncmp(buf, "GF", 2) != 0)) {
 		DEBUG(1, ("SPNEGO request [%s] invalid prefix\n", buf));
 		printf("BH SPNEGO request invalid prefix\n");
-		data_blob_free(&in);
+		talloc_free(mem_ctx);
 		return;
 	}
 
-	mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx");
-
 	/* setup gensec */
 	if (!(state->gensec_state)) {
 		switch (stdio_helper_mode) {
@@ -1499,7 +1501,6 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 					     state->set_password,
 					     CRED_SPECIFIED);
 		printf("OK\n");
-		data_blob_free(&in);
 		talloc_free(mem_ctx);
 		return;
 	}
@@ -1531,10 +1532,12 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 		neg_flags = gensec_ntlmssp_neg_flags(state->gensec_state);
 		if (neg_flags == 0) {
 			printf("BH\n");
+			talloc_free(mem_ctx);
 			return;
 		}
 
 		printf("GF 0x%08x\n", neg_flags);
+		talloc_free(mem_ctx);
 		return;
 	}
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list