s3:auth Free sampass as soon as we have server_info

We don't keep sampass in server_info anymore
So it makes no sense to keep it around.

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index d64cb537c777cee1c3cdd61c61dafae563c95301..854ab89f282cce7a0818745b4d70e758b83d50b3 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -733,6 +733,8 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
                return status;
        }
 
+       TALLOC_FREE(sampass);
+
        (*server_info)->guest = True;
 
        status = create_local_token(*server_info);
@@ -747,7 +749,8 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
        (*server_info)->user_session_key = data_blob(zeros, sizeof(zeros));
        (*server_info)->lm_session_key = data_blob(zeros, sizeof(zeros));
 
-       alpha_strcpy(tmp, pdb_get_username(sampass), ". _-$", sizeof(tmp));
+       alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string,
+                    ". _-$", sizeof(tmp));
        (*server_info)->sanitized_username = talloc_strdup(*server_info, tmp);
 
        return NT_STATUS_OK;

diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index db2bde7bbc4be14f46c315be22f3a9a89df2122f..ef29df4d56130266a751301dd91546478220c903 100644 (file)
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -484,11 +484,8 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
        become_root();
        nt_status = make_server_info_sam(server_info, sampass);
        unbecome_root();
-       /*
-        * sampass has been stolen to server_info.
-        * So NULL it out to prevent segfaults.
-        */
-       sampass = NULL;
+
+       TALLOC_FREE(sampass);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(0,("check_sam_security: make_server_info_sam() failed with '%s'\n", nt_errstr(nt_status)));

diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
index 4dd3156fe58774b466ca7afbe688dadbdff6c3db..76f32159af89f6ea40aa20339a517f2d1cef3a12 100644 (file)
--- a/source3/auth/server_info_sam.c
+++ b/source3/auth/server_info_sam.c
@@ -149,8 +149,6 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
                 pdb_get_username(sampass), result->unix_name));
 
        *server_info = result;
-       /* Ensure that the sampass will be freed with the result */
-       talloc_steal(result, sampass);
 
        return NT_STATUS_OK;
 }

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a561e3a5938df52fe2a985916d29762c2f3a97cd..9d0c68512c9ba9cac9b8f9f696dc1d6c430ada00 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -504,6 +504,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
                        DEBUG(10, ("found user %s in passdb, calling "
                                   "make_server_info_sam\n", real_username));
                        ret = make_server_info_sam(&server_info, sampass);
+                       TALLOC_FREE(sampass);
                } else {
                        /*
                         * User not in passdb, make it up artificially

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 7ac003fad6e17dd98dad063dc0109e56e7541030..d8972156a196f353441798e3b868fcaf34de1c15 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -345,6 +345,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
                        DEBUG(10, ("smb2: found user %s in passdb, calling "
                                "make_server_info_sam\n", real_username));
                        status = make_server_info_sam(&tmp_server_info, sampass);
+                       TALLOC_FREE(sampass);
                } else {
                        /*
                         * User not in passdb, make it up artificially