git.samba.org / abartlet / samba.git / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a7b8b75)
s4:s3compat Fix talloc tree returned from ads_verify_ticket replacement
authorAndrew Bartlett <abartlet@samba.org>
Thu, 3 Jun 2010 11:20:28 +0000 (21:20 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 3 Jun 2010 12:34:24 +0000 (22:34 +1000)
This ensures that we don't keep gensec around, but we do return the
outputs on valid talloc contexts.

Andrew Bartlett

source4/s3compat/s3compat_authenticate.c patch | blob | history

diff --git a/source4/s3compat/s3compat_authenticate.c b/source4/s3compat/s3compat_authenticate.c
index e3d27e344a6154cd5c80c425434839443d2b034d..3494cd96d1eb2f4a2523085cd5d30265ab009d21 100644 (file)
--- a/source4/s3compat/s3compat_authenticate.c
+++ b/source4/s3compat/s3compat_authenticate.c
@@ -81,6 +81,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
         struct gensec_security *gensec_server_context;
         struct netr_SamInfo3 *info3;
        struct loadparm_context *lp_ctx = s3compat_get_lp_ctx();
+       DATA_BLOB tmp_session_key;
         NTSTATUS nt_status;
 
         TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
@@ -126,7 +127,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
        }
 
        /* Now return the session key and PAC information to the callers */
-       nt_status = gensec_session_key(gensec_server_context, session_key);
+       nt_status = gensec_session_key(gensec_server_context, &tmp_session_key);
        NT_STATUS_NOT_OK_RETURN_AND_FREE(nt_status, tmp_ctx);
 
        nt_status = gensec_session_info(gensec_server_context, &session_info);
@@ -139,14 +140,21 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
                                                      &info3);
        NT_STATUS_NOT_OK_RETURN_AND_FREE(nt_status, tmp_ctx);
 
-       *principal = talloc_asprintf(mem_ctx, "%s@%s", info3->base.account_name.string, info3->base.domain.string);
+       talloc_steal(*logon_info, session_info);
+
+       *principal = talloc_asprintf(tmp_ctx, "%s@%s", info3->base.account_name.string, info3->base.domain.string);
        NT_STATUS_HAVE_NO_MEMORY_AND_FREE(*principal, tmp_ctx);
 
        /* I know this structure assignment sucks, but at least the talloc tree is reasonable, as logon_info is used as the talloc context */
        (*logon_info)->info3 = *info3;
 
-       talloc_steal(mem_ctx, tmp_ctx);
-
+       *session_key = data_blob_talloc(mem_ctx, tmp_session_key.data, tmp_session_key.length);
+       NT_STATUS_HAVE_NO_MEMORY_AND_FREE(session_key->data, tmp_ctx);
+       
+       talloc_steal(mem_ctx, *logon_info);
+       talloc_steal(mem_ctx, *principal);
+       talloc_steal(mem_ctx, ap_rep->data);
+       talloc_free(tmp_ctx);
        return NT_STATUS_OK;
 }
 
Unnamed repository; edit this file to name it for gitweb.