From 6dd6ccbdc9451678180e0346780b0a5bf9cda229 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 7 Jul 2009 13:27:47 +1000
Subject: [PATCH] s4:auth It is easier to copy the session key than get talloc
 right.

The session keys as supplied already have a reference on them, so
stealing them creates challenges.  For 16 bytes, it is just easier to
be consistant and copy them.

Andrew Bartlett
---
 source4/auth/ntlmssp/ntlmssp_server.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 28169d9ff4e..8cb2b1f4606 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -457,8 +457,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 		}
 
 	} else if (user_session_key && user_session_key->data) {
-		session_key = *user_session_key;
-		talloc_steal(gensec_ntlmssp_state, session_key.data);
+		session_key = data_blob_talloc(gensec_ntlmssp_state, user_session_key->data, user_session_key->length);
 		DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n"));
 		dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
 
@@ -467,8 +466,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 
 	} else if (lm_session_key && lm_session_key->data) {
 		/* Very weird to have LM key, but no user session key, but anyway.. */
-		session_key = *lm_session_key;
-		talloc_steal(gensec_ntlmssp_state, session_key.data);
+		session_key = data_blob_talloc(gensec_ntlmssp_state, lm_session_key->data, lm_session_key->length);
 		DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n"));
 		dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
 
@@ -508,6 +506,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 								      gensec_ntlmssp_state->encrypted_session_key.length);
 			dump_data_pw("KEY_EXCH session key:\n", gensec_ntlmssp_state->encrypted_session_key.data, 
 				     gensec_ntlmssp_state->encrypted_session_key.length);
+			talloc_free(session_key.data);
 		}
 	} else {
 		gensec_ntlmssp_state->session_key = session_key;
-- 
2.34.1