summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-03-18 16:23:27 +1100
committerGünther Deschner <gd@samba.org>2009-04-07 13:25:36 +0200
commit574a6a8c350a4bab3f42f3f9cfb382db721d69b5 (patch)
treee86d24ac19e673a7d8b53dbd529d3f9e2a75a28a /source3/libads
parentfca02c9154796624958a877d2c92cabd65e9d0e4 (diff)
downloadsamba-574a6a8c350a4bab3f42f3f9cfb382db721d69b5.tar.gz
samba-574a6a8c350a4bab3f42f3f9cfb382db721d69b5.tar.bz2
samba-574a6a8c350a4bab3f42f3f9cfb382db721d69b5.zip
s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3/libads')
-rw-r--r--source3/libads/authdata.c2
-rw-r--r--source3/libads/kerberos.c8
-rw-r--r--source3/libads/kerberos_keytab.c27
-rw-r--r--source3/libads/kerberos_verify.c6
4 files changed, 22 insertions, 21 deletions
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 9f0f68ed7b..0032e9e4f6 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -469,7 +469,7 @@ out:
data_blob_free(&sesskey1);
data_blob_free(&sesskey2);
- SAFE_FREE(client_princ_out);
+ TALLOC_FREE(client_princ_out);
return status;
}
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 52cb975a6c..c476f59ff5 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -545,7 +545,7 @@ krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
/* look under the old key. If this fails, just use the standard key */
- if (smb_krb5_unparse_name(context, host_princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, host_princ, &unparsed_name) != 0) {
return (krb5_principal)NULL;
}
if ((salt_princ_s = kerberos_secrets_fetch_salting_principal(unparsed_name, enctype)) == NULL) {
@@ -558,7 +558,7 @@ krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
ret_princ = NULL;
}
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
SAFE_FREE(salt_princ_s);
return ret_princ;
@@ -603,7 +603,7 @@ bool kerberos_secrets_store_salting_principal(const char *service,
goto out;
}
- if (smb_krb5_unparse_name(context, princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, princ, &unparsed_name) != 0) {
goto out;
}
@@ -623,7 +623,7 @@ bool kerberos_secrets_store_salting_principal(const char *service,
SAFE_FREE(key);
SAFE_FREE(princ_s);
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
if (princ) {
krb5_free_principal(context, princ);
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 7c028cb78f..4fede259ab 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -64,7 +64,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
while(!krb5_kt_next_entry(context, keytab, &kt_entry, &cursor)) {
bool compare_name_ok = False;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_kt_add_entry_ext: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
@@ -91,7 +91,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
ktprinc, kt_entry.vno));
}
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
if (compare_name_ok) {
if (kt_entry.vno == kvno - 1) {
@@ -549,13 +549,12 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
}
}
- TALLOC_FREE( ctx );
-
/* Now loop through the keytab and update any other existing entries... */
kvno = (krb5_kvno) ads_get_machine_kvno(ads, machine_name);
if (kvno == -1) {
DEBUG(1,("ads_keytab_create_default: ads_get_machine_kvno failed to determine the system's kvno.\n"));
+ TALLOC_FREE(ctx);
return -1;
}
@@ -569,6 +568,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
ret = krb5_init_context(&context);
if (ret) {
DEBUG(1,("ads_keytab_create_default: could not krb5_init_context: %s\n",error_message(ret)));
+ TALLOC_FREE(ctx);
return ret;
}
@@ -599,7 +599,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
if (!found) {
goto done;
}
- oldEntries = SMB_MALLOC_ARRAY(char *, found );
+ oldEntries = talloc_array(ctx, char *, found );
if (!oldEntries) {
DEBUG(1,("ads_keytab_create_default: Failed to allocate space to store the old keytab entries (malloc failed?).\n"));
ret = -1;
@@ -615,7 +615,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
char *p;
/* This returns a malloc'ed string in ktprinc. */
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(oldEntries, context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_unparse_name failed (%s)\n", error_message(ret)));
goto done;
@@ -640,12 +640,12 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
break;
}
if (!strcmp(oldEntries[i], ktprinc)) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
break;
}
}
if (i == found) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
}
}
smb_krb5_kt_free_entry(context, &kt_entry);
@@ -654,7 +654,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
ret = 0;
for (i = 0; oldEntries[i]; i++) {
ret |= ads_keytab_add_entry(ads, oldEntries[i]);
- SAFE_FREE(oldEntries[i]);
+ TALLOC_FREE(oldEntries[i]);
}
krb5_kt_end_seq_get(context, keytab, &cursor);
}
@@ -662,7 +662,8 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
done:
- SAFE_FREE(oldEntries);
+ TALLOC_FREE(oldEntries);
+ TALLOC_FREE(ctx);
{
krb5_keytab_entry zero_kt_entry;
@@ -728,7 +729,7 @@ int ads_keytab_list(const char *keytab_name)
char *etype_s = NULL;
krb5_enctype enctype = 0;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &princ_s);
if (ret) {
goto out;
}
@@ -739,14 +740,14 @@ int ads_keytab_list(const char *keytab_name)
if (ret) {
if (asprintf(&etype_s, "UNKNOWN: %d\n", enctype) == -1)
{
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
goto out;
}
}
printf("%3d %s\t\t %s\n", kt_entry.vno, etype_s, princ_s);
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
SAFE_FREE(etype_s);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index b903b2a6eb..8502902963 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -192,7 +192,7 @@ static bool ads_keytab_verify_ticket(krb5_context context,
}
while (!auth_ok && (krb5_kt_next_entry(context, keytab, &kt_entry, &kt_cursor) == 0)) {
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &entry_princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &entry_princ_s);
if (ret) {
DEBUG(1, ("ads_keytab_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
@@ -242,7 +242,7 @@ static bool ads_keytab_verify_ticket(krb5_context context,
}
/* Free the name we parsed. */
- SAFE_FREE(entry_princ_s);
+ TALLOC_FREE(entry_princ_s);
/* Free the entry we just read. */
smb_krb5_kt_free_entry(context, &kt_entry);
@@ -636,7 +636,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
#endif
#endif
- if ((ret = smb_krb5_unparse_name(context, client_principal, principal))) {
+ if ((ret = smb_krb5_unparse_name(mem_ctx, context, client_principal, principal))) {
DEBUG(3,("ads_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
sret = NT_STATUS_LOGON_FAILURE;