gensec: Remove mem_ctx from calls that do not return memory

Signed-off-by: Andrew Tridgell <tridge@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2011-07-21 19:10:15 +1000
committer: Andrew Bartlett <abartlet@samba.org> 2011-08-03 18:48:01 +1000
commit: d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3 (patch)
tree: d4391a7ab803747f8c17ac50cc4c98e342e438c6 /source4/auth/gensec
parent: 16b2118b4369f8204d86d5ad2eb117837da26789 (diff)
download: samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.tar.gz
samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.tar.bz2
samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.zip
3 files changed, 11 insertions, 16 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 6ecd29bf34..4dd809856c 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1038,7 +1038,6 @@ static NTSTATUS gensec_gssapi_seal_packet(struct gensec_security *gensec_securit
 }
 
 static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_security, 
-					    TALLOC_CTX *mem_ctx, 
 					    uint8_t *data, size_t length, 
 					    const uint8_t *whole_pdu, size_t pdu_length,
 					    const DATA_BLOB *sig)
@@ -1053,7 +1052,7 @@ static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_secur
 
 	dump_data_pw("gensec_gssapi_unseal_packet: sig\n", sig->data, sig->length);
 
-	in = data_blob_talloc(mem_ctx, NULL, sig->length + length);
+	in = data_blob_talloc(gensec_security, NULL, sig->length + length);
 
 	memcpy(in.data, sig->data, sig->length);
 	memcpy(in.data + sig->length, data, length);
@@ -1067,9 +1066,12 @@ static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_secur
 			      &output_token, 
 			      &conf_state,
 			      &qop_state);
+	talloc_free(in.data);
 	if (GSS_ERROR(maj_stat)) {
+		char *error_string = gssapi_error_string(NULL, maj_stat, min_stat, gensec_gssapi_state->gss_oid);
 		DEBUG(1, ("gensec_gssapi_unseal_packet: GSS UnWrap failed: %s\n", 
-			  gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
+			  error_string));
+		talloc_free(error_string);
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
@@ -1128,7 +1130,6 @@ static NTSTATUS gensec_gssapi_sign_packet(struct gensec_security *gensec_securit
 }
 
 static NTSTATUS gensec_gssapi_check_packet(struct gensec_security *gensec_security, 
-					   TALLOC_CTX *mem_ctx, 
 					   const uint8_t *data, size_t length, 
 					   const uint8_t *whole_pdu, size_t pdu_length, 
 					   const DATA_BLOB *sig)
@@ -1159,8 +1160,10 @@ static NTSTATUS gensec_gssapi_check_packet(struct gensec_security *gensec_securi
 			      &input_token,
 			      &qop_state);
 	if (GSS_ERROR(maj_stat)) {
-		DEBUG(1, ("GSS VerifyMic failed: %s\n",
-			  gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
+		char *error_string = gssapi_error_string(NULL, maj_stat, min_stat, gensec_gssapi_state->gss_oid);
+		DEBUG(1, ("GSS VerifyMic failed: %s\n", error_string));
+		talloc_free(error_string);
+
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 2e3f0219e9..8f9aa921a9 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -290,7 +290,6 @@ static bool schannel_have_feature(struct gensec_security *gensec_security,
   unseal a packet
 */
 static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
-				       TALLOC_CTX *mem_ctx,
 				       uint8_t *data, size_t length,
 				       const uint8_t *whole_pdu, size_t pdu_length,
 				       const DATA_BLOB *sig)
@@ -299,7 +298,7 @@ static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
 		talloc_get_type(gensec_security->private_data,
 				struct schannel_state);
 
-	return netsec_incoming_packet(state, mem_ctx, true,
+	return netsec_incoming_packet(state, true,
 				      discard_const_p(uint8_t, data),
 				      length, sig);
 }
@@ -308,7 +307,6 @@ static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
   check the signature on a packet
 */
 static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
-				      TALLOC_CTX *mem_ctx,
 				      const uint8_t *data, size_t length,
 				      const uint8_t *whole_pdu, size_t pdu_length,
 				      const DATA_BLOB *sig)
@@ -317,7 +315,7 @@ static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
 		talloc_get_type(gensec_security->private_data,
 				struct schannel_state);
 
-	return netsec_incoming_packet(state, mem_ctx, false,
+	return netsec_incoming_packet(state, false,
 				      discard_const_p(uint8_t, data),
 				      length, sig);
 }
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 3611d31a23..c48e87e8b5 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -96,7 +96,6 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi
   wrappers for the spnego_*() functions
 */
 static NTSTATUS gensec_spnego_unseal_packet(struct gensec_security *gensec_security, 
-					    TALLOC_CTX *mem_ctx, 
 					    uint8_t *data, size_t length, 
 					    const uint8_t *whole_pdu, size_t pdu_length, 
 					    const DATA_BLOB *sig)
@@ -109,14 +108,12 @@ static NTSTATUS gensec_spnego_unseal_packet(struct gensec_security *gensec_secur
 	}
 	
 	return gensec_unseal_packet(spnego_state->sub_sec_security, 
-				    mem_ctx, 
 				    data, length, 
 				    whole_pdu, pdu_length,
 				    sig); 
 }
 
 static NTSTATUS gensec_spnego_check_packet(struct gensec_security *gensec_security, 
-					   TALLOC_CTX *mem_ctx, 
 					   const uint8_t *data, size_t length, 
 					   const uint8_t *whole_pdu, size_t pdu_length, 
 					   const DATA_BLOB *sig)
@@ -129,7 +126,6 @@ static NTSTATUS gensec_spnego_check_packet(struct gensec_security *gensec_securi
 	}
 	
 	return gensec_check_packet(spnego_state->sub_sec_security, 
-				   mem_ctx, 
 				   data, length, 
 				   whole_pdu, pdu_length,
 				   sig);
@@ -922,7 +918,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 		if (NT_STATUS_IS_OK(nt_status) && spnego.negTokenTarg.mechListMIC.length > 0) {
 			new_spnego = true;
 			nt_status = gensec_check_packet(spnego_state->sub_sec_security,
-							out_mem_ctx,
 							spnego_state->mech_types.data,
 							spnego_state->mech_types.length,
 							spnego_state->mech_types.data,
@@ -1029,7 +1024,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 			}
 			if (NT_STATUS_IS_OK(nt_status) && spnego.negTokenTarg.mechListMIC.length > 0) {
 				nt_status = gensec_check_packet(spnego_state->sub_sec_security,
-								out_mem_ctx,
 								spnego_state->mech_types.data,
 								spnego_state->mech_types.length,
 								spnego_state->mech_types.data,
author	Andrew Bartlett <abartlet@samba.org>	2011-07-21 19:10:15 +1000
committer	Andrew Bartlett <abartlet@samba.org>	2011-08-03 18:48:01 +1000
commit	d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3 (patch)
tree	d4391a7ab803747f8c17ac50cc4c98e342e438c6 /source4/auth/gensec
parent	16b2118b4369f8204d86d5ad2eb117837da26789 (diff)
download	samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.tar.gz samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.tar.bz2 samba-d3fe48ba48b25f359292ee96dbf5cecc0b0b16a3.zip