diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-12-24 09:54:23 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:07:37 -0500 |
| commit | 44113c4de1ae06a78a940782dc762b6576310d0d (patch) | |
| tree | 7d6e30dc5a56b11edcd2def2304aa78071b1405e /source4/libcli/auth/gensec_ntlmssp.c | |
| parent | bebe512a57c6aabe6cd539750834297a17b5c4f5 (diff) | |
| download | samba-44113c4de1ae06a78a940782dc762b6576310d0d.tar.gz samba-44113c4de1ae06a78a940782dc762b6576310d0d.tar.bz2 samba-44113c4de1ae06a78a940782dc762b6576310d0d.zip | |
r4355: More work from the elves on Christmas eve:
- Update Samba4's kerberos code to match the 'salting' changes in
Samba3 (and many other cleanups by jra).
- Move GENSEC into the modern era of talloc destructors. This avoids
many of the memory leaks in this code, as we now can't somehow
'forget' to call the end routine.
- This required fixing some of the talloc hierarchies.
- The new krb5 seems more sensitive to getting the service name
right, so start actually setting the service name on the krb5 context.
Andrew Bartlett
(This used to be commit 278bf1a61a6da6ef955a12c13d7b1a0357cebf1f)
Diffstat (limited to 'source4/libcli/auth/gensec_ntlmssp.c')
| -rw-r--r-- | source4/libcli/auth/gensec_ntlmssp.c | 52 |
1 files changed, 27 insertions, 25 deletions
diff --git a/source4/libcli/auth/gensec_ntlmssp.c b/source4/libcli/auth/gensec_ntlmssp.c index 07dacfb5e0..cf8019402c 100644 --- a/source4/libcli/auth/gensec_ntlmssp.c +++ b/source4/libcli/auth/gensec_ntlmssp.c @@ -142,6 +142,23 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, return nt_status; } +static int gensec_ntlmssp_destroy(void *ptr) +{ + struct gensec_ntlmssp_state *gensec_ntlmssp_state = ptr; + + if (gensec_ntlmssp_state->ntlmssp_state) { + ntlmssp_end(&gensec_ntlmssp_state->ntlmssp_state); + } + + if (gensec_ntlmssp_state->auth_context) { + free_auth_context(&gensec_ntlmssp_state->auth_context); + } + if (gensec_ntlmssp_state->server_info) { + free_server_info(&gensec_ntlmssp_state->server_info); + } + return 0; +} + static NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security) { struct gensec_ntlmssp_state *gensec_ntlmssp_state; @@ -155,6 +172,8 @@ static NTSTATUS gensec_ntlmssp_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->auth_context = NULL; gensec_ntlmssp_state->server_info = NULL; + talloc_set_destructor(gensec_ntlmssp_state, gensec_ntlmssp_destroy); + gensec_security->private_data = gensec_ntlmssp_state; return NT_STATUS_OK; } @@ -173,7 +192,7 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur gensec_ntlmssp_state = gensec_security->private_data; - if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(gensec_security, + if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(gensec_ntlmssp_state, &gensec_ntlmssp_state->ntlmssp_state))) { return nt_status; } @@ -186,7 +205,7 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur } ntlmssp_state = gensec_ntlmssp_state->ntlmssp_state; - nt_status = make_auth_context_subsystem(gensec_security, &gensec_ntlmssp_state->auth_context); + nt_status = make_auth_context_subsystem(gensec_ntlmssp_state, &gensec_ntlmssp_state->auth_context); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } @@ -213,7 +232,7 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur } gensec_ntlmssp_state = gensec_security->private_data; - status = ntlmssp_client_start(gensec_security, + status = ntlmssp_client_start(gensec_ntlmssp_state, &gensec_ntlmssp_state->ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { return status; @@ -250,9 +269,11 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur return status; } - status = gensec_get_password(gensec_security, gensec_ntlmssp_state, &password); - if (!NT_STATUS_IS_OK(status)) { - return status; + if (gensec_security->user.name) { + status = gensec_get_password(gensec_security, gensec_ntlmssp_state, &password); + if (!NT_STATUS_IS_OK(status)) { + return status; + } } if (password) { @@ -397,24 +418,6 @@ static NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_secur return NT_STATUS_OK; } -static void gensec_ntlmssp_end(struct gensec_security *gensec_security) -{ - struct gensec_ntlmssp_state *gensec_ntlmssp_state = gensec_security->private_data; - - if (gensec_ntlmssp_state->ntlmssp_state) { - ntlmssp_end(&gensec_ntlmssp_state->ntlmssp_state); - } - - if (gensec_ntlmssp_state->auth_context) { - free_auth_context(&gensec_ntlmssp_state->auth_context); - } - if (gensec_ntlmssp_state->server_info) { - free_server_info(&gensec_ntlmssp_state->server_info); - } - talloc_free(gensec_ntlmssp_state); - gensec_security->private_data = NULL; -} - static const struct gensec_security_ops gensec_ntlmssp_security_ops = { .name = "ntlmssp", .sasl_name = "NTLM", @@ -430,7 +433,6 @@ static const struct gensec_security_ops gensec_ntlmssp_security_ops = { .unseal_packet = gensec_ntlmssp_unseal_packet, .session_key = gensec_ntlmssp_session_key, .session_info = gensec_ntlmssp_session_info, - .end = gensec_ntlmssp_end }; |