summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2003-11-26 02:08:41 +0000
committerAndrew Tridgell <tridge@samba.org>2003-11-26 02:08:41 +0000
commitc123c8454142d17d2884ae9dd951b7f2a0b1a343 (patch)
tree6de49a1ff7dd9460fd2d20ac74f8b8e9ecd5dcb1 /source4/librpc/rpc
parente0ac659917066dbf7f8fdbcc7684ce2b49dd04d9 (diff)
downloadsamba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.tar.gz
samba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.tar.bz2
samba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.zip
fixed some memory leaks in the dcerpc use of ntlmssp signing
(This used to be commit abbc9993b8f7eb9f57e079db1d0b170d0b9aa443)
Diffstat (limited to 'source4/librpc/rpc')
-rw-r--r--source4/librpc/rpc/dcerpc.c5
-rw-r--r--source4/librpc/rpc/dcerpc_auth.c26
2 files changed, 27 insertions, 4 deletions
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index bf5da4edb4..83fb0b592c 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -53,6 +53,9 @@ void dcerpc_pipe_close(struct dcerpc_pipe *p)
if (!p) return;
p->reference_count--;
if (p->reference_count <= 0) {
+ if (p->ntlmssp_state) {
+ ntlmssp_end(&p->ntlmssp_state);
+ }
p->transport.shutdown_pipe(p);
talloc_destroy(p->mem_ctx);
}
@@ -238,6 +241,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p,
SSVAL(blob->data, 8, blob->length);
SSVAL(blob->data, 10, p->auth_info->credentials.length);
+ data_blob_free(&p->auth_info->credentials);
+
return NT_STATUS_OK;
}
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c
index 32fdcb0b86..103a3c70d8 100644
--- a/source4/librpc/rpc/dcerpc_auth.c
+++ b/source4/librpc/rpc/dcerpc_auth.c
@@ -34,6 +34,7 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p,
NTSTATUS status;
struct ntlmssp_state *state;
TALLOC_CTX *mem_ctx;
+ DATA_BLOB credentials;
mem_ctx = talloc_init("dcerpc_bind_auth_ntlm");
if (!mem_ctx) {
@@ -76,27 +77,44 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p,
status = ntlmssp_update(state,
p->auth_info->credentials,
- &p->auth_info->credentials);
+ &credentials);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
goto done;
}
+
+ p->auth_info->credentials = data_blob_talloc(mem_ctx,
+ credentials.data,
+ credentials.length);
+ data_blob_free(&credentials);
+
status = dcerpc_bind_byuuid(p, mem_ctx, uuid, version);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
+
status = ntlmssp_update(state,
p->auth_info->credentials,
- &p->auth_info->credentials);
+ &credentials);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
goto done;
}
+ p->auth_info->credentials = data_blob_talloc(mem_ctx,
+ credentials.data,
+ credentials.length);
+ data_blob_free(&credentials);
+
status = dcerpc_auth3(p, mem_ctx);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
p->ntlmssp_state = state;
- p->auth_info->credentials = data_blob(NULL, 0);
- ntlmssp_sign_init(state);
+ /* setup for signing */
+ status = ntlmssp_sign_init(state);
done:
talloc_destroy(mem_ctx);