diff options
| author | Andrew Tridgell <tridge@samba.org> | 2003-11-26 02:08:41 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2003-11-26 02:08:41 +0000 |
| commit | c123c8454142d17d2884ae9dd951b7f2a0b1a343 (patch) | |
| tree | 6de49a1ff7dd9460fd2d20ac74f8b8e9ecd5dcb1 /source4/librpc/rpc | |
| parent | e0ac659917066dbf7f8fdbcc7684ce2b49dd04d9 (diff) | |
| download | samba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.tar.gz samba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.tar.bz2 samba-c123c8454142d17d2884ae9dd951b7f2a0b1a343.zip | |
fixed some memory leaks in the dcerpc use of ntlmssp signing
(This used to be commit abbc9993b8f7eb9f57e079db1d0b170d0b9aa443)
Diffstat (limited to 'source4/librpc/rpc')
| -rw-r--r-- | source4/librpc/rpc/dcerpc.c | 5 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_auth.c | 26 |
2 files changed, 27 insertions, 4 deletions
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c index bf5da4edb4..83fb0b592c 100644 --- a/source4/librpc/rpc/dcerpc.c +++ b/source4/librpc/rpc/dcerpc.c @@ -53,6 +53,9 @@ void dcerpc_pipe_close(struct dcerpc_pipe *p) if (!p) return; p->reference_count--; if (p->reference_count <= 0) { + if (p->ntlmssp_state) { + ntlmssp_end(&p->ntlmssp_state); + } p->transport.shutdown_pipe(p); talloc_destroy(p->mem_ctx); } @@ -238,6 +241,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, SSVAL(blob->data, 8, blob->length); SSVAL(blob->data, 10, p->auth_info->credentials.length); + data_blob_free(&p->auth_info->credentials); + return NT_STATUS_OK; } diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c index 32fdcb0b86..103a3c70d8 100644 --- a/source4/librpc/rpc/dcerpc_auth.c +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -34,6 +34,7 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p, NTSTATUS status; struct ntlmssp_state *state; TALLOC_CTX *mem_ctx; + DATA_BLOB credentials; mem_ctx = talloc_init("dcerpc_bind_auth_ntlm"); if (!mem_ctx) { @@ -76,27 +77,44 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p, status = ntlmssp_update(state, p->auth_info->credentials, - &p->auth_info->credentials); + &credentials); if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { goto done; } + + p->auth_info->credentials = data_blob_talloc(mem_ctx, + credentials.data, + credentials.length); + data_blob_free(&credentials); + status = dcerpc_bind_byuuid(p, mem_ctx, uuid, version); if (!NT_STATUS_IS_OK(status)) { goto done; } + status = ntlmssp_update(state, p->auth_info->credentials, - &p->auth_info->credentials); + &credentials); if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { goto done; } + p->auth_info->credentials = data_blob_talloc(mem_ctx, + credentials.data, + credentials.length); + data_blob_free(&credentials); + status = dcerpc_auth3(p, mem_ctx); + + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + p->ntlmssp_state = state; - p->auth_info->credentials = data_blob(NULL, 0); - ntlmssp_sign_init(state); + /* setup for signing */ + status = ntlmssp_sign_init(state); done: talloc_destroy(mem_ctx); |