summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/auth/spnego.c2
-rw-r--r--source4/libcli/auth/spnego_parse.c4
-rw-r--r--source4/libcli/raw/clisession.c5
3 files changed, 9 insertions, 2 deletions
diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index 696240f8d6..bbf8f86676 100644
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -528,6 +528,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
nt_status = gensec_set_target_principal(gensec_security,
spnego.negTokenInit.targetPrincipal);
if (!NT_STATUS_IS_OK(nt_status)) {
+ spnego_free_data(&spnego);
return nt_status;
}
}
@@ -540,6 +541,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
&unwrapped_out);
if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(nt_status)) {
+ spnego_free_data(&spnego);
return nt_status;
}
diff --git a/source4/libcli/auth/spnego_parse.c b/source4/libcli/auth/spnego_parse.c
index 047d17ce5a..20b766a4e2 100644
--- a/source4/libcli/auth/spnego_parse.c
+++ b/source4/libcli/auth/spnego_parse.c
@@ -54,6 +54,10 @@ static BOOL read_negTokenInit(ASN1_DATA *asn1, struct spnego_negTokenInit *token
talloc_realloc(token->mechTypes, (i + 2) *
sizeof(*token->mechTypes));
asn1_read_OID(asn1, token->mechTypes + i);
+ if (token->mechTypes[i]) {
+ talloc_steal(token->mechTypes,
+ token->mechTypes[i]);
+ }
}
token->mechTypes[i] = NULL;
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c
index 2bd2d0e054..264c1cd616 100644
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -446,8 +446,8 @@ static NTSTATUS smb_raw_session_setup_generic_spnego(struct smbcli_session *sess
}
status = gensec_update(session->gensec, mem_ctx,
- session->transport->negotiate.secblob,
- &s2.spnego.in.secblob);
+ session->transport->negotiate.secblob,
+ &s2.spnego.in.secblob);
while(1) {
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(status)) {
@@ -493,6 +493,7 @@ done:
parms->generic.out.lanman = s2.spnego.out.lanman;
parms->generic.out.domain = s2.spnego.out.domain;
} else {
+ gensec_end(&session->gensec);
DEBUG(1, ("Failed to login with %s: %s\n", gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
return status;
}