diff options
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/libads/sasl.c | 2 | ||||
-rw-r--r-- | source3/libsmb/cliconnect.c | 4 | ||||
-rw-r--r-- | source3/libsmb/clispnego.c | 11 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 3 | ||||
-rw-r--r-- | source3/smbd/seal.c | 4 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 21 | ||||
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 11 |
8 files changed, 35 insertions, 27 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index d154d34679..ce94ae531b 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2799,7 +2799,8 @@ bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descr DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[], DATA_BLOB *psecblob, const char *principal); -bool spnego_parse_negTokenInit(DATA_BLOB blob, +bool spnego_parse_negTokenInit(TALLOC_CTX *ctx, + DATA_BLOB blob, char *OIDs[ASN1_MAX_OIDS], char **principal, DATA_BLOB *secblob); @@ -6155,7 +6156,8 @@ NTSTATUS do_map_to_guest(NTSTATUS status, struct auth_serversupplied_info **server_info, const char *user, const char *domain); -NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, +NTSTATUS parse_spnego_mechanisms(TALLOC_CTX *ctx, + DATA_BLOB blob_in, DATA_BLOB *pblob_out, char **kerb_mechOID); void reply_sesssetup_and_X(struct smb_request *req); diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index 5cd523155a..1b62daf8db 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -780,7 +780,7 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads) /* the server sent us the first part of the SPNEGO exchange in the negprot reply */ - if (!spnego_parse_negTokenInit(blob, OIDs, &given_principal, NULL)) { + if (!spnego_parse_negTokenInit(talloc_tos(), blob, OIDs, &given_principal, NULL)) { data_blob_free(&blob); status = ADS_ERROR(LDAP_OPERATIONS_ERROR); goto failed; diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index dc3f236609..86338d0ef3 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -1225,7 +1225,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, * negprot reply. It is WRONG to depend on the principal sent in the * negprot reply, but right now we do it. If we don't receive one, * we try to best guess, then fall back to NTLM. */ - if (!spnego_parse_negTokenInit(blob, OIDs, &principal, NULL)) { + if (!spnego_parse_negTokenInit(talloc_tos(), blob, OIDs, &principal, NULL)) { data_blob_free(&blob); return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER); } @@ -1248,6 +1248,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, status = cli_set_username(cli, user); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(principal); return ADS_ERROR_NT(status); } @@ -1299,6 +1300,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, machine = SMB_STRDUP(cli->desthost); } if (machine == NULL) { + TALLOC_FREE(principal); return ADS_ERROR_NT(NT_STATUS_NO_MEMORY); } diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index cd09a3836f..0935041a34 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -91,7 +91,8 @@ DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[], parse a negTokenInit packet giving a GUID, a list of supported OIDs (the mechanisms) and a principal name string */ -bool spnego_parse_negTokenInit(DATA_BLOB blob, +bool spnego_parse_negTokenInit(TALLOC_CTX *ctx, + DATA_BLOB blob, char *OIDs[ASN1_MAX_OIDS], char **principal, DATA_BLOB *secblob) @@ -124,7 +125,7 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob, asn1_start_tag(data,ASN1_SEQUENCE(0)); for (i=0; asn1_tag_remaining(data) > 0 && i < ASN1_MAX_OIDS-1; i++) { const char *oid_str = NULL; - asn1_read_OID(data,talloc_autofree_context(),&oid_str); + asn1_read_OID(data,ctx,&oid_str); OIDs[i] = CONST_DISCARD(char *, oid_str); } OIDs[i] = NULL; @@ -162,8 +163,7 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob, DATA_BLOB sblob = data_blob_null; /* mechToken [2] OCTET STRING OPTIONAL */ asn1_start_tag(data, ASN1_CONTEXT(2)); - asn1_read_OctetString(data, talloc_autofree_context(), - &sblob); + asn1_read_OctetString(data, ctx, &sblob); asn1_end_tag(data); if (secblob) { *secblob = sblob; @@ -178,8 +178,7 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob, asn1_start_tag(data, ASN1_CONTEXT(3)); asn1_start_tag(data, ASN1_SEQUENCE(0)); asn1_start_tag(data, ASN1_CONTEXT(0)); - asn1_read_GeneralString(data,talloc_autofree_context(), - &princ); + asn1_read_GeneralString(data, ctx, &princ); asn1_end_tag(data); asn1_end_tag(data); asn1_end_tag(data); diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 3d4e6c3300..e69bd9e31f 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -827,7 +827,8 @@ static bool pipe_spnego_auth_bind_negotiate(pipes_struct *p, } /* parse out the OIDs and the first sec blob */ - if (!spnego_parse_negTokenInit(pauth_info->credentials, OIDs, NULL, &secblob)) { + if (!spnego_parse_negTokenInit(talloc_tos(), + pauth_info->credentials, OIDs, NULL, &secblob)) { DEBUG(0,("pipe_spnego_auth_bind_negotiate: Failed to parse the security blob.\n")); goto err; } diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index 81b545aabf..2c7d97fd6d 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -497,7 +497,7 @@ static NTSTATUS srv_enc_spnego_negotiate(connection_struct *conn, blob = data_blob_const(*ppdata, *p_data_size); - status = parse_spnego_mechanisms(blob, &secblob, &kerb_mech); + status = parse_spnego_mechanisms(talloc_tos(), blob, &secblob, &kerb_mech); if (!NT_STATUS_IS_OK(status)) { return nt_status_squash(status); } @@ -507,7 +507,7 @@ static NTSTATUS srv_enc_spnego_negotiate(connection_struct *conn, srv_free_encryption_context(&partial_srv_trans_enc_ctx); if (kerb_mech) { - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); #if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) status = srv_enc_spnego_gss_negotiate(ppdata, p_data_size, secblob); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 5381122e2b..15cbcbfb9a 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -723,7 +723,8 @@ static void reply_spnego_ntlmssp(struct smb_request *req, Is this a krb5 mechanism ? ****************************************************************************/ -NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, +NTSTATUS parse_spnego_mechanisms(TALLOC_CTX *ctx, + DATA_BLOB blob_in, DATA_BLOB *pblob_out, char **kerb_mechOID) { @@ -734,7 +735,7 @@ NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, *kerb_mechOID = NULL; /* parse out the OIDs and the first sec blob */ - if (!spnego_parse_negTokenInit(blob_in, OIDs, NULL, pblob_out)) { + if (!spnego_parse_negTokenInit(ctx, blob_in, OIDs, NULL, pblob_out)) { return NT_STATUS_LOGON_FAILURE; } @@ -751,7 +752,7 @@ NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, #ifdef HAVE_KRB5 if (strcmp(OID_KERBEROS5, OIDs[0]) == 0 || strcmp(OID_KERBEROS5_OLD, OIDs[0]) == 0) { - *kerb_mechOID = SMB_STRDUP(OIDs[0]); + *kerb_mechOID = talloc_strdup(ctx, OIDs[0]); if (*kerb_mechOID == NULL) { ret = NT_STATUS_NO_MEMORY; } @@ -802,7 +803,8 @@ static void reply_spnego_negotiate(struct smb_request *req, NTSTATUS status; struct smbd_server_connection *sconn = req->sconn; - status = parse_spnego_mechanisms(blob1, &secblob, &kerb_mech); + status = parse_spnego_mechanisms(talloc_tos(), + blob1, &secblob, &kerb_mech); if (!NT_STATUS_IS_OK(status)) { /* Kill the intermediate vuid */ invalidate_vuid(sconn, vuid); @@ -824,7 +826,7 @@ static void reply_spnego_negotiate(struct smb_request *req, /* Kill the intermediate vuid */ invalidate_vuid(sconn, vuid); } - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); return; } #endif @@ -838,7 +840,7 @@ static void reply_spnego_negotiate(struct smb_request *req, /* The mechtoken is a krb5 ticket, but * we need to fall back to NTLM. */ reply_spnego_downgrade_to_ntlmssp(req, vuid); - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); return; } @@ -895,7 +897,8 @@ static void reply_spnego_auth(struct smb_request *req, /* Might be a second negTokenTarg packet */ char *kerb_mech = NULL; - status = parse_spnego_mechanisms(auth, &secblob, &kerb_mech); + status = parse_spnego_mechanisms(talloc_tos(), + auth, &secblob, &kerb_mech); if (!NT_STATUS_IS_OK(status)) { /* Kill the intermediate vuid */ @@ -918,7 +921,7 @@ static void reply_spnego_auth(struct smb_request *req, /* Kill the intermediate vuid */ invalidate_vuid(sconn, vuid); } - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); return; } #endif @@ -934,7 +937,7 @@ static void reply_spnego_auth(struct smb_request *req, "not enabled\n")); reply_nterror(req, nt_status_squash( NT_STATUS_LOGON_FAILURE)); - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); } } diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index a8172d3ee3..e8c69eaad5 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -553,7 +553,7 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, /* Ensure we have no old NTLM state around. */ TALLOC_FREE(session->auth_ntlmssp_state); - status = parse_spnego_mechanisms(in_security_buffer, + status = parse_spnego_mechanisms(talloc_tos(), in_security_buffer, &secblob_in, &kerb_mech); if (!NT_STATUS_IS_OK(status)) { goto out; @@ -618,7 +618,7 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session, data_blob_free(&secblob_in); data_blob_free(&secblob_out); data_blob_free(&chal_out); - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { @@ -730,7 +730,8 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, DATA_BLOB secblob_in = data_blob_null; char *kerb_mech = NULL; - status = parse_spnego_mechanisms(in_security_buffer, + status = parse_spnego_mechanisms(talloc_tos(), + in_security_buffer, &secblob_in, &kerb_mech); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(session); @@ -750,7 +751,7 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, out_session_id); data_blob_free(&secblob_in); - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(session); } @@ -768,7 +769,7 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session, "not enabled\n")); TALLOC_FREE(session); data_blob_free(&secblob_in); - SAFE_FREE(kerb_mech); + TALLOC_FREE(kerb_mech); return NT_STATUS_LOGON_FAILURE; } |