summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/auth/gensec.c10
-rw-r--r--source4/libcli/auth/spnego.c39
-rw-r--r--source4/librpc/rpc/dcerpc.c3
-rw-r--r--source4/librpc/rpc/dcerpc_auth.c2
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c12
-rw-r--r--source4/rpc_server/dcerpc_server.c3
-rw-r--r--source4/smb_server/sesssetup.c3
-rw-r--r--source4/utils/ntlm_auth.c2
8 files changed, 30 insertions, 44 deletions
diff --git a/source4/libcli/auth/gensec.c b/source4/libcli/auth/gensec.c
index 7e33a159f9..75086f9281 100644
--- a/source4/libcli/auth/gensec.c
+++ b/source4/libcli/auth/gensec.c
@@ -440,16 +440,6 @@ NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_
return gensec_security->ops->update(gensec_security, out_mem_ctx, in, out);
}
-void gensec_end(struct gensec_security **gensec_security)
-{
- if (!*gensec_security) {
- return;
- }
-
- talloc_free(*gensec_security);
- *gensec_security = NULL;
-}
-
/**
* Set the requirement for a certain feature on the connection
*
diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index 988d0b32a5..5cce0f9e17 100644
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -45,16 +45,6 @@ struct spnego_state {
};
-static int gensec_spnego_destroy(void *ptr)
-{
- struct spnego_state *spnego_state = ptr;
-
- if (spnego_state->sub_sec_security) {
- gensec_end(&spnego_state->sub_sec_security);
- }
- return 0;
-}
-
static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_security)
{
struct spnego_state *spnego_state;
@@ -68,8 +58,6 @@ static NTSTATUS gensec_spnego_client_start(struct gensec_security *gensec_securi
spnego_state->state_position = SPNEGO_CLIENT_START;
spnego_state->sub_sec_security = NULL;
- talloc_set_destructor(spnego_state, gensec_spnego_destroy);
-
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
}
@@ -87,8 +75,6 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi
spnego_state->state_position = SPNEGO_SERVER_START;
spnego_state->sub_sec_security = NULL;
- talloc_set_destructor(spnego_state, gensec_spnego_destroy);
-
gensec_security->private_data = spnego_state;
return NT_STATUS_OK;
}
@@ -246,8 +232,9 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
nt_status = gensec_start_mech_by_oid(spnego_state->sub_sec_security,
all_ops[i]->oid);
if (!NT_STATUS_IS_OK(nt_status)) {
- gensec_end(&spnego_state->sub_sec_security);
- continue;
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
+ continue;
}
nt_status = gensec_update(spnego_state->sub_sec_security,
out_mem_ctx, in, out);
@@ -255,7 +242,8 @@ static NTSTATUS gensec_spnego_server_try_fallback(struct gensec_security *gensec
spnego_state->state_position = SPNEGO_FALLBACK;
return nt_status;
}
- gensec_end(&spnego_state->sub_sec_security);
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
}
DEBUG(1, ("Failed to parse SPNEGO request\n"));
return NT_STATUS_INVALID_PARAMETER;
@@ -283,7 +271,8 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_
nt_status = gensec_start_mech_by_oid(spnego_state->sub_sec_security,
mechType[i]);
if (!NT_STATUS_IS_OK(nt_status)) {
- gensec_end(&spnego_state->sub_sec_security);
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
continue;
}
@@ -302,7 +291,8 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_
if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("SPNEGO(%s) NEG_TOKEN_INIT failed: %s\n",
spnego_state->sub_sec_security->ops->name, nt_errstr(nt_status)));
- gensec_end(&spnego_state->sub_sec_security);
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
}
return nt_status;
}
@@ -344,8 +334,9 @@ static NTSTATUS gensec_spnego_client_negTokenInit(struct gensec_security *gensec
nt_status = gensec_start_mech_by_oid(spnego_state->sub_sec_security,
mechTypes[0]);
if (!NT_STATUS_IS_OK(nt_status)) {
- gensec_end(&spnego_state->sub_sec_security);
- return nt_status;
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
+ return nt_status;
}
nt_status = gensec_update(spnego_state->sub_sec_security,
out_mem_ctx, in, &unwrapped_out);
@@ -367,7 +358,8 @@ static NTSTATUS gensec_spnego_client_negTokenInit(struct gensec_security *gensec
spnego_state->state_position = SPNEGO_CLIENT_TARG;
return nt_status;
}
- gensec_end(&spnego_state->sub_sec_security);
+ talloc_free(spnego_state->sub_sec_security);
+ spnego_state->sub_sec_security = NULL;
DEBUG(1, ("Failed to setup SPNEGO netTokenInit request\n"));
return NT_STATUS_INVALID_PARAMETER;
@@ -515,7 +507,8 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
if (!in.length) {
/* client to produce negTokenInit */
- return gensec_spnego_client_negTokenInit(gensec_security, spnego_state, out_mem_ctx, in, out);
+ return gensec_spnego_client_negTokenInit(gensec_security, spnego_state,
+ out_mem_ctx, in, out);
}
len = spnego_read_data(in, &spnego);
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 9217c90e0e..f6c0ebc413 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -85,9 +85,6 @@ void dcerpc_pipe_close(struct dcerpc_pipe *p)
if (!p) return;
p->reference_count--;
if (p->reference_count <= 0) {
- if (p->security_state.generic_state) {
- gensec_end(&p->security_state.generic_state);
- }
p->transport.shutdown_pipe(p);
talloc_free(p);
}
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c
index 844746e322..1c5556ccee 100644
--- a/source4/librpc/rpc/dcerpc_auth.c
+++ b/source4/librpc/rpc/dcerpc_auth.c
@@ -113,7 +113,7 @@ done:
talloc_destroy(mem_ctx);
if (!NT_STATUS_IS_OK(status)) {
- gensec_end(&p->security_state.generic_state);
+ talloc_free(p->security_state.generic_state);
ZERO_STRUCT(p->security_state);
} else {
/* Authenticated connections use the generic session key */
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 635735a55d..6df48b7dd3 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -436,14 +436,16 @@ NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
status = gensec_set_username(p->security_state.generic_state, username);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to set schannel username to %s: %s\n", username, nt_errstr(status)));
- gensec_end(&p->security_state.generic_state);
+ talloc_free(p->security_state.generic_state);
+ p->security_state.generic_state = NULL;
return status;
}
status = gensec_set_domain(p->security_state.generic_state, domain);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to set schannel domain to %s: %s\n", domain, nt_errstr(status)));
- gensec_end(&p->security_state.generic_state);
+ talloc_free(p->security_state.generic_state);
+ p->security_state.generic_state = NULL;
return status;
}
@@ -451,7 +453,8 @@ NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start SCHANNEL GENSEC backend: %s\n", nt_errstr(status)));
- gensec_end(&p->security_state.generic_state);
+ talloc_free(p->security_state.generic_state);
+ p->security_state.generic_state = NULL;
return status;
}
@@ -463,7 +466,8 @@ NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to bind to pipe with SCHANNEL: %s\n", nt_errstr(status)));
- gensec_end(&p->security_state.generic_state);
+ talloc_free(p->security_state.generic_state);
+ p->security_state.generic_state = NULL;
return status;
}
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index 231778247f..cf4ea8bea8 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -274,7 +274,8 @@ static int dcesrv_endpoint_destructor(void *ptr)
}
if (p->auth_state.gensec_security) {
- gensec_end(&p->auth_state.gensec_security);
+ talloc_free(p->auth_state.gensec_security);
+ p->auth_state.gensec_security = NULL;
}
return 0;
diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c
index 85fac5680b..dcecc1327c 100644
--- a/source4/smb_server/sesssetup.c
+++ b/source4/smb_server/sesssetup.c
@@ -287,7 +287,8 @@ static NTSTATUS sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup
status = nt_status_squash(status);
if (smb_sess->gensec_ctx &&
!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- gensec_end(&smb_sess->gensec_ctx);
+ talloc_free(smb_sess->gensec_ctx);
+ smb_sess->gensec_ctx = NULL;
}
}
diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c
index c99dcb1b7a..f741999ac9 100644
--- a/source4/utils/ntlm_auth.c
+++ b/source4/utils/ntlm_auth.c
@@ -320,7 +320,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
if (strncmp(buf, "YR", 2) == 0) {
if (gensec_state && *gensec_state) {
- gensec_end(gensec_state);
+ talloc_free(*gensec_state);
*gensec_state = NULL;
}
} else if ( (strncmp(buf, "OK", 2) == 0)) {