summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libads')
-rw-r--r--source3/libads/authdata.c2
-rw-r--r--source3/libads/kerberos.c8
-rw-r--r--source3/libads/kerberos_keytab.c27
-rw-r--r--source3/libads/kerberos_verify.c6
-rw-r--r--source3/libads/ldap.c69
5 files changed, 51 insertions, 61 deletions
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 9f0f68ed7b..0032e9e4f6 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -469,7 +469,7 @@ out:
data_blob_free(&sesskey1);
data_blob_free(&sesskey2);
- SAFE_FREE(client_princ_out);
+ TALLOC_FREE(client_princ_out);
return status;
}
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 52cb975a6c..c476f59ff5 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -545,7 +545,7 @@ krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
/* look under the old key. If this fails, just use the standard key */
- if (smb_krb5_unparse_name(context, host_princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, host_princ, &unparsed_name) != 0) {
return (krb5_principal)NULL;
}
if ((salt_princ_s = kerberos_secrets_fetch_salting_principal(unparsed_name, enctype)) == NULL) {
@@ -558,7 +558,7 @@ krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
ret_princ = NULL;
}
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
SAFE_FREE(salt_princ_s);
return ret_princ;
@@ -603,7 +603,7 @@ bool kerberos_secrets_store_salting_principal(const char *service,
goto out;
}
- if (smb_krb5_unparse_name(context, princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, princ, &unparsed_name) != 0) {
goto out;
}
@@ -623,7 +623,7 @@ bool kerberos_secrets_store_salting_principal(const char *service,
SAFE_FREE(key);
SAFE_FREE(princ_s);
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
if (princ) {
krb5_free_principal(context, princ);
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 7c028cb78f..4fede259ab 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -64,7 +64,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
while(!krb5_kt_next_entry(context, keytab, &kt_entry, &cursor)) {
bool compare_name_ok = False;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_kt_add_entry_ext: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
@@ -91,7 +91,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
ktprinc, kt_entry.vno));
}
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
if (compare_name_ok) {
if (kt_entry.vno == kvno - 1) {
@@ -549,13 +549,12 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
}
}
- TALLOC_FREE( ctx );
-
/* Now loop through the keytab and update any other existing entries... */
kvno = (krb5_kvno) ads_get_machine_kvno(ads, machine_name);
if (kvno == -1) {
DEBUG(1,("ads_keytab_create_default: ads_get_machine_kvno failed to determine the system's kvno.\n"));
+ TALLOC_FREE(ctx);
return -1;
}
@@ -569,6 +568,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
ret = krb5_init_context(&context);
if (ret) {
DEBUG(1,("ads_keytab_create_default: could not krb5_init_context: %s\n",error_message(ret)));
+ TALLOC_FREE(ctx);
return ret;
}
@@ -599,7 +599,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
if (!found) {
goto done;
}
- oldEntries = SMB_MALLOC_ARRAY(char *, found );
+ oldEntries = talloc_array(ctx, char *, found );
if (!oldEntries) {
DEBUG(1,("ads_keytab_create_default: Failed to allocate space to store the old keytab entries (malloc failed?).\n"));
ret = -1;
@@ -615,7 +615,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
char *p;
/* This returns a malloc'ed string in ktprinc. */
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(oldEntries, context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_unparse_name failed (%s)\n", error_message(ret)));
goto done;
@@ -640,12 +640,12 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
break;
}
if (!strcmp(oldEntries[i], ktprinc)) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
break;
}
}
if (i == found) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
}
}
smb_krb5_kt_free_entry(context, &kt_entry);
@@ -654,7 +654,7 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
ret = 0;
for (i = 0; oldEntries[i]; i++) {
ret |= ads_keytab_add_entry(ads, oldEntries[i]);
- SAFE_FREE(oldEntries[i]);
+ TALLOC_FREE(oldEntries[i]);
}
krb5_kt_end_seq_get(context, keytab, &cursor);
}
@@ -662,7 +662,8 @@ int ads_keytab_create_default(ADS_STRUCT *ads)
done:
- SAFE_FREE(oldEntries);
+ TALLOC_FREE(oldEntries);
+ TALLOC_FREE(ctx);
{
krb5_keytab_entry zero_kt_entry;
@@ -728,7 +729,7 @@ int ads_keytab_list(const char *keytab_name)
char *etype_s = NULL;
krb5_enctype enctype = 0;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &princ_s);
if (ret) {
goto out;
}
@@ -739,14 +740,14 @@ int ads_keytab_list(const char *keytab_name)
if (ret) {
if (asprintf(&etype_s, "UNKNOWN: %d\n", enctype) == -1)
{
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
goto out;
}
}
printf("%3d %s\t\t %s\n", kt_entry.vno, etype_s, princ_s);
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
SAFE_FREE(etype_s);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index b903b2a6eb..8502902963 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -192,7 +192,7 @@ static bool ads_keytab_verify_ticket(krb5_context context,
}
while (!auth_ok && (krb5_kt_next_entry(context, keytab, &kt_entry, &kt_cursor) == 0)) {
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &entry_princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &entry_princ_s);
if (ret) {
DEBUG(1, ("ads_keytab_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
@@ -242,7 +242,7 @@ static bool ads_keytab_verify_ticket(krb5_context context,
}
/* Free the name we parsed. */
- SAFE_FREE(entry_princ_s);
+ TALLOC_FREE(entry_princ_s);
/* Free the entry we just read. */
smb_krb5_kt_free_entry(context, &kt_entry);
@@ -636,7 +636,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
#endif
#endif
- if ((ret = smb_krb5_unparse_name(context, client_principal, principal))) {
+ if ((ret = smb_krb5_unparse_name(mem_ctx, context, client_principal, principal))) {
DEBUG(3,("ads_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
sret = NT_STATUS_LOGON_FAILURE;
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index edbd69392c..841ea8caae 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -1267,22 +1267,12 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path,
}
/**
- * Free up memory from various ads requests
- * @param ads connection to ads server
- * @param mem Area to free
- **/
-void ads_memfree(ADS_STRUCT *ads, void *mem)
-{
- SAFE_FREE(mem);
-}
-
-/**
* Get a dn from search results
* @param ads connection to ads server
* @param msg Search result
* @return dn string
**/
- char *ads_get_dn(ADS_STRUCT *ads, LDAPMessage *msg)
+ char *ads_get_dn(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg)
{
char *utf8_dn, *unix_dn;
size_t converted_size;
@@ -1294,7 +1284,7 @@ void ads_memfree(ADS_STRUCT *ads, void *mem)
return NULL;
}
- if (!pull_utf8_allocate(&unix_dn, utf8_dn, &converted_size)) {
+ if (!pull_utf8_talloc(mem_ctx, &unix_dn, utf8_dn, &converted_size)) {
DEBUG(0,("ads_get_dn: string conversion failure utf8 [%s]\n",
utf8_dn ));
return NULL;
@@ -1639,7 +1629,7 @@ char *ads_default_ou_string(ADS_STRUCT *ads, const char *wknguid)
}
/* substitute the bind-path from the well-known-guid-search result */
- wkn_dn = ads_get_dn(ads, res);
+ wkn_dn = ads_get_dn(ads, talloc_tos(), res);
if (!wkn_dn) {
goto out;
}
@@ -1685,7 +1675,7 @@ char *ads_default_ou_string(ADS_STRUCT *ads, const char *wknguid)
out:
SAFE_FREE(base);
ads_msgfree(ads, res);
- ads_memfree(ads, wkn_dn);
+ TALLOC_FREE(wkn_dn);
if (wkn_dn_exp) {
ldap_value_free(wkn_dn_exp);
}
@@ -1741,14 +1731,14 @@ uint32 ads_get_kvno(ADS_STRUCT *ads, const char *account_name)
return kvno;
}
- dn_string = ads_get_dn(ads, res);
+ dn_string = ads_get_dn(ads, talloc_tos(), res);
if (!dn_string) {
DEBUG(0,("ads_get_kvno: out of memory.\n"));
ads_msgfree(ads, res);
return kvno;
}
DEBUG(5,("ads_get_kvno: Using: %s\n", dn_string));
- ads_memfree(ads, dn_string);
+ TALLOC_FREE(dn_string);
/* ---------------------------------------------------------
* 0 is returned as a default KVNO from this point on...
@@ -1836,14 +1826,14 @@ ADS_STATUS ads_clear_service_principal_names(ADS_STRUCT *ads, const char *machin
talloc_destroy(ctx);
return ret;
}
- dn_string = ads_get_dn(ads, res);
+ dn_string = ads_get_dn(ads, talloc_tos(), res);
if (!dn_string) {
talloc_destroy(ctx);
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
}
ret = ads_gen_mod(ads, dn_string, mods);
- ads_memfree(ads,dn_string);
+ TALLOC_FREE(dn_string);
if (!ADS_ERR_OK(ret)) {
DEBUG(1,("ads_clear_service_principal_names: Error: Updating Service Principals for machine %s in LDAP\n",
machine_name));
@@ -1933,13 +1923,12 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n
goto out;
}
- if ( (dn_string = ads_get_dn(ads, res)) == NULL ) {
+ if ( (dn_string = ads_get_dn(ads, ctx, res)) == NULL ) {
ret = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
}
ret = ads_gen_mod(ads, dn_string, mods);
- ads_memfree(ads,dn_string);
if (!ADS_ERR_OK(ret)) {
DEBUG(1,("ads_add_service_principal_name: Error: Updating Service Principals in LDAP\n"));
goto out;
@@ -2052,7 +2041,7 @@ ADS_STATUS ads_move_machine_acct(ADS_STRUCT *ads, const char *machine_name,
goto done;
}
- computer_dn = ads_get_dn(ads, res);
+ computer_dn = ads_get_dn(ads, talloc_tos(), res);
if (!computer_dn) {
rc = ADS_ERROR(LDAP_NO_MEMORY);
goto done;
@@ -3029,7 +3018,7 @@ ADS_STATUS ads_site_dn_for_machine(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const c
return ADS_ERROR(LDAP_NO_SUCH_OBJECT);
}
- dn = ads_get_dn(ads, res);
+ dn = ads_get_dn(ads, mem_ctx, res);
if (dn == NULL) {
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
@@ -3039,18 +3028,18 @@ ADS_STATUS ads_site_dn_for_machine(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const c
parent = ads_parent_dn(ads_parent_dn(ads_parent_dn(dn)));
if (parent == NULL) {
ads_msgfree(ads, res);
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
return ADS_ERROR(LDAP_NO_MEMORY);
}
*site_dn = talloc_strdup(mem_ctx, parent);
if (*site_dn == NULL) {
ads_msgfree(ads, res);
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return status;
@@ -3140,7 +3129,7 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
char *dn = NULL;
- dn = ads_get_dn(ads, msg);
+ dn = ads_get_dn(ads, talloc_tos(), msg);
if (!dn) {
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
@@ -3149,12 +3138,12 @@ ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads,
if (!add_string_to_array(mem_ctx, dn,
(const char ***)ous,
(int *)num_ous)) {
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
}
ads_msgfree(ads, res);
@@ -3494,7 +3483,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
return ADS_ERROR_SYSTEM(ENOENT);
}
- hostnameDN = ads_get_dn(ads, (LDAPMessage *)msg);
+ hostnameDN = ads_get_dn(ads, talloc_tos(), (LDAPMessage *)msg);
rc = ldap_delete_ext_s(ads->ldap.ld, hostnameDN, pldap_control, NULL);
if (rc) {
@@ -3516,7 +3505,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
if (!ADS_ERR_OK(status)) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
@@ -3525,9 +3514,9 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
char *dn = NULL;
- if ((dn = ads_get_dn(ads, msg_sub)) == NULL) {
+ if ((dn = ads_get_dn(ads, talloc_tos(), msg_sub)) == NULL) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return ADS_ERROR(LDAP_NO_MEMORY);
}
@@ -3535,12 +3524,12 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
if (!ADS_ERR_OK(status)) {
DEBUG(3,("failed to delete dn %s: %s\n", dn, ads_errstr(status)));
SAFE_FREE(host);
- ads_memfree(ads, dn);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(dn);
+ TALLOC_FREE(hostnameDN);
return status;
}
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
}
/* there should be no subordinate objects anymore */
@@ -3550,7 +3539,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
if (!ADS_ERR_OK(status) || ( (ads_count_replies(ads, res)) > 0 ) ) {
SAFE_FREE(host);
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
@@ -3559,12 +3548,12 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
if (!ADS_ERR_OK(status)) {
SAFE_FREE(host);
DEBUG(3,("failed to delete dn %s: %s\n", hostnameDN, ads_errstr(status)));
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
return status;
}
}
- ads_memfree(ads, hostnameDN);
+ TALLOC_FREE(hostnameDN);
status = ads_find_machine_acct(ads, &res, host);
if (ADS_ERR_OK(status) && ads_count_replies(ads, res) == 1) {
@@ -3723,7 +3712,7 @@ ADS_STATUS ads_find_samaccount(ADS_STRUCT *ads,
goto out;
}
- dn = ads_get_dn(ads, res);
+ dn = ads_get_dn(ads, talloc_tos(), res);
if (dn == NULL) {
status = ADS_ERROR(LDAP_NO_MEMORY);
goto out;
@@ -3746,7 +3735,7 @@ ADS_STATUS ads_find_samaccount(ADS_STRUCT *ads,
}
}
out:
- ads_memfree(ads, dn);
+ TALLOC_FREE(dn);
ads_msgfree(ads, res);
return status;
generated by cgit (git 2.34.1) at 2025-01-23 04:55:02 +0000