summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/gensec/gensec_gssapi.c15
-rw-r--r--source4/auth/gensec/schannel.c6
-rw-r--r--source4/auth/gensec/spnego.c6
-rw-r--r--source4/auth/ntlmssp/ntlmssp_sign.c2
4 files changed, 11 insertions, 18 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 6ecd29bf34..4dd809856c 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1038,7 +1038,6 @@ static NTSTATUS gensec_gssapi_seal_packet(struct gensec_security *gensec_securit
}
static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -1053,7 +1052,7 @@ static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_secur
dump_data_pw("gensec_gssapi_unseal_packet: sig\n", sig->data, sig->length);
- in = data_blob_talloc(mem_ctx, NULL, sig->length + length);
+ in = data_blob_talloc(gensec_security, NULL, sig->length + length);
memcpy(in.data, sig->data, sig->length);
memcpy(in.data + sig->length, data, length);
@@ -1067,9 +1066,12 @@ static NTSTATUS gensec_gssapi_unseal_packet(struct gensec_security *gensec_secur
&output_token,
&conf_state,
&qop_state);
+ talloc_free(in.data);
if (GSS_ERROR(maj_stat)) {
+ char *error_string = gssapi_error_string(NULL, maj_stat, min_stat, gensec_gssapi_state->gss_oid);
DEBUG(1, ("gensec_gssapi_unseal_packet: GSS UnWrap failed: %s\n",
- gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
+ error_string));
+ talloc_free(error_string);
return NT_STATUS_ACCESS_DENIED;
}
@@ -1128,7 +1130,6 @@ static NTSTATUS gensec_gssapi_sign_packet(struct gensec_security *gensec_securit
}
static NTSTATUS gensec_gssapi_check_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -1159,8 +1160,10 @@ static NTSTATUS gensec_gssapi_check_packet(struct gensec_security *gensec_securi
&input_token,
&qop_state);
if (GSS_ERROR(maj_stat)) {
- DEBUG(1, ("GSS VerifyMic failed: %s\n",
- gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
+ char *error_string = gssapi_error_string(NULL, maj_stat, min_stat, gensec_gssapi_state->gss_oid);
+ DEBUG(1, ("GSS VerifyMic failed: %s\n", error_string));
+ talloc_free(error_string);
+
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 2e3f0219e9..8f9aa921a9 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -290,7 +290,6 @@ static bool schannel_have_feature(struct gensec_security *gensec_security,
unseal a packet
*/
static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -299,7 +298,7 @@ static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
talloc_get_type(gensec_security->private_data,
struct schannel_state);
- return netsec_incoming_packet(state, mem_ctx, true,
+ return netsec_incoming_packet(state, true,
discard_const_p(uint8_t, data),
length, sig);
}
@@ -308,7 +307,6 @@ static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
check the signature on a packet
*/
static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -317,7 +315,7 @@ static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
talloc_get_type(gensec_security->private_data,
struct schannel_state);
- return netsec_incoming_packet(state, mem_ctx, false,
+ return netsec_incoming_packet(state, false,
discard_const_p(uint8_t, data),
length, sig);
}
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index 3611d31a23..c48e87e8b5 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -96,7 +96,6 @@ static NTSTATUS gensec_spnego_server_start(struct gensec_security *gensec_securi
wrappers for the spnego_*() functions
*/
static NTSTATUS gensec_spnego_unseal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -109,14 +108,12 @@ static NTSTATUS gensec_spnego_unseal_packet(struct gensec_security *gensec_secur
}
return gensec_unseal_packet(spnego_state->sub_sec_security,
- mem_ctx,
data, length,
whole_pdu, pdu_length,
sig);
}
static NTSTATUS gensec_spnego_check_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -129,7 +126,6 @@ static NTSTATUS gensec_spnego_check_packet(struct gensec_security *gensec_securi
}
return gensec_check_packet(spnego_state->sub_sec_security,
- mem_ctx,
data, length,
whole_pdu, pdu_length,
sig);
@@ -922,7 +918,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
if (NT_STATUS_IS_OK(nt_status) && spnego.negTokenTarg.mechListMIC.length > 0) {
new_spnego = true;
nt_status = gensec_check_packet(spnego_state->sub_sec_security,
- out_mem_ctx,
spnego_state->mech_types.data,
spnego_state->mech_types.length,
spnego_state->mech_types.data,
@@ -1029,7 +1024,6 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
}
if (NT_STATUS_IS_OK(nt_status) && spnego.negTokenTarg.mechListMIC.length > 0) {
nt_status = gensec_check_packet(spnego_state->sub_sec_security,
- out_mem_ctx,
spnego_state->mech_types.data,
spnego_state->mech_types.length,
spnego_state->mech_types.data,
diff --git a/source4/auth/ntlmssp/ntlmssp_sign.c b/source4/auth/ntlmssp/ntlmssp_sign.c
index 95466b0407..72cd1549fe 100644
--- a/source4/auth/ntlmssp/ntlmssp_sign.c
+++ b/source4/auth/ntlmssp/ntlmssp_sign.c
@@ -45,7 +45,6 @@ NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
}
NTSTATUS gensec_ntlmssp_check_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *sig_mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
@@ -87,7 +86,6 @@ NTSTATUS gensec_ntlmssp_seal_packet(struct gensec_security *gensec_security,
wrappers for the ntlmssp_*() functions
*/
NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
- TALLOC_CTX *sig_mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)