From 606be25ecf4a31cba9f15c43ebc650aecb17e765 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Thu, 27 May 2010 05:31:45 -0400
Subject: s3:auth Free sampass as soon as we have server_info
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We don't keep sampass in server_info anymore
So it makes no sense to keep it around.

Signed-off-by: Günther Deschner <gd@samba.org>
---
 source3/auth/auth_util.c       | 5 ++++-
 source3/auth/check_samsec.c    | 7 ++-----
 source3/auth/server_info_sam.c | 2 --
 source3/smbd/sesssetup.c       | 1 +
 source3/smbd/smb2_sesssetup.c  | 1 +
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index d64cb537c7..854ab89f28 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -733,6 +733,8 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
 		return status;
 	}
 
+	TALLOC_FREE(sampass);
+
 	(*server_info)->guest = True;
 
 	status = create_local_token(*server_info);
@@ -747,7 +749,8 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
 	(*server_info)->user_session_key = data_blob(zeros, sizeof(zeros));
 	(*server_info)->lm_session_key = data_blob(zeros, sizeof(zeros));
 
-	alpha_strcpy(tmp, pdb_get_username(sampass), ". _-$", sizeof(tmp));
+	alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string,
+		     ". _-$", sizeof(tmp));
 	(*server_info)->sanitized_username = talloc_strdup(*server_info, tmp);
 
 	return NT_STATUS_OK;
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
index db2bde7bbc..ef29df4d56 100644
--- a/source3/auth/check_samsec.c
+++ b/source3/auth/check_samsec.c
@@ -484,11 +484,8 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
 	become_root();
 	nt_status = make_server_info_sam(server_info, sampass);
 	unbecome_root();
-	/*
-	 * sampass has been stolen to server_info.
-	 * So NULL it out to prevent segfaults.
-	 */
-	sampass = NULL;
+
+	TALLOC_FREE(sampass);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		DEBUG(0,("check_sam_security: make_server_info_sam() failed with '%s'\n", nt_errstr(nt_status)));
diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
index 4dd3156fe5..76f32159af 100644
--- a/source3/auth/server_info_sam.c
+++ b/source3/auth/server_info_sam.c
@@ -149,8 +149,6 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
 		 pdb_get_username(sampass), result->unix_name));
 
 	*server_info = result;
-	/* Ensure that the sampass will be freed with the result */
-	talloc_steal(result, sampass);
 
 	return NT_STATUS_OK;
 }
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index a561e3a593..9d0c68512c 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -504,6 +504,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
 			DEBUG(10, ("found user %s in passdb, calling "
 				   "make_server_info_sam\n", real_username));
 			ret = make_server_info_sam(&server_info, sampass);
+			TALLOC_FREE(sampass);
 		} else {
 			/*
 			 * User not in passdb, make it up artificially
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 7ac003fad6..d8972156a1 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -345,6 +345,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
 			DEBUG(10, ("smb2: found user %s in passdb, calling "
 				"make_server_info_sam\n", real_username));
 			status = make_server_info_sam(&tmp_server_info, sampass);
+			TALLOC_FREE(sampass);
 		} else {
 			/*
 			 * User not in passdb, make it up artificially
-- 
cgit