From 9b643c8c83bda42b5f8ad1d9ca0419e1e1c0e372 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 17 Jan 2011 16:20:09 +1100 Subject: s4-gensec Don't steal the auth_context, reference it. We don't want to steal this pointer away from the caller if it's been set up from python. Andrew Bartlett --- source4/auth/gensec/gensec.c | 8 ++++++-- source4/auth/samba_server_gensec.c | 15 +++++++++++---- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index 3c25f3b913..c732c6e8de 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -507,7 +507,7 @@ const char **gensec_security_oids(struct gensec_security *gensec_security, @param mem_ctx The parent TALLOC memory context. @param gensec_security Returned GENSEC context pointer. @note The mem_ctx is only a parent and may be NULL. - @note, the auth context is moved to be a child of the + @note, the auth context is moved to be a referenced pointer of the @ gensec_security return */ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, @@ -527,7 +527,11 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, (*gensec_security)->event_ctx = ev; SMB_ASSERT(settings->lp_ctx != NULL); (*gensec_security)->settings = talloc_reference(*gensec_security, settings); - (*gensec_security)->auth_context = talloc_steal(*gensec_security, auth_context); + + /* We need to reference this, not steal, as the caller may be + * python, which won't like it if we steal it's object away + * from it */ + (*gensec_security)->auth_context = talloc_reference(*gensec_security, auth_context); return NT_STATUS_OK; } diff --git a/source4/auth/samba_server_gensec.c b/source4/auth/samba_server_gensec.c index 6d27a362e4..07b9b15e17 100644 --- a/source4/auth/samba_server_gensec.c +++ b/source4/auth/samba_server_gensec.c @@ -38,8 +38,13 @@ NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx, NTSTATUS nt_status; struct gensec_security *gensec_ctx; struct auth_context *auth_context; + + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + if (!tmp_ctx) { + return NT_STATUS_NO_MEMORY; + } - nt_status = auth_context_create(mem_ctx, + nt_status = auth_context_create(tmp_ctx, event_ctx, msg_ctx, lp_ctx, @@ -47,16 +52,17 @@ NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx, if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1, ("Failed to start auth server code: %s\n", nt_errstr(nt_status))); + talloc_free(tmp_ctx); return nt_status; } - nt_status = gensec_server_start(mem_ctx, + nt_status = gensec_server_start(tmp_ctx, event_ctx, lpcfg_gensec_settings(mem_ctx, lp_ctx), auth_context, &gensec_ctx); if (!NT_STATUS_IS_OK(nt_status)) { - talloc_free(auth_context); + talloc_free(tmp_ctx); DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(nt_status))); return nt_status; } @@ -66,6 +72,7 @@ NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx, if (target_service) { gensec_set_target_service(gensec_ctx, target_service); } - *gensec_context = gensec_ctx; + *gensec_context = talloc_steal(mem_ctx, gensec_ctx); + talloc_free(tmp_ctx); return nt_status; } -- cgit