From 90603cb3cddcab3c7577cdad81e4a134c39de4ce Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Tue, 22 Nov 2005 10:22:59 +0000
Subject: r11846: Destroy the TALLOC_CTX on error in the Kerberos session setup
 and give a more precise inline comment why PAC verification may fail.

Guenther
(This used to be commit 43b57715e9b44a0a0c7cc7fe3674a5fd4369e78b)
---
 source3/smbd/sesssetup.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'source3/smbd')

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 2c96760167..8aa046b85a 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -168,6 +168,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		return ERROR_NT(NT_STATUS_NO_MEMORY);
 
 	if (!spnego_parse_krb5_wrap(*secblob, &ticket, tok_id)) {
+		talloc_destroy(mem_ctx);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
@@ -177,6 +178,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
 	if (!NT_STATUS_IS_OK(ret)) {
 		DEBUG(1,("Failed to verify incoming ticket!\n"));	
+		talloc_destroy(mem_ctx);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
@@ -188,6 +190,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 		data_blob_free(&ap_rep);
 		data_blob_free(&session_key);
 		SAFE_FREE(client);
+		talloc_destroy(mem_ctx);
 		return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 	}
 
@@ -206,6 +209,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 			data_blob_free(&ap_rep);
 			data_blob_free(&session_key);
 			SAFE_FREE(client);
+			talloc_destroy(mem_ctx);
 			return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 		}
 	}
@@ -283,6 +287,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 			SAFE_FREE(client);
 			data_blob_free(&ap_rep);
 			data_blob_free(&session_key);
+			talloc_destroy(mem_ctx);
 			return ERROR_NT(NT_STATUS_LOGON_FAILURE);
 		}
 	}
@@ -302,6 +307,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 			data_blob_free(&ap_rep);
 			data_blob_free(&session_key);
 			passwd_free(&pw);
+			talloc_destroy(mem_ctx);
 			return ERROR_NT(ret);
 		}
 
@@ -314,6 +320,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 			data_blob_free(&ap_rep);
 			data_blob_free(&session_key);
 			passwd_free(&pw);
+			talloc_destroy(mem_ctx);
 			return ERROR_NT(ret);
 		}
 
-- 
cgit