From 7c7125be5dfdbacd702891e16529eb1412966f83 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 31 Jan 2006 01:50:54 +0000
Subject: r13247: Try to make better use of talloc in the auth/ and auth/gensec
 code. We don't want temporary memory hanging around on the long-term
 contexts.

Andrew Bartlett
(This used to be commit 85b3f6ebddfb655fdd08d1799752e562a6ff9cb1)
---
 source4/auth/gensec/gensec_krb5.c | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

(limited to 'source4/auth/gensec/gensec_krb5.c')

diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index de93c5bd0c..a52ea1b686 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -546,6 +546,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 	} else {
 		pac = data_blob_talloc(mem_ctx, pac_data.data, pac_data.length);
 		if (!pac.data) {
+			talloc_free(mem_ctx);
 			return NT_STATUS_NO_MEMORY;
 		}
 
@@ -554,6 +555,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 			DEBUG(5, ("krb5_ticket_get_client failed to get cleint principal: %s\n", 
 				  smb_get_krb5_error_message(context, 
 							     ret, mem_ctx)));
+			talloc_free(mem_ctx);
 			return NT_STATUS_NO_MEMORY;
 		}
 		
@@ -568,12 +570,11 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 		if (NT_STATUS_IS_OK(nt_status)) {
 			union netr_Validation validation;
 			validation.sam3 = &logon_info->info3;
-			nt_status = make_server_info_netlogon_validation(gensec_krb5_state, 
+			nt_status = make_server_info_netlogon_validation(mem_ctx, 
 									 NULL,
 									 3, &validation,
 									 &server_info); 
 		}
-		talloc_free(mem_ctx);
 	}
 
 		
@@ -590,6 +591,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 			DEBUG(5, ("krb5_ticket_get_client failed to get cleint principal: %s\n", 
 				  smb_get_krb5_error_message(context, 
 							     ret, mem_ctx)));
+			talloc_free(mem_ctx);
 			return NT_STATUS_NO_MEMORY;
 		}
 		
@@ -597,6 +599,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 					client_principal, &principal_string);
 		krb5_free_principal(context, client_principal);
 		if (ret) {
+			talloc_free(mem_ctx);
 			return NT_STATUS_NO_MEMORY;
 		}
 
@@ -611,16 +614,24 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 	}
 
 	/* references the server_info into the session_info */
-	nt_status = auth_generate_session_info(gensec_krb5_state, server_info, &session_info);
-	talloc_free(mem_ctx);
+	nt_status = auth_generate_session_info(mem_ctx, server_info, &session_info);
 
-	NT_STATUS_NOT_OK_RETURN(nt_status);
+	if (!NT_STATUS_IS_OK(nt_status)) {
+		talloc_free(mem_ctx);
+		return nt_status;
+	}
 
 	nt_status = gensec_krb5_session_key(gensec_security, &session_info->session_key);
-	NT_STATUS_NOT_OK_RETURN(nt_status);
+
+	if (!NT_STATUS_IS_OK(nt_status)) {
+		talloc_free(mem_ctx);
+		return nt_status;
+	}
 
 	*_session_info = session_info;
 
+	talloc_steal(gensec_krb5_state, session_info);
+	talloc_free(mem_ctx);
 	return NT_STATUS_OK;
 }
 
-- 
cgit