From b2c3c08b461042de683b0e49dcaa5f9386c72f9e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 1 Jul 2009 14:01:24 +1000 Subject: fixed the use of talloc_steal in ntlmssp_server The previous use of talloc_steal could cause a steal of a pointer that had references. This ensures that doesn't happen --- source4/auth/ntlmssp/ntlmssp_server.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 00d3e56171..28169d9ff4 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -458,6 +458,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, } else if (user_session_key && user_session_key->data) { session_key = *user_session_key; + talloc_steal(gensec_ntlmssp_state, session_key.data); DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n")); dump_data_pw("unmodified session key:\n", session_key.data, session_key.length); @@ -467,6 +468,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, } else if (lm_session_key && lm_session_key->data) { /* Very weird to have LM key, but no user session key, but anyway.. */ session_key = *lm_session_key; + talloc_steal(gensec_ntlmssp_state, session_key.data); DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n")); dump_data_pw("unmodified session key:\n", session_key.data, session_key.length); @@ -511,9 +513,6 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, gensec_ntlmssp_state->session_key = session_key; } - /* keep the session key around on the new context */ - talloc_steal(gensec_ntlmssp_state, session_key.data); - if ((gensec_security->want_features & GENSEC_FEATURE_SIGN) || (gensec_security->want_features & GENSEC_FEATURE_SEAL)) { nt_status = ntlmssp_sign_init(gensec_ntlmssp_state); -- cgit