From 5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 25 May 2004 14:06:28 +0000 Subject: r874: This patch is a pile of work on NTLMSSP: Samba's NTLMSSP code is now fully talloc based, which should go a long way to cleaning up the memory leaks in this code. This also avoids a lot of extra copies of data, as we now allocate the 'return' blobs on a caller-supplied context. I have also been doing a lot of work towards NTLM2 signing and sealing. I have this working for sealing, but not for the verifier (MD5 integrity check on the stream) which is still incorrect. (I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the data arrives intact, but the signature check fails. It does however match the test values I have...). The new torture test is cludged in - when we get a unit test suite back, I'll happliy put it in the 'right' place.... Andrew Bartlett (This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9) --- source4/libcli/auth/schannel.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'source4/libcli/auth/schannel.c') diff --git a/source4/libcli/auth/schannel.c b/source4/libcli/auth/schannel.c index e5a786ff24..59d0c4aa7d 100644 --- a/source4/libcli/auth/schannel.c +++ b/source4/libcli/auth/schannel.c @@ -93,6 +93,7 @@ static void schannel_digest(const uchar sess_key[16], unseal a packet */ NTSTATUS schannel_unseal_packet(struct schannel_state *state, + TALLOC_CTX *mem_ctx, uchar *data, size_t length, DATA_BLOB *sig) { @@ -183,6 +184,7 @@ NTSTATUS schannel_check_packet(struct schannel_state *state, seal a packet */ NTSTATUS schannel_seal_packet(struct schannel_state *state, + TALLOC_CTX *mem_ctx, uchar *data, size_t length, DATA_BLOB *sig) { @@ -208,7 +210,7 @@ NTSTATUS schannel_seal_packet(struct schannel_state *state, netsec_deal_with_seq_num(state, digest_final, seq_num); if (!state->signature.data) { - state->signature = data_blob_talloc(state->mem_ctx, NULL, 32); + state->signature = data_blob_talloc(mem_ctx, NULL, 32); if (!state->signature.data) { return NT_STATUS_NO_MEMORY; } @@ -233,6 +235,7 @@ NTSTATUS schannel_seal_packet(struct schannel_state *state, sign a packet */ NTSTATUS schannel_sign_packet(struct schannel_state *state, + TALLOC_CTX *mem_ctx, const uchar *data, size_t length, DATA_BLOB *sig) { @@ -250,7 +253,7 @@ NTSTATUS schannel_sign_packet(struct schannel_state *state, netsec_deal_with_seq_num(state, digest_final, seq_num); if (!state->signature.data) { - state->signature = data_blob_talloc(state->mem_ctx, NULL, 32); + state->signature = data_blob_talloc(mem_ctx, NULL, 32); if (!state->signature.data) { return NT_STATUS_NO_MEMORY; } -- cgit