From 35b309fa0cac9341f364243b03ebfcc80f74198e Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 1 Aug 2011 15:39:01 +1000
Subject: gensec: clarify memory ownership for gensec_session_info() and
 gensec_session_key()

This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.

Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.

Andrew Bartlett
---
 source4/smb_server/smb/sesssetup.c  | 5 +++--
 source4/smb_server/smb2/sesssetup.c | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

(limited to 'source4/smb_server')

diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index 116f2cd958..c84be7f79b 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -379,10 +379,11 @@ static void sesssetup_spnego_send(struct tevent_req *subreq)
 		goto failed;
 	}
 
-	status = gensec_session_info(smb_sess->gensec_ctx, &session_info);
+	status = gensec_session_info(smb_sess->gensec_ctx, smb_sess, &session_info);
 	if (!NT_STATUS_IS_OK(status)) goto failed;
 
-	skey_status = gensec_session_key(smb_sess->gensec_ctx, &session_key);
+	/* The session_key is only needed until the end of the smbsrv_setup_signing() call */
+	skey_status = gensec_session_key(smb_sess->gensec_ctx, req, &session_key);
 	if (NT_STATUS_IS_OK(skey_status)) {
 		smbsrv_setup_signing(req->smb_conn, &session_key, NULL);
 	}
diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c
index 94fe0da9fa..60e5500ee7 100644
--- a/source4/smb_server/smb2/sesssetup.c
+++ b/source4/smb_server/smb2/sesssetup.c
@@ -79,7 +79,7 @@ static void smb2srv_sesssetup_callback(struct tevent_req *subreq)
 		goto failed;
 	}
 
-	status = gensec_session_info(smb_sess->gensec_ctx, &session_info);
+	status = gensec_session_info(smb_sess->gensec_ctx, smb_sess, &session_info);
 	if (!NT_STATUS_IS_OK(status)) {
 		goto failed;
 	}
-- 
cgit