From d3e28ccd4824adce2feed9fe53cf2d4d393d607a Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 20 May 2007 09:44:03 +0000 Subject: r23020: a better fix for the memory leak - this one doesn't stuff up spnego :) (This used to be commit 9a8da730a725fc9fc1a3e407273e688f44eadfe1) --- source4/smb_server/session.c | 3 ++- source4/smb_server/smb/sesssetup.c | 12 +++++++++--- source4/smb_server/smb2/sesssetup.c | 6 +++++- 3 files changed, 16 insertions(+), 5 deletions(-) (limited to 'source4') diff --git a/source4/smb_server/session.c b/source4/smb_server/session.c index e95dc9e856..bd5660e481 100644 --- a/source4/smb_server/session.c +++ b/source4/smb_server/session.c @@ -136,6 +136,7 @@ static int smbsrv_session_destructor(struct smbsrv_session *sess) * gensec_ctx is optional, but talloc_steal'ed when present */ struct smbsrv_session *smbsrv_session_new(struct smbsrv_connection *smb_conn, + TALLOC_CTX *mem_ctx, struct gensec_security *gensec_ctx) { struct smbsrv_session *sess = NULL; @@ -144,7 +145,7 @@ struct smbsrv_session *smbsrv_session_new(struct smbsrv_connection *smb_conn, /* Ensure no vuid gets registered in share level security. */ if (smb_conn->config.security == SEC_SHARE) return NULL; - sess = talloc_zero(smb_conn, struct smbsrv_session); + sess = talloc_zero(mem_ctx, struct smbsrv_session); if (!sess) return NULL; sess->smb_conn = smb_conn; diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index b6bddaa5b1..2e9403b10a 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -49,6 +49,8 @@ static void smbsrv_sesssetup_backend_send(struct smbsrv_request *req, { if (NT_STATUS_IS_OK(status)) { req->smb_conn->negotiate.done_sesssetup = True; + /* we need to keep the session long term */ + req->session = talloc_steal(req->smb_conn, req->session); } smbsrv_reply_sesssetup_send(req, sess, status); } @@ -71,7 +73,7 @@ static void sesssetup_old_send(struct auth_check_password_request *areq, if (!NT_STATUS_IS_OK(status)) goto failed; /* allocate a new session */ - smb_sess = smbsrv_session_new(req->smb_conn, NULL); + smb_sess = smbsrv_session_new(req->smb_conn, req, NULL); if (!smb_sess) { status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; @@ -166,7 +168,7 @@ static void sesssetup_nt1_send(struct auth_check_password_request *areq, if (!NT_STATUS_IS_OK(status)) goto failed; /* allocate a new session */ - smb_sess = smbsrv_session_new(req->smb_conn, NULL); + smb_sess = smbsrv_session_new(req->smb_conn, req, NULL); if (!smb_sess) { status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; @@ -339,6 +341,10 @@ done: failed: status = auth_nt_status_squash(status); smbsrv_sesssetup_backend_send(req, sess, status); + if (!NT_STATUS_IS_OK(status) && + !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + talloc_free(smb_sess); + } } /* @@ -394,7 +400,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se } /* allocate a new session */ - smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + smb_sess = smbsrv_session_new(req->smb_conn, req->smb_conn, gensec_ctx); if (!smb_sess) { status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index c99b443a35..3439f2f068 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -95,6 +95,10 @@ done: failed: req->status = auth_nt_status_squash(status); smb2srv_sesssetup_send(req, io); + if (!NT_STATUS_IS_OK(status) && ! + NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + talloc_free(smb_sess); + } } static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_sesssetup *io) @@ -138,7 +142,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses } /* allocate a new session */ - smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + smb_sess = smbsrv_session_new(req->smb_conn, req->smb_conn, gensec_ctx); if (!smb_sess) { status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; -- cgit