From f5db8edc97a3dcbbab7a33a41b54fc17902872ea Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 24 Sep 2004 06:51:14 +0000
Subject: r2587: fixed a couple of authentication memory leaks. There are more
 to be fixed - I'll commit a little test suite soon. (This used to be commit
 5b967c1cbb9831f7f2c6c6187f9e8e6dcc284497)

---
 source4/libcli/auth/spnego.c       | 2 ++
 source4/libcli/auth/spnego_parse.c | 4 ++++
 source4/libcli/raw/clisession.c    | 5 +++--
 3 files changed, 9 insertions(+), 2 deletions(-)

(limited to 'source4')

diff --git a/source4/libcli/auth/spnego.c b/source4/libcli/auth/spnego.c
index 696240f8d6..bbf8f86676 100644
--- a/source4/libcli/auth/spnego.c
+++ b/source4/libcli/auth/spnego.c
@@ -528,6 +528,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 			nt_status = gensec_set_target_principal(gensec_security, 
 								spnego.negTokenInit.targetPrincipal);
 			if (!NT_STATUS_IS_OK(nt_status)) {
+				spnego_free_data(&spnego);
 				return nt_status;
 			}
 		}
@@ -540,6 +541,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 							     &unwrapped_out);
 
 		if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(nt_status)) {
+			spnego_free_data(&spnego);
 			return nt_status;
 		}
 
diff --git a/source4/libcli/auth/spnego_parse.c b/source4/libcli/auth/spnego_parse.c
index 047d17ce5a..20b766a4e2 100644
--- a/source4/libcli/auth/spnego_parse.c
+++ b/source4/libcli/auth/spnego_parse.c
@@ -54,6 +54,10 @@ static BOOL read_negTokenInit(ASN1_DATA *asn1, struct spnego_negTokenInit *token
 					talloc_realloc(token->mechTypes, (i + 2) *
 						       sizeof(*token->mechTypes));
 				asn1_read_OID(asn1, token->mechTypes + i);
+				if (token->mechTypes[i]) {
+					talloc_steal(token->mechTypes, 
+						     token->mechTypes[i]);
+				}
 			}
 			token->mechTypes[i] = NULL;
 			
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c
index 2bd2d0e054..264c1cd616 100644
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -446,8 +446,8 @@ static NTSTATUS smb_raw_session_setup_generic_spnego(struct smbcli_session *sess
 	}
 	
 	status = gensec_update(session->gensec, mem_ctx,
-				       session->transport->negotiate.secblob,
-				       &s2.spnego.in.secblob);
+			       session->transport->negotiate.secblob,
+			       &s2.spnego.in.secblob);
 
 	while(1) {
 		if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(status)) {
@@ -493,6 +493,7 @@ done:
 		parms->generic.out.lanman = s2.spnego.out.lanman;
 		parms->generic.out.domain = s2.spnego.out.domain;
 	} else {
+		gensec_end(&session->gensec);
 		DEBUG(1, ("Failed to login with %s: %s\n", gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
 		return status;
 	}
-- 
cgit