s3-auth Add TALLOC_CTX * to auth_generic_prepare()

This makes the long term owner of this memory more clear.  So far only the
clear cases have been moved from NULL however.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c
index 9b65f24e73703aa4de241cb759847c26a6609a7c..34a499895ef5e86066f52480033080ed36571647 100644 (file)
--- a/source3/auth/auth_generic.c
+++ b/source3/auth/auth_generic.c
@@ -31,14 +31,15 @@
 #include "librpc/rpc/dcerpc.h"
 #include "lib/param/param.h"
 
-NTSTATUS auth_generic_prepare(const struct tsocket_address *remote_address,
+NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
+                             const struct tsocket_address *remote_address,
                              struct auth_generic_state **auth_ntlmssp_state)
 {
        struct auth_context *auth_context;
        struct auth_generic_state *ans;
        NTSTATUS nt_status;
 
-       ans = talloc_zero(NULL, struct auth_generic_state);
+       ans = talloc_zero(mem_ctx, struct auth_generic_state);
        if (!ans) {
                DEBUG(0,("auth_ntlmssp_start: talloc failed!\n"));
                return NT_STATUS_NO_MEMORY;

diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 074da79a056bda4c69ea9ed0fc09632edf13fea4..31271da3e5e62c3dba374b3e0f880fe7e54120a1 100644 (file)
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -69,7 +69,7 @@ NTSTATUS auth_netlogond_init(void);
 
 /* The following definitions come from auth/auth_ntlmssp.c  */
 
-NTSTATUS auth_generic_prepare(const struct tsocket_address *remote_address,
+NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, const struct tsocket_address *remote_address,
                              struct auth_generic_state **auth_ntlmssp_state);
 NTSTATUS auth_generic_start(struct auth_generic_state *auth_ntlmssp_state, const char *oid);
 NTSTATUS auth_generic_authtype_start(struct auth_generic_state *auth_ntlmssp_state, 

diff --git a/source3/rpc_server/dcesrv_auth_generic.c b/source3/rpc_server/dcesrv_auth_generic.c
index 73737c24b7d172549e426fcf29bbd449b2b63468..dee3c16ca3b537ba7a6638454646f014f1b644a5 100644 (file)
--- a/source3/rpc_server/dcesrv_auth_generic.c
+++ b/source3/rpc_server/dcesrv_auth_generic.c
@@ -38,7 +38,7 @@ NTSTATUS auth_generic_server_start(TALLOC_CTX *mem_ctx,
        struct auth_generic_state *a = NULL;
        NTSTATUS status;
 
-       status = auth_generic_prepare(remote_address, &a);
+       status = auth_generic_prepare(talloc_tos(), remote_address, &a);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n",
                          nt_errstr(status)));
@@ -92,7 +92,7 @@ NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx,
        struct auth_generic_state *a = NULL;
        NTSTATUS status;
 
-       status = auth_generic_prepare(remote_address, &a);
+       status = auth_generic_prepare(talloc_tos(), remote_address, &a);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, (__location__ ": auth_generic_prepare failed: %s\n",
                          nt_errstr(status)));

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 2076b094a3df231bdb4daac6c7c5314d6d6495d2..0a06e4a3d74fc96b65ab8f226971ed2af1d6ebc2 100644 (file)
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -204,7 +204,8 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
        sconn->use_gensec_hook = false;
 
        /* See if we can get an SPNEGO blob out of the gensec hook (if auth_samba4 is loaded) */
-       status = auth_generic_prepare(sconn->remote_address,
+       status = auth_generic_prepare(talloc_tos(),
+                                     sconn->remote_address,
                                      &auth_ntlmssp_state);
        if (NT_STATUS_IS_OK(status)) {
                status = auth_generic_start(auth_ntlmssp_state, GENSEC_OID_SPNEGO);

diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index be5f9506d02da7422d2a9672057ff33ff2c6c1a3..a609a3bad3655fcfe5dda97381d31f9e2bd85ef4 100644 (file)
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -80,7 +80,7 @@ static NTSTATUS make_auth_ntlmssp(const struct tsocket_address *remote_address,
                                  struct smb_trans_enc_state *es)
 {
        struct auth_generic_state *auth_ntlmssp_state;
-       NTSTATUS status = auth_generic_prepare(remote_address,
+       NTSTATUS status = auth_generic_prepare(NULL, remote_address,
                                               &auth_ntlmssp_state);
        if (!NT_STATUS_IS_OK(status)) {
                return nt_status_squash(status);

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 04783a4fcd4482129efa7084c9a484de40b4bd3f..a15afd5e35072ee7d6224088ac1c0b5acb4a5b58 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -625,7 +625,7 @@ static void reply_spnego_negotiate(struct smb_request *req,
                return;
        }
 
-       status = auth_generic_prepare(sconn->remote_address,
+       status = auth_generic_prepare(NULL, sconn->remote_address,
                                      auth_ntlmssp_state);
        if (!NT_STATUS_IS_OK(status)) {
                /* Kill the intermediate vuid */
@@ -737,7 +737,7 @@ static void reply_spnego_auth(struct smb_request *req,
        data_blob_free(&secblob);
 
        if (!*auth_ntlmssp_state) {
-               status = auth_generic_prepare(sconn->remote_address,
+               status = auth_generic_prepare(NULL, sconn->remote_address,
                                              auth_ntlmssp_state);
                if (!NT_STATUS_IS_OK(status)) {
                        /* Kill the intermediate vuid */
@@ -1145,7 +1145,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
                DATA_BLOB chal;
 
                if (!vuser->auth_ntlmssp_state) {
-                       status = auth_generic_prepare(sconn->remote_address,
+                       status = auth_generic_prepare(vuser, sconn->remote_address,
                                                      &vuser->auth_ntlmssp_state);
                        if (!NT_STATUS_IS_OK(status)) {
                                /* Kill the intermediate vuid */

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index e5765dda559771e897834229f0f2a7ee400c88c9..0a9edbc273b7d337ec793a91680895823c553dcf 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -375,7 +375,7 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session,
                status = NT_STATUS_MORE_PROCESSING_REQUIRED;
        } else {
                /* Fall back to NTLMSSP. */
-               status = auth_generic_prepare(session->sconn->remote_address,
+               status = auth_generic_prepare(session, session->sconn->remote_address,
                                            &session->auth_ntlmssp_state);
                if (!NT_STATUS_IS_OK(status)) {
                        goto out;
@@ -418,7 +418,6 @@ static NTSTATUS smbd_smb2_spnego_negotiate(struct smbd_smb2_session *session,
        if (!NT_STATUS_IS_OK(status) &&
                        !NT_STATUS_EQUAL(status,
                                NT_STATUS_MORE_PROCESSING_REQUIRED)) {
-               TALLOC_FREE(session->auth_ntlmssp_state);
                TALLOC_FREE(session);
        }
        return status;
@@ -451,7 +450,6 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
 
        session->compat_vuser = talloc_zero(session, user_struct);
        if (session->compat_vuser == NULL) {
-               TALLOC_FREE(session->auth_ntlmssp_state);
                TALLOC_FREE(session);
                return NT_STATUS_NO_MEMORY;
        }
@@ -471,7 +469,6 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
                DEBUG(1, ("smb2: Failed to claim session "
                        "for vuid=%d\n",
                        session->compat_vuser->vuid));
-               TALLOC_FREE(session->auth_ntlmssp_state);
                TALLOC_FREE(session);
                return NT_STATUS_LOGON_FAILURE;
        }
@@ -564,7 +561,7 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
        }
 
        if (session->auth_ntlmssp_state == NULL) {
-               status = auth_generic_prepare(session->sconn->remote_address,
+               status = auth_generic_prepare(session, session->sconn->remote_address,
                                            &session->auth_ntlmssp_state);
                if (!NT_STATUS_IS_OK(status)) {
                        data_blob_free(&auth);
@@ -596,7 +593,6 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
 
        if (!NT_STATUS_IS_OK(status) &&
                        !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
-               TALLOC_FREE(session->auth_ntlmssp_state);
                data_blob_free(&auth);
                TALLOC_FREE(session);
                return status;
@@ -608,7 +604,6 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
                                &auth_out, status, NULL);
 
        if (out_security_buffer->data == NULL) {
-               TALLOC_FREE(session->auth_ntlmssp_state);
                TALLOC_FREE(session);
                return NT_STATUS_NO_MEMORY;
        }
@@ -641,7 +636,7 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
        *out_security_buffer = data_blob_null;
 
        if (session->auth_ntlmssp_state == NULL) {
-               status = auth_generic_prepare(session->sconn->remote_address,
+               status = auth_generic_prepare(session, session->sconn->remote_address,
                                            &session->auth_ntlmssp_state);
                if (!NT_STATUS_IS_OK(status)) {
                        TALLOC_FREE(session);
@@ -677,7 +672,6 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
                                     &session->session_info);
 
        if (!NT_STATUS_IS_OK(status)) {
-               TALLOC_FREE(session->auth_ntlmssp_state);
                TALLOC_FREE(session);
                return status;
        }
@@ -782,7 +776,6 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req,
        /* Unknown packet type. */
        DEBUG(1,("Unknown packet type %u in smb2 sessionsetup\n",
                (unsigned int)in_security_buffer.data[0] ));
-       TALLOC_FREE(session->auth_ntlmssp_state);
        TALLOC_FREE(session);
        return NT_STATUS_LOGON_FAILURE;
 }