const char *name, /* in unix charset */
krb5_principal *principal);
-krb5_error_code smb_krb5_unparse_name(krb5_context context,
- krb5_const_principal principal,
- char **unix_name);
+krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
+ krb5_context context,
+ krb5_const_principal principal,
+ char **unix_name);
#ifndef HAVE_KRB5_SET_REAL_TIME
krb5_error_code krb5_set_real_time(krb5_context context, int32_t seconds, int32_t microseconds);
data_blob_free(&sesskey1);
data_blob_free(&sesskey2);
- SAFE_FREE(client_princ_out);
+ TALLOC_FREE(client_princ_out);
return status;
}
/* look under the old key. If this fails, just use the standard key */
- if (smb_krb5_unparse_name(context, host_princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, host_princ, &unparsed_name) != 0) {
return (krb5_principal)NULL;
}
if ((salt_princ_s = kerberos_secrets_fetch_salting_principal(unparsed_name, enctype)) == NULL) {
ret_princ = NULL;
}
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
SAFE_FREE(salt_princ_s);
return ret_princ;
goto out;
}
- if (smb_krb5_unparse_name(context, princ, &unparsed_name) != 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, princ, &unparsed_name) != 0) {
goto out;
}
SAFE_FREE(key);
SAFE_FREE(princ_s);
- SAFE_FREE(unparsed_name);
+ TALLOC_FREE(unparsed_name);
if (princ) {
krb5_free_principal(context, princ);
while(!krb5_kt_next_entry(context, keytab, &kt_entry, &cursor)) {
bool compare_name_ok = False;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_kt_add_entry_ext: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
ktprinc, kt_entry.vno));
}
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
if (compare_name_ok) {
if (kt_entry.vno == kvno - 1) {
}
}
- TALLOC_FREE( ctx );
-
/* Now loop through the keytab and update any other existing entries... */
kvno = (krb5_kvno) ads_get_machine_kvno(ads, machine_name);
if (kvno == -1) {
DEBUG(1,("ads_keytab_create_default: ads_get_machine_kvno failed to determine the system's kvno.\n"));
+ TALLOC_FREE(ctx);
return -1;
}
ret = krb5_init_context(&context);
if (ret) {
DEBUG(1,("ads_keytab_create_default: could not krb5_init_context: %s\n",error_message(ret)));
+ TALLOC_FREE(ctx);
return ret;
}
if (!found) {
goto done;
}
- oldEntries = SMB_MALLOC_ARRAY(char *, found );
+ oldEntries = talloc_array(ctx, char *, found );
if (!oldEntries) {
DEBUG(1,("ads_keytab_create_default: Failed to allocate space to store the old keytab entries (malloc failed?).\n"));
ret = -1;
char *p;
/* This returns a malloc'ed string in ktprinc. */
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &ktprinc);
+ ret = smb_krb5_unparse_name(oldEntries, context, kt_entry.principal, &ktprinc);
if (ret) {
DEBUG(1,("smb_krb5_unparse_name failed (%s)\n", error_message(ret)));
goto done;
break;
}
if (!strcmp(oldEntries[i], ktprinc)) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
break;
}
}
if (i == found) {
- SAFE_FREE(ktprinc);
+ TALLOC_FREE(ktprinc);
}
}
smb_krb5_kt_free_entry(context, &kt_entry);
ret = 0;
for (i = 0; oldEntries[i]; i++) {
ret |= ads_keytab_add_entry(ads, oldEntries[i]);
- SAFE_FREE(oldEntries[i]);
+ TALLOC_FREE(oldEntries[i]);
}
krb5_kt_end_seq_get(context, keytab, &cursor);
}
done:
- SAFE_FREE(oldEntries);
+ TALLOC_FREE(oldEntries);
+ TALLOC_FREE(ctx);
{
krb5_keytab_entry zero_kt_entry;
char *etype_s = NULL;
krb5_enctype enctype = 0;
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &princ_s);
if (ret) {
goto out;
}
if (ret) {
if (asprintf(&etype_s, "UNKNOWN: %d\n", enctype) == -1)
{
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
goto out;
}
}
printf("%3d %s\t\t %s\n", kt_entry.vno, etype_s, princ_s);
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
SAFE_FREE(etype_s);
ret = smb_krb5_kt_free_entry(context, &kt_entry);
}
while (!auth_ok && (krb5_kt_next_entry(context, keytab, &kt_entry, &kt_cursor) == 0)) {
- ret = smb_krb5_unparse_name(context, kt_entry.principal, &entry_princ_s);
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal, &entry_princ_s);
if (ret) {
DEBUG(1, ("ads_keytab_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
}
/* Free the name we parsed. */
- SAFE_FREE(entry_princ_s);
+ TALLOC_FREE(entry_princ_s);
/* Free the entry we just read. */
smb_krb5_kt_free_entry(context, &kt_entry);
#endif
#endif
- if ((ret = smb_krb5_unparse_name(context, client_principal, principal))) {
+ if ((ret = smb_krb5_unparse_name(mem_ctx, context, client_principal, principal))) {
DEBUG(3,("ads_verify_ticket: smb_krb5_unparse_name failed (%s)\n",
error_message(ret)));
sret = NT_STATUS_LOGON_FAILURE;
goto cont;
}
- ret = smb_krb5_unparse_name(context, kt_entry.principal,
+ ret = smb_krb5_unparse_name(talloc_tos(), context, kt_entry.principal,
&princ_s);
if (ret) {
DEBUG(5, ("smb_krb5_unparse_name failed (%s)\n",
cont:
smb_krb5_kt_free_entry(context, &kt_entry);
- SAFE_FREE(princ_s);
+ TALLOC_FREE(princ_s);
}
ret = krb5_kt_end_seq_get(context, keytab, &cursor);
krb5_keyblock *keyp;
char *princ_s = NULL;
+ entry = NULL;
+
if (kt_entry.vno != kvno) {
goto cont;
}
goto cont;
}
- ret = smb_krb5_unparse_name(ctx->context, kt_entry.principal,
+ entry = talloc_zero(mem_ctx, struct libnet_keytab_entry);
+ if (!entry) {
+ DEBUG(3, ("talloc failed\n"));
+ goto fail;
+ }
+
+ ret = smb_krb5_unparse_name(entry, ctx->context, kt_entry.principal,
&princ_s);
if (ret) {
goto cont;
goto cont;
}
- entry = talloc_zero(mem_ctx, struct libnet_keytab_entry);
- if (!entry) {
- DEBUG(3, ("talloc failed\n"));
- goto fail;
- }
-
- entry->name = talloc_strdup(entry, princ_s);
- if (!entry->name) {
- DEBUG(3, ("talloc_strdup_failed\n"));
- goto fail;
- }
-
entry->principal = talloc_strdup(entry, princ_s);
if (!entry->principal) {
DEBUG(3, ("talloc_strdup_failed\n"));
goto fail;
}
+ entry->name = talloc_move(entry, &princ_s);
+
entry->password = data_blob_talloc(entry, KRB5_KEY_DATA(keyp),
KRB5_KEY_LENGTH(keyp));
if (!entry->password.data) {
DEBUG(10, ("found entry\n"));
smb_krb5_kt_free_entry(ctx->context, &kt_entry);
- SAFE_FREE(princ_s);
break;
fail:
smb_krb5_kt_free_entry(ctx->context, &kt_entry);
- SAFE_FREE(princ_s);
TALLOC_FREE(entry);
break;
cont:
smb_krb5_kt_free_entry(ctx->context, &kt_entry);
- SAFE_FREE(princ_s);
+ TALLOC_FREE(entry);
continue;
}
char *utf8_name;
size_t converted_size;
- if (!push_utf8_allocate(&utf8_name, name, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_name, name, &converted_size)) {
return ENOMEM;
}
ret = krb5_parse_name(context, utf8_name, principal);
- SAFE_FREE(utf8_name);
+ TALLOC_FREE(utf8_name);
return ret;
}
size_t converted_size;
*principal = NULL;
- if (!push_utf8_allocate(&utf8_name, name, &converted_size)) {
+ if (!push_utf8_talloc(talloc_tos(), &utf8_name, name, &converted_size)) {
return ENOMEM;
}
ret = krb5_parse_name_norealm(context, utf8_name, principal);
- SAFE_FREE(utf8_name);
+ TALLOC_FREE(utf8_name);
return ret;
}
#endif
/**************************************************************
krb5_parse_name that returns a UNIX charset name. Must
- be freed with normal free() call.
+ be freed with talloc_free() call.
**************************************************************/
- krb5_error_code smb_krb5_unparse_name(krb5_context context,
- krb5_const_principal principal,
- char **unix_name)
+krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
+ krb5_context context,
+ krb5_const_principal principal,
+ char **unix_name)
{
krb5_error_code ret;
char *utf8_name;
return ret;
}
- if (!pull_utf8_allocate(unix_name, utf8_name, &converted_size)) {
+ if (!pull_utf8_talloc(mem_ctx, unix_name, utf8_name, &converted_size)) {
krb5_free_unparsed_name(context, utf8_name);
return ENOMEM;
}
}
if ( DEBUGLEVEL >= 10 ) {
- if (smb_krb5_unparse_name(context, server, &name) == 0) {
+ if (smb_krb5_unparse_name(talloc_tos(), context, server, &name) == 0) {
DEBUG(10,("get_key_from_keytab: will look for kvno %d, enctype %d and name: %s\n",
kvno, enctype, name));
- SAFE_FREE(name);
+ TALLOC_FREE(name);
}
}
DEBUG(3,("Doesn't look like a valid principal\n"));
data_blob_free(&ap_rep);
data_blob_free(&session_key);
- SAFE_FREE(client);
talloc_destroy(mem_ctx);
reply_nterror(req,nt_status_squash(NT_STATUS_LOGON_FAILURE));
return;
if (!lp_allow_trusted_domains()) {
data_blob_free(&ap_rep);
data_blob_free(&session_key);
- SAFE_FREE(client);
talloc_destroy(mem_ctx);
reply_nterror(req, nt_status_squash(
NT_STATUS_LOGON_FAILURE));
if ( !pw ) {
DEBUG(1,("Username %s is invalid on this system\n",
user));
- SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
TALLOC_FREE(mem_ctx);
if ( !NT_STATUS_IS_OK(ret) ) {
DEBUG(1,("make_server_info_info3 failed: %s!\n",
nt_errstr(ret)));
- SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
TALLOC_FREE(mem_ctx);
if ( !NT_STATUS_IS_OK(ret) ) {
DEBUG(1,("make_server_info_pw failed: %s!\n",
nt_errstr(ret)));
- SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
TALLOC_FREE(mem_ctx);
if ( !NT_STATUS_IS_OK(ret) ) {
DEBUG(10,("failed to create local token: %s\n",
nt_errstr(ret)));
- SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
TALLOC_FREE( mem_ctx );
nullblob,
client);
- SAFE_FREE(client);
-
reply_outbuf(req, 4, 0);
SSVAL(req->outbuf,smb_uid,sess_vuid);
&principal, &pac_data, &ap_rep,
&session_key, True);
- talloc_destroy(mem_ctx);
-
/* Now in "principal" we have the name we are
authenticated as. */
user = SMB_STRDUP(principal);
data_blob_free(&ap_rep);
-
- SAFE_FREE(principal);
}
+
+ TALLOC_FREE(mem_ctx);
}
#endif