libcli:smb: Add smb2_signing_key_destructor()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index c2a86b850e06239cc862c3b3b3ff62d922e6f8dd..72c98d6a610b8b86d2ea6bc07fb60080526fc296 100644 (file)
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -27,6 +27,16 @@
 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
 
+int smb2_signing_key_destructor(struct smb2_signing_key *key)
+{
+       if (key->hmac_hnd != NULL) {
+               gnutls_hmac_deinit(key->hmac_hnd, NULL);
+               key->hmac_hnd = NULL;
+       }
+
+       return 0;
+}
+
 bool smb2_signing_key_valid(const struct smb2_signing_key *key)
 {
        if (key == NULL) {

diff --git a/libcli/smb/smb2_signing.h b/libcli/smb/smb2_signing.h
index 668e48ae124b284875de7263ef9d6926a336c52b..73621daf90e829143e0ab135f1a418bf3deb0845 100644 (file)
--- a/libcli/smb/smb2_signing.h
+++ b/libcli/smb/smb2_signing.h
@@ -31,6 +31,8 @@ struct smb2_signing_key {
        DATA_BLOB blob;
 };
 
+int smb2_signing_key_destructor(struct smb2_signing_key *key);
+
 bool smb2_signing_key_valid(const struct smb2_signing_key *key);
 
 NTSTATUS smb2_signing_sign_pdu(DATA_BLOB signing_key,

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 793c9870df0a8700cfb214f9b0658b462c0f8fdb..7261609c9670b6cc279208631bb6a16d6b8d10a5 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -5964,7 +5964,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
-       /* TODO: setup destructor once we cache the hmac handle */
+       talloc_set_destructor(session->smb2->signing_key,
+                             smb2_signing_key_destructor);
 
        session->smb2->signing_key->blob =
                data_blob_talloc(session->smb2->signing_key,
@@ -6041,7 +6042,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
        if (session->smb2_channel.signing_key == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
-       /* TODO: setup destructor once we cache the hmac handle */
+       talloc_set_destructor(session->smb2_channel.signing_key,
+                             smb2_signing_key_destructor);
 
        session->smb2_channel.signing_key->blob =
                data_blob_dup_talloc(session->smb2_channel.signing_key,

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index a395774c320dd728e5150427fe1ce6b5e1a061d4..97bf0e0245f394530de5bd694fbdc0c2b7b097a9 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -329,7 +329,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
-       /* TODO: setup destructor once we cache the hmac handle */
+       talloc_set_destructor(x->global->signing_key,
+                             smb2_signing_key_destructor);
 
        x->global->signing_key->blob =
                x->global->signing_key_blob =
@@ -459,7 +460,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
        if (x->global->channels[0].signing_key == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
-       /* TODO: setup destructor once we cache the hmac handle */
+       talloc_set_destructor(x->global->channels[0].signing_key,
+                             smb2_signing_key_destructor);
 
        x->global->channels[0].signing_key->blob =
                x->global->channels[0].signing_key_blob =
@@ -700,7 +702,8 @@ static NTSTATUS smbd_smb2_bind_auth_return(struct smbXsrv_session *session,
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
-       /* TODO: setup destructor once we cache the hmac handle */
+       talloc_set_destructor(c->signing_key,
+                             smb2_signing_key_destructor);
 
        c->signing_key->blob =
                c->signing_key_blob =