* @param host_princ The krb5_principal to create the salt for
* @param psalt A pointer to a krb5_data struct
*
-* caller has to free the contents of psalt with kerberos_free_data_contents
+* caller has to free the contents of psalt with smb_krb5_free_data_contents
* when function has succeeded
*
* @return krb5_error_code, returns 0 on success, error code otherwise
return retval;
}
-void kerberos_free_data_contents(krb5_context context, krb5_data *pdata)
+/**
+ * @brief Free the contents of a krb5_data structure and zero the data field.
+ *
+ * @param[in] context The krb5 context
+ *
+ * @param[in] pdata The data structure to free contents of
+ *
+ * This function frees the contents, not the structure itself.
+ */
+void smb_krb5_free_data_contents(krb5_context context, krb5_data *pdata)
{
#if defined(HAVE_KRB5_FREE_DATA_CONTENTS)
if (pdata->data) {
* @param[in] length The length of the data to copy
* @return krb5_error_code
*
- * Caller has to free krb5_data with kerberos_free_data_contents().
+ * Caller has to free krb5_data with smb_krb5_free_data_contents().
*/
krb5_error_code krb5_copy_data_contents(krb5_data *p,
*ticket = data_blob_talloc(mem_ctx, packet.data, packet.length);
- kerberos_free_data_contents(context, &packet);
+ smb_krb5_free_data_contents(context, &packet);
failed:
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry);
void kerberos_set_creds_enctype(krb5_creds *pcreds, int enctype);
bool kerberos_compatible_enctypes(krb5_context context, krb5_enctype enctype1, krb5_enctype enctype2);
-void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
+void smb_krb5_free_data_contents(krb5_context context, krb5_data *pdata);
krb5_error_code smb_krb5_parse_name_norealm(krb5_context context,
const char *name,
krb5_principal *principal);
aret = ADS_SUCCESS;
done:
- kerberos_free_data_contents(context, &result_code_string);
- kerberos_free_data_contents(context, &result_string);
+ smb_krb5_free_data_contents(context, &result_code_string);
+ smb_krb5_free_data_contents(context, &result_string);
krb5_free_principal(context, princ);
krb5_cc_close(context, ccache);
krb5_free_context(context);
aret = ADS_SUCCESS;
done:
- kerberos_free_data_contents(context, &result_code_string);
- kerberos_free_data_contents(context, &result_string);
+ smb_krb5_free_data_contents(context, &result_code_string);
+ smb_krb5_free_data_contents(context, &result_string);
krb5_free_principal(context, princ);
krb5_free_context(context);
return 0;
}
if (gensec_krb5_state->enc_ticket.length) {
- kerberos_free_data_contents(gensec_krb5_state->smb_krb5_context->krb5_context,
+ smb_krb5_free_data_contents(gensec_krb5_state->smb_krb5_context->krb5_context,
&gensec_krb5_state->enc_ticket);
}
} else {
*out = data_blob_talloc(out_mem_ctx, outbuf.data, outbuf.length);
}
- kerberos_free_data_contents(gensec_krb5_state->smb_krb5_context->krb5_context,
+ smb_krb5_free_data_contents(gensec_krb5_state->smb_krb5_context->krb5_context,
&outbuf);
return NT_STATUS_OK;
}
} else {
/* Found pac */
pac_blob = data_blob_talloc(tmp_ctx, pac_data.data, pac_data.length);
- kerberos_free_data_contents(context, &pac_data);
+ smb_krb5_free_data_contents(context, &pac_data);
if (!pac_blob.data) {
free(principal_string);
krb5_free_principal(context, client_principal);
}
*out = data_blob_talloc(mem_ctx, output.data, output.length);
- kerberos_free_data_contents(context, &output);
+ smb_krb5_free_data_contents(context, &output);
} else {
return NT_STATUS_ACCESS_DENIED;
}
}
*out = data_blob_talloc(mem_ctx, output.data, output.length);
- kerberos_free_data_contents(context, &output);
+ smb_krb5_free_data_contents(context, &output);
} else {
return NT_STATUS_ACCESS_DENIED;
}
ndr_err = ndr_pull_union_blob(&pac_logon_info_in, tmp_ctx, &info,
PAC_TYPE_LOGON_INFO,
(ndr_pull_flags_fn_t)ndr_pull_PAC_INFO);
- kerberos_free_data_contents(context, &k5pac_logon_info_in);
+ smb_krb5_free_data_contents(context, &k5pac_logon_info_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
&_upn_dns_info,
PAC_TYPE_UPN_DNS_INFO,
(ndr_pull_flags_fn_t)ndr_pull_PAC_INFO);
- kerberos_free_data_contents(context, &k5pac_upn_dns_info_in);
+ smb_krb5_free_data_contents(context, &k5pac_upn_dns_info_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC UPN_DNS_INFO: %s\n",
ndr_err = ndr_pull_struct_blob(&pac_srv_checksum_in, pac_srv_sig,
pac_srv_sig,
(ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA);
- kerberos_free_data_contents(context, &k5pac_srv_checksum_in);
+ smb_krb5_free_data_contents(context, &k5pac_srv_checksum_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the KDC signature: %s\n",
ndr_err = ndr_pull_struct_blob(&pac_kdc_checksum_in, pac_kdc_sig,
pac_kdc_sig,
(ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA);
- kerberos_free_data_contents(context, &k5pac_kdc_checksum_in);
+ smb_krb5_free_data_contents(context, &k5pac_kdc_checksum_in);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the KDC signature: %s\n",
io->g.salt = talloc_strndup(io->ac,
(char *)salt.data,
salt.length);
- kerberos_free_data_contents(io->smb_krb5_context->krb5_context, &salt);
+ smb_krb5_free_data_contents(io->smb_krb5_context->krb5_context, &salt);
if (!io->g.salt) {
return ldb_oom(ldb);
}
}
if (ret) {
if (key.salt) {
- kerberos_free_data_contents(context, &key.salt->salt);
+ smb_krb5_free_data_contents(context, &key.salt->salt);
free(key.salt);
key.salt = NULL;
}
&key.key);
if (ret) {
if (key.salt) {
- kerberos_free_data_contents(context, &key.salt->salt);
+ smb_krb5_free_data_contents(context, &key.salt->salt);
free(key.salt);
key.salt = NULL;
}
ENCTYPE_AES256_CTS_HMAC_SHA1_96,
&key.key);
if (ret != 0) {
- kerberos_free_data_contents(context, &salt);
+ smb_krb5_free_data_contents(context, &salt);
goto out;
}
ENCTYPE_AES128_CTS_HMAC_SHA1_96,
&key.key);
if (ret != 0) {
- kerberos_free_data_contents(context, &salt);
+ smb_krb5_free_data_contents(context, &salt);
goto out;
}
entry_ex->entry.keys.len++;
}
- kerberos_free_data_contents(context, &salt);
+ smb_krb5_free_data_contents(context, &salt);
}
if (password_hash != NULL) {
}
*out = data_blob_talloc(mem_ctx, enc_error.data, enc_error.length);
- kerberos_free_data_contents(kdc->smb_krb5_context->krb5_context,
+ smb_krb5_free_data_contents(kdc->smb_krb5_context->krb5_context,
&enc_error);
if (!out->data) {
return NT_STATUS_NO_MEMORY;
return false;
}
*error_blob = data_blob_talloc(mem_ctx, k5_error_blob.data, k5_error_blob.length);
- kerberos_free_data_contents(kdc->smb_krb5_context->krb5_context,
+ smb_krb5_free_data_contents(kdc->smb_krb5_context->krb5_context,
&k5_error_blob);
if (!error_blob->data) {
return false;
cred_blob->data,
cred_blob->length);
if (ret != 0) {
- kerberos_free_data_contents(context, &logon_data);
+ smb_krb5_free_data_contents(context, &logon_data);
return ret;
}
}
upn_blob->data,
upn_blob->length);
if (ret != 0) {
- kerberos_free_data_contents(context, &logon_data);
- kerberos_free_data_contents(context, &cred_data);
+ smb_krb5_free_data_contents(context, &logon_data);
+ smb_krb5_free_data_contents(context, &cred_data);
return ret;
}
}
deleg_blob->data,
deleg_blob->length);
if (ret != 0) {
- kerberos_free_data_contents(context, &logon_data);
- kerberos_free_data_contents(context, &cred_data);
- kerberos_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &logon_data);
+ smb_krb5_free_data_contents(context, &cred_data);
+ smb_krb5_free_data_contents(context, &upn_data);
return ret;
}
}
ret = krb5_pac_init(context, pac);
if (ret != 0) {
- kerberos_free_data_contents(context, &logon_data);
- kerberos_free_data_contents(context, &cred_data);
- kerberos_free_data_contents(context, &upn_data);
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &logon_data);
+ smb_krb5_free_data_contents(context, &cred_data);
+ smb_krb5_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
return ret;
}
ret = krb5_pac_add_buffer(context, *pac, PAC_TYPE_LOGON_INFO, &logon_data);
- kerberos_free_data_contents(context, &logon_data);
+ smb_krb5_free_data_contents(context, &logon_data);
if (ret != 0) {
- kerberos_free_data_contents(context, &upn_data);
- kerberos_free_data_contents(context, &cred_data);
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &cred_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
return ret;
}
ret = krb5_pac_add_buffer(context, *pac,
PAC_TYPE_CREDENTIAL_INFO,
&cred_data);
- kerberos_free_data_contents(context, &cred_data);
+ smb_krb5_free_data_contents(context, &cred_data);
if (ret != 0) {
- kerberos_free_data_contents(context, &upn_data);
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
return ret;
}
}
PAC_TYPE_LOGON_NAME,
&null_data);
if (ret != 0) {
- kerberos_free_data_contents(context, &upn_data);
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
return ret;
}
ret = krb5_pac_add_buffer(context, *pac,
PAC_TYPE_UPN_DNS_INFO,
&upn_data);
- kerberos_free_data_contents(context, &upn_data);
+ smb_krb5_free_data_contents(context, &upn_data);
if (ret != 0) {
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
return ret;
}
}
ret = krb5_pac_add_buffer(context, *pac,
PAC_TYPE_CONSTRAINED_DELEGATION,
&deleg_data);
- kerberos_free_data_contents(context, &deleg_data);
+ smb_krb5_free_data_contents(context, &deleg_data);
if (ret != 0) {
return ret;
}
&info, PAC_TYPE_CONSTRAINED_DELEGATION,
(ndr_pull_flags_fn_t)ndr_pull_PAC_INFO);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- kerberos_free_data_contents(context, &old_data);
+ smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
talloc_free(tmp_ctx);
ZERO_STRUCT(_d);
info.constrained_delegation.info = &_d;
}
- kerberos_free_data_contents(context, &old_data);
+ smb_krb5_free_data_contents(context, &old_data);
ret = krb5_unparse_name(context, server_principal, &server);
if (ret) {
SAFE_FREE(server);
SAFE_FREE(proxy);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- kerberos_free_data_contents(context, &old_data);
+ smb_krb5_free_data_contents(context, &old_data);
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status)));
talloc_free(tmp_ctx);
/* keyblock not alloced */
if (k->salt) {
- kerberos_free_data_contents(NULL, &k->salt->salt);
+ smb_krb5_free_data_contents(NULL, &k->salt->salt);
}
ZERO_STRUCTP(k);
ret = krb5_pac_add_buffer(context, new_pac,
type, &type_data);
- kerberos_free_data_contents(context, &type_data);
+ smb_krb5_free_data_contents(context, &type_data);
if (ret != 0) {
SAFE_FREE(types);
krb5_pac_free(context, new_pac);
torture_assert_int_equal(tctx, plain_data.length, 112, "plain_data.length");
plain_data_blob = data_blob_talloc(tctx, plain_data.data, plain_data.length);
torture_assert_int_equal(tctx, plain_data_blob.length, 112, "plain_data_blob.length");
- kerberos_free_data_contents(ctx, &plain_data);
+ smb_krb5_free_data_contents(ctx, &plain_data);
krb5_free_keyblock_contents(ctx, &reply_key);
krb5_free_context(ctx);
torture_assert_data_blob_equal(tctx,