sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-21 18:04:06 +03:00
Code

libcli/smb: Convert struct smb_trans_enc_state to talloc

Browse Source 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2012-01-14 15:30:34 +11:00 committed by Stefan Metzmacher
parent fce53e0e79
commit 5ad7665b63
5 changed files with 20 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libcli/smb/smbXcli_base.c
View File

@ -214,7 +214,7 @@ static int smbXcli_conn_destructor(struct smbXcli_conn *conn)
}
if (conn->smb1.trans_enc) {
common_free_encryption_state(&conn->smb1.trans_enc);
TALLOC_FREE(conn->smb1.trans_enc);
}
return 0;
@ -596,7 +596,7 @@ void smb1cli_conn_set_encryption(struct smbXcli_conn *conn,
{
/* Replace the old state, if any. */
if (conn->smb1.trans_enc) {
common_free_encryption_state(&conn->smb1.trans_enc);
TALLOC_FREE(conn->smb1.trans_enc);
}
conn->smb1.trans_enc = es;
}

19
libcli/smb/smb_seal.c
View File

@ -199,25 +199,6 @@ NTSTATUS common_decrypt_buffer(struct smb_trans_enc_state *es, char *buf)
return common_gensec_decrypt_buffer(es->gensec_security, buf);
}
/******************************************************************************
Shutdown an encryption state.
******************************************************************************/
void common_free_encryption_state(struct smb_trans_enc_state **pp_es)
{
struct smb_trans_enc_state *es = *pp_es;
if (es == NULL) {
return;
}
if (es->gensec_security) {
TALLOC_FREE(es->gensec_security);
}
SAFE_FREE(es);
*pp_es = NULL;
}
/******************************************************************************
Free an encryption-allocated buffer.
******************************************************************************/

1
libcli/smb/smb_seal.h
View File

@ -32,7 +32,6 @@ NTSTATUS get_enc_ctx_num(const uint8_t *buf, uint16_t *p_enc_ctx_num);
bool common_encryption_on(struct smb_trans_enc_state *es);
NTSTATUS common_encrypt_buffer(struct smb_trans_enc_state *es, char *buffer, char **buf_out);
NTSTATUS common_decrypt_buffer(struct smb_trans_enc_state *es, char *buf);
void common_free_encryption_state(struct smb_trans_enc_state **pp_es);
void common_free_enc_buffer(struct smb_trans_enc_state *es, char *buf);
#endif /* _HEADER_SMB_CRYPT_H */

32
source3/libsmb/clifsinfo.c
View File

@ -572,22 +572,6 @@ static NTSTATUS enc_blob_send_receive(struct cli_state *cli, DATA_BLOB *in, DATA
return status;
}
/******************************************************************************
Make a client state struct.
******************************************************************************/
static struct smb_trans_enc_state *make_cli_enc_state(void)
{
struct smb_trans_enc_state *es = NULL;
es = SMB_MALLOC_P(struct smb_trans_enc_state);
if (!es) {
return NULL;
}
ZERO_STRUCTP(es);
return es;
}
/******************************************************************************
Start a raw ntlmssp encryption.
******************************************************************************/
@ -602,12 +586,11 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
DATA_BLOB param_out = data_blob_null;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
struct auth_generic_state *auth_generic_state;
struct smb_trans_enc_state *es = make_cli_enc_state();
struct smb_trans_enc_state *es = talloc_zero(NULL, struct smb_trans_enc_state);
if (!es) {
return NT_STATUS_NO_MEMORY;
}
status = auth_generic_client_prepare(NULL,
status = auth_generic_client_prepare(es,
&auth_generic_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
@ -668,8 +651,7 @@ NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
}
fail:
TALLOC_FREE(auth_generic_state);
common_free_encryption_state(&es);
TALLOC_FREE(es);
return status;
}
@ -684,13 +666,13 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
DATA_BLOB param_out = data_blob_null;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
struct auth_generic_state *auth_generic_state;
struct smb_trans_enc_state *es = make_cli_enc_state();
struct smb_trans_enc_state *es = talloc_zero(NULL, struct smb_trans_enc_state);
if (!es) {
return NT_STATUS_NO_MEMORY;
}
status = auth_generic_client_prepare(NULL,
status = auth_generic_client_prepare(es,
&auth_generic_state);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
@ -747,13 +729,13 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
/* We only need the gensec_security part from here.
* es is a malloc()ed pointer, so we cannot make
* gensec_security a talloc child */
es->gensec_security = talloc_move(NULL,
es->gensec_security = talloc_move(es,
&auth_generic_state->gensec_security);
smb1cli_conn_set_encryption(cli->conn, es);
es = NULL;
}
fail:
common_free_encryption_state(&es);
TALLOC_FREE(es);
return status;
}

45
source3/smbd/seal.c
View File

@ -77,16 +77,15 @@ bool is_encrypted_packet(struct smbd_server_connection *sconn,
static NTSTATUS make_auth_gensec(const struct tsocket_address *remote_address,
struct smb_trans_enc_state *es)
{
struct gensec_security *gensec_security;
NTSTATUS status;
status = auth_generic_prepare(NULL, remote_address,
&gensec_security);
status = auth_generic_prepare(es, remote_address,
&es->gensec_security);
if (!NT_STATUS_IS_OK(status)) {
return nt_status_squash(status);
}
gensec_want_feature(gensec_security, GENSEC_FEATURE_SEAL);
gensec_want_feature(es->gensec_security, GENSEC_FEATURE_SEAL);
/*
* We could be accessing the secrets.tdb or krb5.keytab file here.
@ -94,38 +93,17 @@ static NTSTATUS make_auth_gensec(const struct tsocket_address *remote_address,
*/
become_root();
status = gensec_start_mech_by_oid(gensec_security, GENSEC_OID_SPNEGO);
status = gensec_start_mech_by_oid(es->gensec_security, GENSEC_OID_SPNEGO);
unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(gensec_security);
return nt_status_squash(status);
}
es->gensec_security = gensec_security;
return status;
}
/******************************************************************************
Shutdown a server encryption context.
******************************************************************************/
static void srv_free_encryption_context(struct smb_trans_enc_state **pp_es)
{
struct smb_trans_enc_state *es = *pp_es;
if (!es) {
return;
}
common_free_encryption_state(&es);
SAFE_FREE(es);
*pp_es = NULL;
}
/******************************************************************************
Create a server encryption context.
******************************************************************************/
@ -139,15 +117,14 @@ static NTSTATUS make_srv_encryption_context(const struct tsocket_address *remote
*pp_es = NULL;
ZERO_STRUCTP(partial_srv_trans_enc_ctx);
es = SMB_MALLOC_P(struct smb_trans_enc_state);
es = talloc_zero(NULL, struct smb_trans_enc_state);
if (!es) {
return NT_STATUS_NO_MEMORY;
}
ZERO_STRUCTP(es);
status = make_auth_gensec(remote_address,
es);
if (!NT_STATUS_IS_OK(status)) {
srv_free_encryption_context(&es);
TALLOC_FREE(es);
return status;
}
*pp_es = es;
@ -241,7 +218,7 @@ NTSTATUS srv_request_encryption_setup(connection_struct *conn,
es = partial_srv_trans_enc_ctx;
if (!es || es->gensec_security == NULL) {
srv_free_encryption_context(&partial_srv_trans_enc_ctx);
TALLOC_FREE(partial_srv_trans_enc_ctx);
return NT_STATUS_INVALID_PARAMETER;
}
@ -253,7 +230,7 @@ NTSTATUS srv_request_encryption_setup(connection_struct *conn,
unbecome_root();
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
!NT_STATUS_IS_OK(status)) {
srv_free_encryption_context(&partial_srv_trans_enc_ctx);
TALLOC_FREE(partial_srv_trans_enc_ctx);
return nt_status_squash(status);
}
@ -310,7 +287,7 @@ NTSTATUS srv_encryption_start(connection_struct *conn)
return status;
}
/* Throw away the context we're using currently (if any). */
srv_free_encryption_context(&srv_trans_enc_ctx);
TALLOC_FREE(srv_trans_enc_ctx);
/* Steal the partial pointer. Deliberate shallow copy. */
srv_trans_enc_ctx = partial_srv_trans_enc_ctx;
@ -328,6 +305,6 @@ NTSTATUS srv_encryption_start(connection_struct *conn)
void server_encryption_shutdown(struct smbd_server_connection *sconn)
{
srv_free_encryption_context(&partial_srv_trans_enc_ctx);
srv_free_encryption_context(&srv_trans_enc_ctx);
TALLOC_FREE(partial_srv_trans_enc_ctx);
TALLOC_FREE(srv_trans_enc_ctx);
}