Commit 6720a129 authored by Kai Blin's avatar Kai Blin Committed by Alexandre Julliard

secur32: Delete session key and arc4 context when the session based security context is deleted.

parent d88d2d4d
...@@ -258,7 +258,6 @@ void cleanup_helper(PNegoHelper helper) ...@@ -258,7 +258,6 @@ void cleanup_helper(PNegoHelper helper)
return; return;
HeapFree(GetProcessHeap(), 0, helper->com_buf); HeapFree(GetProcessHeap(), 0, helper->com_buf);
HeapFree(GetProcessHeap(), 0, helper->session_key);
/* closing stdin will terminate ntlm_auth */ /* closing stdin will terminate ntlm_auth */
close(helper->pipe_out); close(helper->pipe_out);
......
...@@ -690,7 +690,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW( ...@@ -690,7 +690,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
} }
TRACE("Session key is %s\n", debugstr_a(buffer+3)); TRACE("Session key is %s\n", debugstr_a(buffer+3));
helper->valid_session_key = TRUE; helper->valid_session_key = TRUE;
if(!helper->session_key)
helper->session_key = HeapAlloc(GetProcessHeap(), 0, bin_len); helper->session_key = HeapAlloc(GetProcessHeap(), 0, bin_len);
if(!helper->session_key) if(!helper->session_key)
{ {
...@@ -1036,7 +1035,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext( ...@@ -1036,7 +1035,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(
} }
TRACE("Session key is %s\n", debugstr_a(buffer+3)); TRACE("Session key is %s\n", debugstr_a(buffer+3));
helper->valid_session_key = TRUE; helper->valid_session_key = TRUE;
if(!helper->session_key)
helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16); helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16);
if(!helper->session_key) if(!helper->session_key)
{ {
...@@ -1081,20 +1079,22 @@ static SECURITY_STATUS SEC_ENTRY ntlm_CompleteAuthToken(PCtxtHandle phContext, ...@@ -1081,20 +1079,22 @@ static SECURITY_STATUS SEC_ENTRY ntlm_CompleteAuthToken(PCtxtHandle phContext,
*/ */
static SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContext) static SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContext)
{ {
SECURITY_STATUS ret; PNegoHelper helper;
TRACE("%p\n", phContext); TRACE("%p\n", phContext);
if (phContext) if (!phContext)
{ return SEC_E_INVALID_HANDLE;
helper = (PNegoHelper)phContext->dwLower;
phContext->dwUpper = 0; phContext->dwUpper = 0;
phContext->dwLower = 0; phContext->dwLower = 0;
ret = SEC_E_OK;
} SECUR32_arc4Cleanup(helper->crypt.ntlm.a4i);
else HeapFree(GetProcessHeap(), 0, helper->session_key);
{ helper->valid_session_key = FALSE;
ret = SEC_E_INVALID_HANDLE;
} return SEC_E_OK;
return ret;
} }
/*********************************************************************** /***********************************************************************
......
...@@ -139,6 +139,7 @@ SECURITY_STATUS SECUR32_CreateNTLMv1SessionKey(PBYTE password, int len, PBYTE se ...@@ -139,6 +139,7 @@ SECURITY_STATUS SECUR32_CreateNTLMv1SessionKey(PBYTE password, int len, PBYTE se
arc4_info *SECUR32_arc4Alloc(void); arc4_info *SECUR32_arc4Alloc(void);
void SECUR32_arc4Init(arc4_info *a4i, const BYTE *key, unsigned int keyLen); void SECUR32_arc4Init(arc4_info *a4i, const BYTE *key, unsigned int keyLen);
void SECUR32_arc4Process(arc4_info *a4i, BYTE *inoutString, unsigned int length); void SECUR32_arc4Process(arc4_info *a4i, BYTE *inoutString, unsigned int length);
void SECUR32_arc4Cleanup(arc4_info *a4i);
/* NTLMSSP flags indicating the negotiated features */ /* NTLMSSP flags indicating the negotiated features */
#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001 #define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment