Commit 6720a129 authored by Kai Blin's avatar Kai Blin Committed by Alexandre Julliard

secur32: Delete session key and arc4 context when the session based security context is deleted.

parent d88d2d4d
......@@ -258,7 +258,6 @@ void cleanup_helper(PNegoHelper helper)
return;
HeapFree(GetProcessHeap(), 0, helper->com_buf);
HeapFree(GetProcessHeap(), 0, helper->session_key);
/* closing stdin will terminate ntlm_auth */
close(helper->pipe_out);
......
......@@ -690,7 +690,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
}
TRACE("Session key is %s\n", debugstr_a(buffer+3));
helper->valid_session_key = TRUE;
if(!helper->session_key)
helper->session_key = HeapAlloc(GetProcessHeap(), 0, bin_len);
if(!helper->session_key)
{
......@@ -1036,7 +1035,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(
}
TRACE("Session key is %s\n", debugstr_a(buffer+3));
helper->valid_session_key = TRUE;
if(!helper->session_key)
helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16);
if(!helper->session_key)
{
......@@ -1081,20 +1079,22 @@ static SECURITY_STATUS SEC_ENTRY ntlm_CompleteAuthToken(PCtxtHandle phContext,
*/
static SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContext)
{
SECURITY_STATUS ret;
PNegoHelper helper;
TRACE("%p\n", phContext);
if (phContext)
{
if (!phContext)
return SEC_E_INVALID_HANDLE;
helper = (PNegoHelper)phContext->dwLower;
phContext->dwUpper = 0;
phContext->dwLower = 0;
ret = SEC_E_OK;
}
else
{
ret = SEC_E_INVALID_HANDLE;
}
return ret;
SECUR32_arc4Cleanup(helper->crypt.ntlm.a4i);
HeapFree(GetProcessHeap(), 0, helper->session_key);
helper->valid_session_key = FALSE;
return SEC_E_OK;
}
/***********************************************************************
......
......@@ -139,6 +139,7 @@ SECURITY_STATUS SECUR32_CreateNTLMv1SessionKey(PBYTE password, int len, PBYTE se
arc4_info *SECUR32_arc4Alloc(void);
void SECUR32_arc4Init(arc4_info *a4i, const BYTE *key, unsigned int keyLen);
void SECUR32_arc4Process(arc4_info *a4i, BYTE *inoutString, unsigned int length);
void SECUR32_arc4Cleanup(arc4_info *a4i);
/* NTLMSSP flags indicating the negotiated features */
#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment