Rob Shearman : secur32: Don'
t free the password in InitializeSecurityContextW to enable the
credentials handle to be re-used in further
InitializeSecurityContextW calls .
Alexandre Julliard
julliard at wine.codeweavers.com
Tue Jul 3 08:01:24 CDT 2007
Module: wine
Branch: master
Commit: 2ede1370d35757857b0c8141ff7de6e2e9682fd3
URL: http://source.winehq.org/git/wine.git/?a=commit;h=2ede1370d35757857b0c8141ff7de6e2e9682fd3
Author: Rob Shearman <rob at codeweavers.com>
Date: Mon Jul 2 19:45:03 2007 +0100
secur32: Don't free the password in InitializeSecurityContextW to enable the credentials handle to be re-used in further InitializeSecurityContextW calls.
---
dlls/secur32/ntlm.c | 15 +++------------
1 files changed, 3 insertions(+), 12 deletions(-)
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 4c7f3b4..890c74a 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -524,12 +524,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
if((ret = encodeBase64((unsigned char*)helper->password,
helper->pwlen, buffer+3,
max_len-3, &buffer_len)) != SEC_E_OK)
- {
- TRACE("Deleting password!\n");
- memset(helper->password, 0, helper->pwlen);
- HeapFree(GetProcessHeap(), 0, helper->password);
goto isc_end;
- }
}
@@ -770,13 +765,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
helper->crypt.ntlm2.recv_seq_no = 0l;
}
- if(ret != SEC_I_CONTINUE_NEEDED)
- {
- TRACE("Deleting password!\n");
- if(helper->password)
- memset(helper->password, 0, helper->pwlen);
- HeapFree(GetProcessHeap(), 0, helper->password);
- }
isc_end:
HeapFree(GetProcessHeap(), 0, want_flags);
HeapFree(GetProcessHeap(), 0, buffer);
@@ -1515,6 +1503,9 @@ static SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(
PNegoHelper helper = (PNegoHelper) phCredential->dwLower;
phCredential->dwUpper = 0;
phCredential->dwLower = 0;
+ if (helper->password)
+ memset(helper->password, 0, helper->pwlen);
+ HeapFree(GetProcessHeap(), 0, helper->password);
cleanup_helper(helper);
ret = SEC_E_OK;
}
More information about the wine-cvs
mailing list