diff options
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-01-13 08:19:06 +0000 |
|---|---|---|
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-01-13 08:19:06 +0000 |
| commit | 5e5200905f46bd9c39987f733e3aea593d9ac8b5 (patch) | |
| tree | 9ed10fba127e0356e2c12e1f57385c048e46e6ca /src/lib/gssapi | |
| parent | 871222d19d611001035d566d0ab1333849d3873e (diff) | |
| download | krb5-5e5200905f46bd9c39987f733e3aea593d9ac8b5.zip krb5-5e5200905f46bd9c39987f733e3aea593d9ac8b5.tar.gz krb5-5e5200905f46bd9c39987f733e3aea593d9ac8b5.tar.bz2 | |
Fix the calls to krb5_gss_release_cred to pass in the correct type.
This fixes a mutex leak.
ticket: new
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17023 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 6 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 50 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 4 |
3 files changed, 19 insertions, 41 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 3237548..e49be6b 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,9 @@ +2005-01-13 Jeffrey Altman <jaltman@mit.edu> + + * init_sec_context.c, acquire_cred.c: fix calls to + krb5_gss_release_cred() to pass in the correct type. + This fixes a mutex leak. + 2004-08-27 Tom Yu <tlyu@mit.edu> * init_sec_context.c (make_ap_req_v1): Free checksum data diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 12d2cac..b0f8ecc 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -444,7 +444,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if ((cred_usage != GSS_C_INITIATE) && (cred_usage != GSS_C_ACCEPT) && (cred_usage != GSS_C_BOTH)) { - xfree(cred); + krb5_gss_release_cred(minor_status, &cred); *minor_status = (OM_uint32) G_BAD_USAGE; krb5_free_context(context); return(GSS_S_FAILURE); @@ -458,10 +458,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if ((ret = acquire_accept_cred(context, minor_status, desired_name, &(cred->princ), cred)) != GSS_S_COMPLETE) { - if (cred->princ) - krb5_free_principal(context, cred->princ); - xfree(cred); - /* minor_status set by acquire_accept_cred() */ + krb5_gss_release_cred(minor_status, &cred); + /* minor_status set by acquire_accept_cred() */ krb5_free_context(context); return(ret); } @@ -477,12 +475,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, cred->princ?(gss_name_t)cred->princ:desired_name, &(cred->princ), cred)) != GSS_S_COMPLETE) { - if (cred->keytab) - krb5_kt_close(context, cred->keytab); - if (cred->princ) - krb5_free_principal(context, cred->princ); - xfree(cred); - /* minor_status set by acquire_init_cred() */ + krb5_gss_release_cred(minor_status, &cred); + /* minor_status set by acquire_init_cred() */ krb5_free_context(context); return(ret); } @@ -492,12 +486,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if (!cred->princ && (desired_name != GSS_C_NO_CREDENTIAL)) if ((code = krb5_copy_principal(context, (krb5_principal) desired_name, &(cred->princ)))) { - if (cred->ccache) - (void)krb5_cc_close(context, cred->ccache); - if (cred->keytab) - (void)krb5_kt_close(context, cred->keytab); - xfree(cred); - *minor_status = code; + krb5_gss_release_cred(minor_status, &cred); + *minor_status = code; krb5_free_context(context); return(GSS_S_FAILURE); } @@ -513,14 +503,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, krb5_timestamp now; if ((code = krb5_timeofday(context, &now))) { - if (cred->ccache) - (void)krb5_cc_close(context, cred->ccache); - if (cred->keytab) - (void)krb5_kt_close(context, cred->keytab); - if (cred->princ) - krb5_free_principal(context, cred->princ); - xfree(cred); - *minor_status = code; + krb5_gss_release_cred(minor_status, &cred); + *minor_status = code; krb5_free_context(context); return(GSS_S_FAILURE); } @@ -542,13 +526,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, GSS_ERROR(ret = generic_gss_add_oid_set_member(minor_status, (gss_OID) gss_mech_krb5, &ret_mechs)))) { - if (cred->ccache) - (void)krb5_cc_close(context, cred->ccache); - if (cred->keytab) - (void)krb5_kt_close(context, cred->keytab); - if (cred->princ) - krb5_free_principal(context, cred->princ); - xfree(cred); + krb5_gss_release_cred(minor_status, &cred); /* *minor_status set above */ krb5_free_context(context); return(ret); @@ -560,13 +538,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if (! kg_save_cred_id((gss_cred_id_t) cred)) { free(ret_mechs->elements); free(ret_mechs); - if (cred->ccache) - (void)krb5_cc_close(context, cred->ccache); - if (cred->keytab) - (void)krb5_kt_close(context, cred->keytab); - if (cred->princ) - krb5_free_principal(context, cred->princ); - xfree(cred); + krb5_gss_release_cred(minor_status, &cred); *minor_status = (OM_uint32) G_VALIDATE_FAILED; krb5_free_context(context); return(GSS_S_FAILURE); diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 3ffb515..4f40559 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -925,7 +925,7 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, if (err) { k5_mutex_unlock(&cred->lock); if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(minor_status, (gss_cred_id_t)cred); + krb5_gss_release_cred(minor_status, (gss_cred_id_t)&cred); *minor_status = 0; if (*context_handle == GSS_C_NO_CONTEXT) krb5_free_context(context); @@ -962,7 +962,7 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, } if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)cred); + krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)&cred); return(major_status); } |