aboutsummaryrefslogtreecommitdiff
path: root/src/lib/gssapi/krb5/inq_cred.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/gssapi/krb5/inq_cred.c')
-rw-r--r--src/lib/gssapi/krb5/inq_cred.c25
1 files changed, 19 insertions, 6 deletions
diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c
index a79034d..8378216 100644
--- a/src/lib/gssapi/krb5/inq_cred.c
+++ b/src/lib/gssapi/krb5/inq_cred.c
@@ -91,6 +91,8 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
gss_OID_set mechs;
OM_uint32 ret;
+ ret = GSS_S_FAILURE;
+
if (GSS_ERROR(kg_get_context(minor_status, &context)))
return(GSS_S_FAILURE);
@@ -102,7 +104,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
if (cred_handle == GSS_C_NO_CREDENTIAL) {
OM_uint32 major;
- if ((major = kg_get_defcred(minor_status, &cred_handle)) &&
+ if ((major = kg_get_defcred(minor_status, (gss_cred_id_t)&cred)) &&
GSS_ERROR(major)) {
return(major);
}
@@ -112,13 +114,13 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
major = krb5_gss_validate_cred(minor_status, cred_handle);
if (GSS_ERROR(major))
return(major);
+ cred = (krb5_gss_cred_id_t) cred_handle;
}
- cred = (krb5_gss_cred_id_t) cred_handle;
-
if ((code = krb5_timeofday(context, &now))) {
*minor_status = code;
- return(GSS_S_FAILURE);
+ ret = GSS_S_FAILURE;
+ goto fail;
}
if (cred->tgt_expire > 0) {
@@ -132,7 +134,8 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
if (cred->princ &&
(code = krb5_copy_principal(context, cred->princ, &ret_name))) {
*minor_status = code;
- return(GSS_S_FAILURE);
+ ret = GSS_S_FAILURE;
+ goto fail;
}
}
@@ -149,7 +152,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
&mechs)))) {
krb5_free_principal(context, ret_name);
/* *minor_status set above */
- return(ret);
+ goto fail;
}
}
@@ -172,8 +175,18 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
if (mechanisms)
*mechanisms = mechs;
+ if (cred_handle == GSS_C_NO_CREDENTIAL)
+ krb5_gss_release_cred(minor_status, (gss_cred_id_t)cred);
+
*minor_status = 0;
return((lifetime == 0)?GSS_S_CREDENTIALS_EXPIRED:GSS_S_COMPLETE);
+fail:
+ if (cred_handle == GSS_C_NO_CREDENTIAL) {
+ OM_uint32 tmp_min_stat;
+
+ krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)cred);
+ }
+ return ret;
}
/* V2 interface */
generated by cgit v1.1 at 2024-07-10 06:34:27 +0000