diff options
Diffstat (limited to 'src/lib/krb5/krb/recvauth.c')
| -rw-r--r-- | src/lib/krb5/krb/recvauth.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c index d6d6772..ef40e1f 100644 --- a/src/lib/krb5/krb/recvauth.c +++ b/src/lib/krb5/krb/recvauth.c @@ -57,6 +57,8 @@ krb5_recvauth(context, auth_context, krb5_rcache rcache = 0; krb5_octet response; krb5_data null_server; + int need_error_free = 0; + int local_rcache = 0, local_authcon = 0; /* * Zero out problem variable. If problem is set at the end of @@ -140,8 +142,10 @@ krb5_recvauth(context, auth_context, if (*auth_context == NULL) { problem = krb5_auth_con_init(context, &new_auth_context); *auth_context = new_auth_context; + local_authcon = 1; } - if ((!problem) && ((*auth_context)->rcache == NULL)) { + krb5_auth_con_getrcache(context, *auth_context, &rcache); + if ((!problem) && rcache == NULL) { /* * Setup the replay cache. */ @@ -155,6 +159,7 @@ krb5_recvauth(context, auth_context, } if (!problem) problem = krb5_auth_con_setrcache(context, *auth_context, rcache); + local_rcache = 1; } if (!problem) { problem = krb5_rd_req(context, auth_context, &inbuf, server, @@ -173,7 +178,14 @@ krb5_recvauth(context, auth_context, memset((char *)&error, 0, sizeof(error)); krb5_us_timeofday(context, &error.stime, &error.susec); - error.server = server; + if(server) + error.server = server; + else { + /* If this fails - ie. ENOMEM we are hosed + we cannot even send the error if we wanted to... */ + (void) krb5_parse_name(context, "????", &error.server); + need_error_free = 1; + } error.error = problem - ERROR_TABLE_BASE_krb5; if (error.error > 127) @@ -190,6 +202,9 @@ krb5_recvauth(context, auth_context, goto cleanup; } free(error.text.data); + if(need_error_free) + krb5_free_principal(context, error.server); + } else { outbuf.length = 0; outbuf.data = 0; @@ -216,9 +231,12 @@ krb5_recvauth(context, auth_context, cleanup:; if (retval) { - if (rcache) + if (local_authcon) { + krb5_auth_con_free(context, *auth_context); + } else if (local_rcache && rcache != NULL) { krb5_rc_close(context, rcache); - krb5_auth_con_free(context, *auth_context); + krb5_auth_con_setrcache(context, *auth_context, NULL); + } } return retval; } |