diff options
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-01-13 11:51:30 +0000 |
|---|---|---|
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-01-13 11:51:30 +0000 |
| commit | b3a3bb283e5d5da8fb2a0ff308e2666d92c092d7 (patch) | |
| tree | 16f5ccd34582eae4b832ad784a456f1d8a374c11 /src/lib/gssapi | |
| parent | f456aaf2058ccc2c256a04fb000553c960ecf1e2 (diff) | |
| download | krb5-b3a3bb283e5d5da8fb2a0ff308e2666d92c092d7.tar.gz krb5-b3a3bb283e5d5da8fb2a0ff308e2666d92c092d7.tar.xz krb5-b3a3bb283e5d5da8fb2a0ff308e2666d92c092d7.zip | |
correction to previous commit. do not call krb5_gss_release_cred()
if the cred was not acquired. destroy each field of the cred one
piece at a time based upon what was allocated.
ticket: 2875
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17025 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 57 |
1 files changed, 46 insertions, 11 deletions
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index b0f8ecc540..56d6a473c8 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -444,7 +444,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if ((cred_usage != GSS_C_INITIATE) && (cred_usage != GSS_C_ACCEPT) && (cred_usage != GSS_C_BOTH)) { - krb5_gss_release_cred(minor_status, &cred); + k5_mutex_destroy(&cred->lock); + xfree(cred); *minor_status = (OM_uint32) G_BAD_USAGE; krb5_free_context(context); return(GSS_S_FAILURE); @@ -458,8 +459,11 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if ((ret = acquire_accept_cred(context, minor_status, desired_name, &(cred->princ), cred)) != GSS_S_COMPLETE) { - krb5_gss_release_cred(minor_status, &cred); - /* minor_status set by acquire_accept_cred() */ + if (cred->princ) + krb5_free_principal(context, cred->princ); + k5_mutex_destroy(&cred->lock); + xfree(cred); + /* minor_status set by acquire_accept_cred() */ krb5_free_context(context); return(ret); } @@ -475,8 +479,13 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, cred->princ?(gss_name_t)cred->princ:desired_name, &(cred->princ), cred)) != GSS_S_COMPLETE) { - krb5_gss_release_cred(minor_status, &cred); - /* minor_status set by acquire_init_cred() */ + if (cred->keytab) + krb5_kt_close(context, cred->keytab); + if (cred->princ) + krb5_free_principal(context, cred->princ); + k5_mutex_destroy(&cred->lock); + xfree(cred); + /* minor_status set by acquire_init_cred() */ krb5_free_context(context); return(ret); } @@ -486,8 +495,13 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if (!cred->princ && (desired_name != GSS_C_NO_CREDENTIAL)) if ((code = krb5_copy_principal(context, (krb5_principal) desired_name, &(cred->princ)))) { - krb5_gss_release_cred(minor_status, &cred); - *minor_status = code; + if (cred->ccache) + (void)krb5_cc_close(context, cred->ccache); + if (cred->keytab) + (void)krb5_kt_close(context, cred->keytab); + k5_mutex_destroy(&cred->lock); + xfree(cred); + *minor_status = code; krb5_free_context(context); return(GSS_S_FAILURE); } @@ -503,8 +517,15 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, krb5_timestamp now; if ((code = krb5_timeofday(context, &now))) { - krb5_gss_release_cred(minor_status, &cred); - *minor_status = code; + if (cred->ccache) + (void)krb5_cc_close(context, cred->ccache); + if (cred->keytab) + (void)krb5_kt_close(context, cred->keytab); + if (cred->princ) + krb5_free_principal(context, cred->princ); + k5_mutex_destroy(&cred->lock); + xfree(cred); + *minor_status = code; krb5_free_context(context); return(GSS_S_FAILURE); } @@ -526,7 +547,14 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, GSS_ERROR(ret = generic_gss_add_oid_set_member(minor_status, (gss_OID) gss_mech_krb5, &ret_mechs)))) { - krb5_gss_release_cred(minor_status, &cred); + if (cred->ccache) + (void)krb5_cc_close(context, cred->ccache); + if (cred->keytab) + (void)krb5_kt_close(context, cred->keytab); + if (cred->princ) + krb5_free_principal(context, cred->princ); + k5_mutex_destroy(&cred->lock); + xfree(cred); /* *minor_status set above */ krb5_free_context(context); return(ret); @@ -538,7 +566,14 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, if (! kg_save_cred_id((gss_cred_id_t) cred)) { free(ret_mechs->elements); free(ret_mechs); - krb5_gss_release_cred(minor_status, &cred); + if (cred->ccache) + (void)krb5_cc_close(context, cred->ccache); + if (cred->keytab) + (void)krb5_kt_close(context, cred->keytab); + if (cred->princ) + krb5_free_principal(context, cred->princ); + k5_mutex_destroy(&cred->lock); + xfree(cred); *minor_status = (OM_uint32) G_VALIDATE_FAILED; krb5_free_context(context); return(GSS_S_FAILURE); |