diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-03-08 19:34:31 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-03-08 19:34:31 +0000 |
| commit | d5c4a1fe9994542a4f1d1faab7235e2ad5aa4f92 (patch) | |
| tree | 3465b3cf46a7a43303e0fff6f592911e9d8f4f92 /src | |
| parent | 619c16d19e9f238f6276bb4d30a24bb126cde595 (diff) | |
| download | krb5-d5c4a1fe9994542a4f1d1faab7235e2ad5aa4f92.tar.gz krb5-d5c4a1fe9994542a4f1d1faab7235e2ad5aa4f92.tar.xz krb5-d5c4a1fe9994542a4f1d1faab7235e2ad5aa4f92.zip | |
SPNEGO's accept_sec_context and init_sec_context produce a null context
on error, so it needs to silently succeed when deleting a null context.
It was instead passing the null context along to the mechglue which
would produce an error, causing a leak of the mechglue's union context
wrapper. Reported by aberry@likewise.com.
ticket: 6863
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24692 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/gssapi/spnego/spnego_mech.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index e3e029f863..073d7fc972 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -2074,14 +2074,18 @@ spnego_gss_delete_sec_context( spnego_gss_ctx_id_t *ctx = (spnego_gss_ctx_id_t *)context_handle; + *minor_status = 0; + if (context_handle == NULL) return (GSS_S_FAILURE); + if (*ctx == NULL) + return (GSS_S_COMPLETE); + /* * If this is still an SPNEGO mech, release it locally. */ - if (*ctx != NULL && - (*ctx)->magic_num == SPNEGO_MAGIC_ID) { + if ((*ctx)->magic_num == SPNEGO_MAGIC_ID) { (void) gss_delete_sec_context(minor_status, &(*ctx)->ctx_handle, output_token); |