The kernel makes no use of this data, and ita causes allocation issues
in some cases with waste of space on the kernel side.

Fixes: https://fedorahosted.org/gss-proxy/ticket/129

On error we need to make sure we do not return a pointer to a
security context that may have been already freed.
So make sure to always unconditionally return the context that we've
been returned by our callees.
Also reorganize the code so we do not accidently wipe the context
and leak memoy on error.

This fixed a double-free bug found by NFS folks @ Red Hat

Signed-off-by: Simo Sorce <simo@redhat.com>

Fixes: #132

Signed-off-by: Simo Sorce <simo@redhat.com>

Fixes: #131

Signed-off-by: Simo Sorce <simo@redhat.com>

An unsigned int cannot be cast to a size_t. On some architectures (like s390)
they have different sizes resulting in both writing out of bounds and getting
just a zero in the length field and causing the next operation to fail.

Signed-off-by: Simo Sorce <simo@redhat.com>

This is embarrassing, but due to the fact we were passing in client
evnironment variables we were not actually testing the GSS-Proxy, just
regular GSSAPI as the client started so quickly that the socket was
not available yet and it simply fell back to regular GSSAPI.

This commit allows some time for the GSS-Proxy to actually start and
prevents the client from falling back by not telling it where client
credentials are.

Signed-off-by: Simo Sorce <simo@redhat.com>

Restrict what environment variables are available by default.
gssapienv in particular should not bleed in KRB5_KTNAME.

Trap OSError is the kill does not find the subprocess.
This may happen if the subprocess fails early and terminates on its own.

Signed-off-by: Simo Sorce <simo@redhat.com>