*main.c:

	Do not repeat random number generator initializations, as memory
	is allocated and never reclaimed.  Also fixed the V4 random number
	generator initialization (a DES_CBC_CRC random number is generated
	and used as a seed for the V4 routine, but the generation function
	was being called with the wrong arguments).

* do_as_req.c:
	Memory was occassionally being freed twice because the pointer was
	not re-initialized to NULL after it was freed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7553 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 31 insertions, 19 deletions

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 2df512754..e22de68b8 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,16 @@
+Tue Feb 27 17:33:44 1996  Richard Basch  <basch@lehman.com>
+
+	* main.c:
+	Do not repeat random number generator initializations, as memory
+	is allocated and never reclaimed.  Also fixed the V4 random number
+	generator initialization (a DES_CBC_CRC random number is generated
+	and used as a seed for the V4 routine, but the generation function
+	was being called with the wrong arguments).
+
+	* do_as_req.c:
+	Memory was occassionally being freed twice because the pointer was
+	not re-initialized to NULL after it was freed.
+
 Sun Feb 25 16:04:10 1996  Mark W. Eichin  <eichin@cygnus.com>
 
 	* main.c (initialize_realms): missing indirection for conf_val in
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c
index 6196a6823..cf999fec3 100644
--- a/src/kdc/do_as_req.c
+++ b/src/kdc/do_as_req.c
@@ -399,6 +399,7 @@ krb5_data **response;			/* filled in with a response packet */
 				  &encrypting_key,  &reply, response);
     memset((char *)encrypting_key.contents, 0, encrypting_key.length);
     krb5_xfree(encrypting_key.contents);
+    encrypting_key.contents = 0;
 
     if (errcode) {
 	status = "ENCODE_KDC_REP";
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 474669ea0..960ecdf95 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -311,9 +311,6 @@ init_realm(progname, rdp, realm, def_dbname, def_mpname,
     krb5_key_salt_tuple	*kslist;
     krb5_int32		nkslist;
     int			i;
-#ifdef KRB5_KRB4_COMPAT
-    static krb5_boolean	k4_inited = FALSE;
-#endif
 
     kret = EINVAL;
     db_inited = 0;
@@ -631,7 +628,8 @@ goto whoops;
 		 * generators.
 		 */
 		for (enctype = 0; enctype <= krb5_max_enctype; enctype++) {
-		    if (krb5_enctype_array[enctype]) {
+		    if (krb5_enctype_array[enctype] &&
+			!krb5_enctype_array[enctype]->random_sequence) {
 			if ((kret = (*krb5_enctype_array[enctype]->system->
 				     init_random_key)
 			     (&rdp->realm_mkey,
@@ -640,22 +638,22 @@ goto whoops;
 				    "while setting up random key generator for enctype %d--enctype disabled",
 				    enctype);
 			    krb5_enctype_array[enctype] = 0;
+			} else {
 #ifdef KRB5_KRB4_COMPAT
-			} else if (!k4_inited &&
-				   (enctype == ENCTYPE_DES_CBC_CRC)) {
-			    krb5_use_enctype(rdp->realm_context,
-					     &temp_eblock, enctype);
-			    if ((kret = (*krb5_enctype_array[enctype]->
-					 system->random_key)
-				 (&temp_eblock,
-				  &krb5_enctype_array[enctype]->random_sequence,
-				  &temp_key)))
-				com_err(progname, kret,
-					"while initializing V4 random key generator");
-			    else {
-				k4_inited = 1;
-				(void) des_init_random_number_generator(temp_key->contents);
-				krb5_free_keyblock(rdp->realm_context, temp_key);
+			    if (enctype == ENCTYPE_DES_CBC_CRC) {
+				krb5_use_enctype(rdp->realm_context,
+						 &temp_eblock, enctype);
+				if ((kret = (*krb5_enctype_array[enctype]->
+					     system->random_key)
+				     (&temp_eblock,
+				      krb5_enctype_array[enctype]->random_sequence,
+				      &temp_key)))
+				    com_err(progname, kret,
+					    "while initializing V4 random key generator");
+				else {
+				    (void) des_init_random_number_generator(temp_key->contents);
+				    krb5_free_keyblock(rdp->realm_context, temp_key);
+				}
 			    }
 #endif
 			}