Added function krb5_free_cc_cred_union(), a local version of cc_free_creds() to free cred_unions allocated by Kerb5 library. Removed mac-only sys_alloc() stuff and go back to malloc()

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11256 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 97 insertions, 48 deletions

diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c
index 638f6fb92..4f364e74d 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc.c
@@ -365,8 +365,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_store
 	if (err != CC_NOERROR)
 		return cc_err_xlate(err);
 		
-	/* free the cred union */
-	err = cc_free_creds(gCntrlBlock, &cu);
+	/* free the cred union using our local version of cc_free_creds()
+	   since we allocated it locally */
+	err = krb5_free_cc_cred_union(&cu);
 		 
 	cache_changed();
 	return err;
@@ -441,7 +442,8 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred
 	/* copy data	(with translation) */
 	dupCCtoK5(context, credU->cred.pV5Cred, creds);
 	
-	/* free our version of the cred */
+	/* free our version of the cred - okay to use cc_free_creds() here
+	   because we got it from the CCache library */
 	cc_free_creds(gCntrlBlock, &credU);
 	
 	return 0;
@@ -534,6 +536,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get
 		if (err)
 			break;
 		
+		/* okay to call cc_free_creds() here because we got credU from CCache lib */
 		cc_free_creds(gCntrlBlock, &credU);
 	}
 #endif
@@ -688,8 +691,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_remove
     	if (err != CC_NOERROR)
 		return cc_err_xlate(err);
     	
-    	/* free the temp cred union */
-    	err = cc_free_creds(gCntrlBlock, &cu);
+    	/* free the cred union using our local version of cc_free_creds()
+	       since we allocated it locally */
+    	err = krb5_free_cc_cred_union(&cu);
 	cache_changed();
     	if (err != CC_NOERROR)
 		return cc_err_xlate(err);
diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.c b/src/lib/krb5/ccache/ccapi/stdcc_util.c
index 3c6917ad9..549ad6a54 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc_util.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc_util.c
@@ -18,39 +18,6 @@
 
 #define fieldSize 255
 
-/* on the Mac, we need the calls which allocate memory for the Credentials Cache to use
-   Ptr's in the system help, so that they stay global and so that bad things don't happen
-   when we call DisposePtr() on them.  However, on other systems, malloc is probably the
-   right thing to use.
-   So for any place where we allocate memory for the Credentials Cache, use sys_alloc() and
-   define it accordingly.
-*/
-
-#if defined(macintosh)
-#define sys_alloc(size) NewSafePtrSys(size)
-#else
-#define sys_alloc(size) malloc(size)
-#endif
-
-#if defined(macintosh)
-/*
- * stolen from CCacheUtils.c
- * -- NewSafePtrSys -----------------
- *  - analagous to NewSafePtr but memory is allocated in the system heap
- */
-static Ptr NewSafePtrSys(long size) {
-
-	Ptr retPtr;
-	
-	retPtr = NewPtrSys(size);
-	
-	if (retPtr != NULL)
-		HoldMemory(retPtr, size);
-	
-	return retPtr;
-}
-#endif
-
 /*
  * CopyCCDataArrayToK5
  * - copy and translate the null terminated arrays of data records
@@ -138,19 +105,19 @@ int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) {
 	//calc number of records
 	while (*kbase++ != NULL) numRecords++;
 	//allocate new array
-	constCBase = cbase = (cc_data **)sys_alloc((numRecords+1)*sizeof(char *));
+	constCBase = cbase = (cc_data **)malloc((numRecords+1)*sizeof(char *));
 	//reset base
 	kbase = (whichArray == kAddressArray) ? kc->addresses : (krb5_address **)kc->authdata;
 		
 		
 	//copy records
 	while (*kbase != NULL) {
-		*cbase = (cc_data *)sys_alloc(sizeof(krb5_address));
+		*cbase = (cc_data *)malloc(sizeof(krb5_address));
 		kAdr = *kbase;
 		ccAdr = *cbase;
 		ccAdr->type = kAdr->addrtype;
 		ccAdr->length = kAdr->length;
-		ccAdr->data = (unsigned char *)sys_alloc(ccAdr->length);
+		ccAdr->data = (unsigned char *)malloc(ccAdr->length);
 		memcpy(ccAdr->data, kAdr->contents, kAdr->length);
 		//next element please
 		kbase++; cbase++;
@@ -232,14 +199,14 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 	if (cu == NULL) return;
 		
 	/* allocate the cred_union */
-	*cu = (cred_union *)sys_alloc(sizeof(cred_union));
+	*cu = (cred_union *)malloc(sizeof(cred_union));
 	if ((*cu) == NULL)
 		return;
 		
 	(*cu)->cred_type = CC_CRED_V5;
 		
 	/* allocate creds structure (and install) */
-	c  = (cc_creds *)sys_alloc(sizeof(cc_creds));
+	c  = (cc_creds *)malloc(sizeof(cc_creds));
 	if (c == NULL) return;
 	(*cu)->cred.pV5Cred = c;
 		
@@ -251,14 +218,14 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 	 * puts it in appl heap with malloc)
 	 */
 	err = krb5_unparse_name(context, creds->client, &tempname);
-	c->client = sys_alloc(strlen(tempname));
+	c->client = malloc(strlen(tempname));
 	if (c->client != NULL)
 		strcpy(c->client,tempname);
 	free(tempname);
 	tempname = NULL;
 		
 	err = krb5_unparse_name(context, creds->server, &tempname);
-	c->server = sys_alloc(strlen(tempname));
+	c->server = malloc(strlen(tempname));
 	if (c->server != NULL)
 		strcpy(c->server,tempname);
 	free(tempname);
@@ -273,7 +240,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 	c->keyblock.length = creds->keyblock.length;
 		
 	if (creds->keyblock.contents != NULL) {
-		c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length);
+		c->keyblock.data = (unsigned char *)malloc(creds->keyblock.length);
 		memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length);
 	} else {
 		c->keyblock.data = NULL;
@@ -290,7 +257,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 
 	c->ticket.length = creds->ticket.length;
 	if (creds->ticket.data != NULL) {
-		c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length);
+		c->ticket.data = (unsigned char *)malloc(creds->ticket.length);
 		memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length);
 	} else {
 		c->ticket.data = NULL;
@@ -298,7 +265,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu)
 		
 	c->second_ticket.length = creds->second_ticket.length;
 	if (creds->second_ticket.data != NULL) {
-		c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length);
+		c->second_ticket.data = (unsigned char *)malloc(creds->second_ticket.length);
 		memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length);
 	} else {
 		c->second_ticket.data = NULL;
@@ -465,3 +432,79 @@ int stdccCredsMatch(krb5_context context, krb5_creds *base,
 	return FALSE;
 	
 }
+
+// ----- free_cc_cred_union, etc --------------
+/*
+   Since the Kerberos5 library allocates a credentials cache structure
+   (in dupK5toCC() above) with its own memory allocation routines - which
+   may be different than how the CCache allocates memory - the Kerb5 library
+   must have its own version of cc_free_creds() to deallocate it.  These
+   functions do that.  The top-level function to substitue for cc_free_creds()
+   is krb5_free_cc_cred_union().
+   
+   If the CCache library wants to use a cred_union structure created by
+   the Kerb5 library, it should make a deep copy of it to "translate" to its
+   own memory allocation space.
+*/
+static void deep_free_cc_data (cc_data data) {
+	
+	if (data.data != NULL)
+		free (data.data);
+}
+
+static void deep_free_cc_data_array (cc_data** data) {
+	
+	cc_uint32		index;
+	
+	if (data == NULL)
+		return;
+		
+	for (index = 0; data [index] != NULL; index++) {
+		deep_free_cc_data (*(data [index]));
+		free (data [index]);
+	}
+	
+	free (data);
+}
+
+static void deep_free_cc_v5_creds (cc_creds* creds) {
+	
+	if (creds == NULL)
+		return;
+		
+	if (creds -> client != NULL)
+		free (creds -> client);
+	if (creds -> server != NULL)
+		free (creds -> server);
+	
+	deep_free_cc_data (creds -> keyblock);
+	deep_free_cc_data (creds -> ticket);
+	deep_free_cc_data (creds -> second_ticket);
+	
+	deep_free_cc_data_array (creds -> addresses);
+	deep_free_cc_data_array (creds -> authdata);
+}
+
+static void deep_free_cc_creds (cred_union creds) {
+	
+	if (creds.cred_type == CC_CRED_V4) {  // we shouldn't get this, of course
+		free (creds.cred.pV4Cred);
+	} else if (creds.cred_type == CC_CRED_V5) {
+		deep_free_cc_v5_creds (creds.cred.pV5Cred);
+	}
+}
+
+// top-level exported function
+cc_int32 krb5_free_cc_cred_union (cred_union** creds) {
+		
+	if (creds == NULL)
+		return CC_BAD_PARM;
+	
+	if (*creds != NULL) {
+		deep_free_cc_creds (**creds);
+		free (*creds);
+		*creds = NULL;
+	}
+		
+	return CC_NOERROR;
+}
\ No newline at end of file
diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.h b/src/lib/krb5/ccache/ccapi/stdcc_util.h
index db00ed635..9dd93c1ca 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc_util.h
+++ b/src/lib/krb5/ccache/ccapi/stdcc_util.h
@@ -19,6 +19,8 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest);
 void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu);
 int stdccCredsMatch(krb5_context context, krb5_creds *base, krb5_creds *match, int whichfields);
 int bitTst(int var, int mask);
+cc_int32 krb5_free_cc_cred_union (cred_union** creds);
+
 #define kAddressArray 4 
 #define kAuthDataArray 5