From c2380cebcdd54289bc48f5b8c56ff3309d007496 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Sat, 16 Sep 1995 07:00:32 +0000
Subject: sendauth.c (krb5_sendauth): Make sure the scratch credentials 
 structure may have possible been used be freed..

rd_safe.c (krb5_rd_safe_basic): Fall through to the cleanup code at
	the end, to make sure the decoded message in message is freed.

rd_req_dec.c (krb5_rd_req_decoded): Use krb5_copy_keyblock to copy
	authent->subkey to auth_context->remote_subkey.  Keeping them
	separate avoids aliasing problems.

mk_req_ext.c (krb5_generate_authenticator): Fix memory leak.  Don't
	bash authent->subkey with key after carefully copying it using
	krb5_copy_keyblock!

recvauth.c (krb5_recvauth): krb5_get_server_rcache() already opens the
	rcache; doing it again merely causes a memory leak.

gen_subkey.c (krb5_generate_subkey): Eliminate memory leak.
	krb5_init_random_key() does its own allocation of the
	keyblock.

gc_via_tkt.c (krb5_kdcrep2creds): Fix memory leak.

srv_rcache.c (krb5_get_server_rcache): Fix memory leak.

rd_safe.c (krb5_rd_safe_basic): Fix memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6797 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb5/krb/ChangeLog    | 32 ++++++++++++++++++++++++++++++++
 src/lib/krb5/krb/gc_via_tkt.c |  1 +
 src/lib/krb5/krb/gen_subkey.c |  6 ------
 src/lib/krb5/krb/mk_req_ext.c |  1 -
 src/lib/krb5/krb/rd_req_dec.c |  8 +++++++-
 src/lib/krb5/krb/rd_safe.c    |  8 +++-----
 src/lib/krb5/krb/recvauth.c   | 11 -----------
 src/lib/krb5/krb/sendauth.c   |  1 +
 src/lib/krb5/krb/srv_rcache.c |  3 ++-
 9 files changed, 46 insertions(+), 25 deletions(-)

(limited to 'src')

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index cbedca806..162cb52db 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,35 @@
+Sat Sep 16 01:23:14 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* sendauth.c (krb5_sendauth): Make sure the scratch credentials
+		structure may have possible been used be freed..
+
+	* rd_safe.c (krb5_rd_safe_basic): Fall through to the cleanup code
+		at the end, to make sure the decoded message in message is
+		freed.
+
+	* rd_req_dec.c (krb5_rd_req_decoded): Use krb5_copy_keyblock to
+		copy authent->subkey to auth_context->remote_subkey.
+		Keeping them separate avoids aliasing problems.
+
+	* mk_req_ext.c (krb5_generate_authenticator): Fix memory leak.
+		Don't bash authent->subkey with key after carefully
+		copying it using krb5_copy_keyblock!
+
+	* recvauth.c (krb5_recvauth): krb5_get_server_rcache() already
+		opens the rcache; doing it again merely causes a memory leak.
+
+Fri Sep 15 17:20:08 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* gen_subkey.c (krb5_generate_subkey): Eliminate memory leak.
+		krb5_init_random_key() does its own allocation of the
+		keyblock.
+
+	* gc_via_tkt.c (krb5_kdcrep2creds): Fix memory leak.
+
+	* srv_rcache.c (krb5_get_server_rcache): Fix memory leak.
+
+	* rd_safe.c (krb5_rd_safe_basic): Fix memory leak.
+
 Tue Sep 12 12:40:30 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
 
 	* t_ser.c (ser_cksum_test): Work around an optimizer bug unser
diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c
index 643bca566..b310a10f9 100644
--- a/src/lib/krb5/krb/gc_via_tkt.c
+++ b/src/lib/krb5/krb/gc_via_tkt.c
@@ -88,6 +88,7 @@ krb5_kdcrep2creds(context, pkdcrep, address, psectkt, ppcreds)
 	goto cleanup_keyblock;
 
     (*ppcreds)->ticket = *pdata;
+    free(pdata);
     return 0;
 
 cleanup_keyblock:
diff --git a/src/lib/krb5/krb/gen_subkey.c b/src/lib/krb5/krb/gen_subkey.c
index 66a79d19e..89e21a1b7 100644
--- a/src/lib/krb5/krb/gen_subkey.c
+++ b/src/lib/krb5/krb/gen_subkey.c
@@ -43,12 +43,6 @@ krb5_generate_subkey(context, key, subkey)
 
     if ((retval = krb5_init_random_key(context, &eblock, key, &random_state)))
 	return(retval);
-    *subkey = (krb5_keyblock *)malloc(sizeof(**subkey));
-    if (!*subkey) {
-	(void) krb5_finish_random_key(context, &eblock, &random_state);
-	return ENOMEM;
-    }
-	
     if ((retval = krb5_random_key(context, &eblock, random_state, subkey))) {
 	(void) krb5_finish_random_key(context, &eblock, &random_state);
 	krb5_xfree(*subkey);
diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c
index df97c2bf5..dfd147357 100644
--- a/src/lib/krb5/krb/mk_req_ext.c
+++ b/src/lib/krb5/krb/mk_req_ext.c
@@ -270,7 +270,6 @@ krb5_generate_authenticator(context, authent, client, cksum, key, seq_number, au
 	    return retval;
     } else
 	authent->subkey = 0;
-    authent->subkey = key;
     authent->seq_number = seq_number;
     authent->authorization_data = authorization;
 
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c
index f6348c3f9..c5637d4c1 100644
--- a/src/lib/krb5/krb/rd_req_dec.c
+++ b/src/lib/krb5/krb/rd_req_dec.c
@@ -254,7 +254,13 @@ krb5_rd_req_decoded(context, auth_context, req, server, keytab,
     }
 
     (*auth_context)->remote_seq_number = (*auth_context)->authentp->seq_number;
-    (*auth_context)->remote_subkey = (*auth_context)->authentp->subkey;
+    if ((*auth_context)->authentp->subkey) {
+	if ((retval = krb5_copy_keyblock(context,
+					 (*auth_context)->authentp->subkey,
+					 &((*auth_context)->remote_subkey))))
+	    goto cleanup;
+    } else
+	(*auth_context)->remote_subkey = 0;
     if ((retval = krb5_copy_keyblock(context, req->ticket->enc_part2->session,
 				     &((*auth_context)->keyblock))))
 	goto cleanup;
diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c
index 328117d96..9cdcabf06 100644
--- a/src/lib/krb5/krb/rd_safe.c
+++ b/src/lib/krb5/krb/rd_safe.c
@@ -141,10 +141,8 @@ krb5_rd_safe_basic(context, inbuf, keyblock, recv_addr, sender_addr,
 
     *outbuf = message->user_data;
     message->user_data.data = NULL;
-
-    krb5_free_checksum(context, his_cksum);
-    return 0;
-
+    retval = 0;
+    
 cleanup:
     krb5_free_safe(context, message);
     return retval;
@@ -268,7 +266,7 @@ krb5_rd_safe(context, auth_context, inbuf, outbuf, outdata)
 	
     /* everything is ok - return data to the user */
     return 0;
-
+eh
 error:;
     krb5_xfree(outbuf->data);
     return retval;
diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c
index eb753f8ec..2f8675862 100644
--- a/src/lib/krb5/krb/recvauth.c
+++ b/src/lib/krb5/krb/recvauth.c
@@ -156,17 +156,6 @@ krb5_recvauth(context, auth_context,
     	    null_server.data = "default";
     	    problem = krb5_get_server_rcache(context, &null_server, &rcache);
         }
-	if ((!problem) && krb5_rc_recover(context, rcache)) {
-	    /*
-	     * If the rc_recover() didn't work, then try
-	     * initializing the replay cache.
-	     */
-	    if ((problem = krb5_rc_initialize(context, rcache,
-					      krb5_clockskew))) {
-	        krb5_rc_close(context, rcache);
-		rcache = NULL;
-	    }
-	}
         if (!problem) 
 	    problem = krb5_auth_con_setrcache(context, *auth_context, rcache);
     }
diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c
index 6ca38d9ce..d2260a8f5 100644
--- a/src/lib/krb5/krb/sendauth.c
+++ b/src/lib/krb5/krb/sendauth.c
@@ -219,6 +219,7 @@ krb5_sendauth(context, auth_context,
 	}
 
 error_return:
+    krb5_free_cred_contents(context, &creds);
     if (credspout)
 	krb5_free_creds(context, credspout); 
     if (!ccache && use_ccache)
diff --git a/src/lib/krb5/krb/srv_rcache.c b/src/lib/krb5/krb/srv_rcache.c
index 8c88edde8..0764c6e55 100644
--- a/src/lib/krb5/krb/srv_rcache.c
+++ b/src/lib/krb5/krb/srv_rcache.c
@@ -96,7 +96,8 @@ krb5_get_server_rcache(context, piece, rcptr)
     }
 
     *rcptr = rcache;
-    return 0;
+    rcache = 0;
+    retval = 0;
 
 cleanup:
     if (rcache)
-- 
cgit