summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2013-03-20 13:03:58 -0400
committerSteve Dickson <steved@redhat.com>2013-03-25 10:09:09 -0400
commit5b9108f73a5f15372f9be9238070cf8d62956a49 (patch)
tree02bd0839e1c74c62df660fcdf6a2d900965b2d15
parentda56ddf07ce41bd324c5c38db7d9ac03f4887258 (diff)
downloadnfs-utils-5b9108f73a5f15372f9be9238070cf8d62956a49.zip
nfs-utils-5b9108f73a5f15372f9be9238070cf8d62956a49.tar.gz
nfs-utils-5b9108f73a5f15372f9be9238070cf8d62956a49.tar.xz
gssd: don't krb5_free_context if krb5_init_context fails
Most places that call krb5_init_context() abort cleanly on failure. However these two then try to free the non-existent context, which doesn't end well. Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Steve Dickson <steved@redhat.com>
-rw-r--r--utils/gssd/krb5_util.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index aeb8f70..4befa72 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -1212,9 +1212,9 @@ gssd_destroy_krb5_machine_creds(void)
"cache '%s'\n", k5err, ple->ccname);
}
}
+ krb5_free_context(context);
out:
free(k5err);
- krb5_free_context(context);
}
/*
@@ -1257,7 +1257,7 @@ gssd_refresh_krb5_machine_credential(char *hostname,
k5err = gssd_k5_err_msg(context, code);
printerr(0, "ERROR: %s: %s while resolving keytab '%s'\n",
__func__, k5err, keytabfile);
- goto out;
+ goto out_free_context;
}
if (ple == NULL) {
@@ -1272,7 +1272,7 @@ gssd_refresh_krb5_machine_credential(char *hostname,
"in keytab %s for connection with host %s\n",
__FUNCTION__, keytabfile, hostname);
retval = code;
- goto out;
+ goto out_free_kt;
}
ple = get_ple_by_princ(context, kte.principal);
@@ -1288,14 +1288,15 @@ gssd_refresh_krb5_machine_credential(char *hostname,
__FUNCTION__, pname ? pname : "<unparsable>",
hostname);
if (pname) k5_free_unparsed_name(context, pname);
- goto out;
+ goto out_free_kt;
}
}
retval = gssd_get_single_krb5_cred(context, kt, ple, 0);
-out:
- if (kt)
- krb5_kt_close(context, kt);
+out_free_kt:
+ krb5_kt_close(context, kt);
+out_free_context:
krb5_free_context(context);
+out:
free(k5err);
return retval;
}