krb5 commit [krb5-1.19]: Free verto context later in KDC cleanup
ghudson at mit.edu
ghudson at mit.edu
Tue Nov 15 11:30:48 EST 2022
https://github.com/krb5/krb5/commit/d97a080e9c4ca380ca640f28f3b3aff06cd03ea5
commit d97a080e9c4ca380ca640f28f3b3aff06cd03ea5
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Jun 3 14:38:45 2022 -0400
Free verto context later in KDC cleanup
The KDC supplies the verto context to kdcpreauth modules via the loop
method (added in commit 83b4ecd20e50ad330cd761977d5dadefe30a785b).
This context should remain valid until kdcpreauth modules are
unloaded, as modules might refer to it during cleanup. In particular,
the OTP module references the verto context when freeing the RADIUS
client object (commit e89abc2d4ea1fea1ec28d470f297514b828e4842), which
can cause a memory error during KDC shutdown without this change.
(cherry picked from commit 8dcace04945723cd6a3c8ea2c1ba467c22eb6584)
ticket: 9064
version_fixed: 1.19.4
src/kdc/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 3be6dcb07..57e87573c 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -1065,7 +1065,6 @@ int main(int argc, char **argv)
kau_kdc_start(kcontext, TRUE);
verto_run(ctx);
- loop_free(ctx);
kau_kdc_stop(kcontext, TRUE);
krb5_klog_syslog(LOG_INFO, _("shutting down"));
unload_preauth_plugins(kcontext);
@@ -1079,6 +1078,7 @@ int main(int argc, char **argv)
#ifndef NOCACHE
kdc_free_lookaside(kcontext);
#endif
+ loop_free(ctx);
krb5_free_context(kcontext);
return errout;
}
More information about the cvs-krb5
mailing list