svn rev #24242: trunk/src/lib/gssapi/krb5/
ghudson@MIT.EDU
ghudson at MIT.EDU
Thu Aug 19 12:38:30 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24242
Commit By: ghudson
Log Message:
ticket: 6758
subject: Allow krb5_gss_register_acceptor_identity to unset keytab name
krb5_gss_register_acceptor_identity sets a mutex-locked global (not
thread-specific) variable containing a keytab name. This change
allows the variable to be unset by passing a null value.
A more elegant long-term solution to the problem is Heimdal's
gss_krb5_import_cred function.
Changed Files:
U trunk/src/lib/gssapi/krb5/acquire_cred.c
U trunk/src/lib/gssapi/krb5/krb5_gss_glue.c
Modified: trunk/src/lib/gssapi/krb5/acquire_cred.c
===================================================================
--- trunk/src/lib/gssapi/krb5/acquire_cred.c 2010-08-12 17:41:41 UTC (rev 24241)
+++ trunk/src/lib/gssapi/krb5/acquire_cred.c 2010-08-19 16:38:30 UTC (rev 24242)
@@ -103,20 +103,19 @@
const gss_OID desired_object,
gss_buffer_t value)
{
- char *new, *old;
+ char *new = NULL, *old;
int err;
err = gss_krb5int_initialize_library();
if (err != 0)
return GSS_S_FAILURE;
- if (value->value == NULL)
- return GSS_S_FAILURE;
+ if (value->value != NULL) {
+ new = strdup((char *)value->value);
+ if (new == NULL)
+ return GSS_S_FAILURE;
+ }
- new = strdup((char *)value->value);
- if (new == NULL)
- return GSS_S_FAILURE;
-
err = k5_mutex_lock(&gssint_krb5_keytab_lock);
if (err) {
free(new);
@@ -125,8 +124,7 @@
old = krb5_gss_keytab;
krb5_gss_keytab = new;
k5_mutex_unlock(&gssint_krb5_keytab_lock);
- if (old != NULL)
- free(old);
+ free(old);
return GSS_S_COMPLETE;
}
Modified: trunk/src/lib/gssapi/krb5/krb5_gss_glue.c
===================================================================
--- trunk/src/lib/gssapi/krb5/krb5_gss_glue.c 2010-08-12 17:41:41 UTC (rev 24241)
+++ trunk/src/lib/gssapi/krb5/krb5_gss_glue.c 2010-08-19 16:38:30 UTC (rev 24242)
@@ -253,7 +253,7 @@
OM_uint32 minor_status;
gss_buffer_desc req_buffer;
- req_buffer.length = strlen(keytab);
+ req_buffer.length = (keytab == NULL) ? 0 : strlen(keytab);
req_buffer.value = (char *)keytab;
major_status = gssspi_mech_invoke(&minor_status,
More information about the cvs-krb5
mailing list