svn rev #24497: branches/krb5-1-9/src/lib/gssapi/krb5/
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Nov 1 16:36:28 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24497
Commit By: tlyu
Log Message:
ticket: 6787
version_fixed: 1.9
status: resolved
pull up r24482 from trunk
------------------------------------------------------------------------
r24482 | ghudson | 2010-10-25 17:55:54 -0400 (Mon, 25 Oct 2010) | 8 lines
ticket: 6787
target_version: 1.9
tags: pullup
When we create a temporary memory ccache for use within a
krb5_gss_cred_id_rec, set a flag to indicate that the ccache should be
destroyed rather than closed. Patch from aberry at likewise.com.
Changed Files:
U branches/krb5-1-9/src/lib/gssapi/krb5/accept_sec_context.c
U branches/krb5-1-9/src/lib/gssapi/krb5/acquire_cred.c
U branches/krb5-1-9/src/lib/gssapi/krb5/gssapiP_krb5.h
U branches/krb5-1-9/src/lib/gssapi/krb5/rel_cred.c
U branches/krb5-1-9/src/lib/gssapi/krb5/s4u_gss_glue.c
Modified: branches/krb5-1-9/src/lib/gssapi/krb5/accept_sec_context.c
===================================================================
--- branches/krb5-1-9/src/lib/gssapi/krb5/accept_sec_context.c 2010-11-01 20:36:22 UTC (rev 24496)
+++ branches/krb5-1-9/src/lib/gssapi/krb5/accept_sec_context.c 2010-11-01 20:36:28 UTC (rev 24497)
@@ -253,6 +253,7 @@
cred->keytab = NULL; /* no keytab associated with this... */
cred->tgt_expire = creds[0]->times.endtime; /* store the end time */
cred->ccache = ccache; /* the ccache containing the credential */
+ cred->destroy_ccache = 1;
ccache = NULL; /* cred takes ownership so don't destroy */
}
Modified: branches/krb5-1-9/src/lib/gssapi/krb5/acquire_cred.c
===================================================================
--- branches/krb5-1-9/src/lib/gssapi/krb5/acquire_cred.c 2010-11-01 20:36:22 UTC (rev 24496)
+++ branches/krb5-1-9/src/lib/gssapi/krb5/acquire_cred.c 2010-11-01 20:36:28 UTC (rev 24497)
@@ -546,6 +546,7 @@
#ifndef LEAN_CLIENT
cred->keytab = NULL;
#endif /* LEAN_CLIENT */
+ cred->destroy_ccache = 0;
cred->ccache = NULL;
code = k5_mutex_init(&cred->lock);
Modified: branches/krb5-1-9/src/lib/gssapi/krb5/gssapiP_krb5.h
===================================================================
--- branches/krb5-1-9/src/lib/gssapi/krb5/gssapiP_krb5.h 2010-11-01 20:36:22 UTC (rev 24496)
+++ branches/krb5-1-9/src/lib/gssapi/krb5/gssapiP_krb5.h 2010-11-01 20:36:28 UTC (rev 24497)
@@ -173,6 +173,7 @@
unsigned int proxy_cred : 1;
unsigned int default_identity : 1;
unsigned int iakerb_mech : 1;
+ unsigned int destroy_ccache : 1;
/* keytab (accept) data */
krb5_keytab keytab;
Modified: branches/krb5-1-9/src/lib/gssapi/krb5/rel_cred.c
===================================================================
--- branches/krb5-1-9/src/lib/gssapi/krb5/rel_cred.c 2010-11-01 20:36:22 UTC (rev 24496)
+++ branches/krb5-1-9/src/lib/gssapi/krb5/rel_cred.c 2010-11-01 20:36:28 UTC (rev 24497)
@@ -55,9 +55,12 @@
k5_mutex_destroy(&cred->lock);
/* ignore error destroying mutex */
- if (cred->ccache)
- code1 = krb5_cc_close(context, cred->ccache);
- else
+ if (cred->ccache) {
+ if (cred->destroy_ccache)
+ code1 = krb5_cc_destroy(context, cred->ccache);
+ else
+ code1 = krb5_cc_close(context, cred->ccache);
+ } else
code1 = 0;
#ifndef LEAN_CLIENT
Modified: branches/krb5-1-9/src/lib/gssapi/krb5/s4u_gss_glue.c
===================================================================
--- branches/krb5-1-9/src/lib/gssapi/krb5/s4u_gss_glue.c 2010-11-01 20:36:22 UTC (rev 24496)
+++ branches/krb5-1-9/src/lib/gssapi/krb5/s4u_gss_glue.c 2010-11-01 20:36:28 UTC (rev 24497)
@@ -226,6 +226,7 @@
code = krb5_cc_new_unique(context, "MEMORY", NULL, &cred->ccache);
if (code != 0)
goto cleanup;
+ cred->destroy_ccache = 1;
code = krb5_cc_initialize(context, cred->ccache,
cred->proxy_cred ? impersonator_cred->name->princ :
More information about the cvs-krb5
mailing list