svn rev #24591: trunk/src/lib/gssapi/spnego/
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Jan 10 13:25:37 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=24591
Commit By: ghudson
Log Message:
ticket: 6816
Fix a couple of cases in the SPNEGO implementation where a
half-constructed SPNEGO context could be leaked. Patch from
aberry at likewise.com, slightly amended.
Changed Files:
U trunk/src/lib/gssapi/spnego/spnego_mech.c
Modified: trunk/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- trunk/src/lib/gssapi/spnego/spnego_mech.c 2010-12-28 18:27:17 UTC (rev 24590)
+++ trunk/src/lib/gssapi/spnego/spnego_mech.c 2011-01-10 18:25:36 UTC (rev 24591)
@@ -603,7 +603,6 @@
}
if (put_mech_set(*mechSet, &sc->DER_mechTypes) < 0) {
- generic_gss_release_oid(&tmpmin, &sc->internal_mech);
ret = GSS_S_FAILURE;
goto cleanup;
}
@@ -613,10 +612,12 @@
*/
sc->ctx_handle = GSS_C_NO_CONTEXT;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
*tokflag = INIT_TOKEN_SEND;
ret = GSS_S_CONTINUE_NEEDED;
cleanup:
+ release_spnego_ctx(&sc);
gss_release_oid_set(&tmpmin, mechSet);
return ret;
}
@@ -1285,9 +1286,11 @@
*return_token = INIT_TOKEN_SEND;
sc->firstpass = 1;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
ret = GSS_S_COMPLETE;
cleanup:
+ release_spnego_ctx(&sc);
gss_release_oid_set(&tmpmin, &supported_mechSet);
return ret;
More information about the cvs-krb5
mailing list