svn rev #24692: trunk/src/lib/gssapi/spnego/
ghudson@MIT.EDU
ghudson at MIT.EDU
Tue Mar 8 14:34:31 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=24692
Commit By: ghudson
Log Message:
ticket: 6863
SPNEGO's accept_sec_context and init_sec_context produce a null context
on error, so it needs to silently succeed when deleting a null context.
It was instead passing the null context along to the mechglue which
would produce an error, causing a leak of the mechglue's union context
wrapper. Reported by aberry at likewise.com.
Changed Files:
U trunk/src/lib/gssapi/spnego/spnego_mech.c
Modified: trunk/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- trunk/src/lib/gssapi/spnego/spnego_mech.c 2011-03-08 17:22:20 UTC (rev 24691)
+++ trunk/src/lib/gssapi/spnego/spnego_mech.c 2011-03-08 19:34:31 UTC (rev 24692)
@@ -2074,14 +2074,18 @@
spnego_gss_ctx_id_t *ctx =
(spnego_gss_ctx_id_t *)context_handle;
+ *minor_status = 0;
+
if (context_handle == NULL)
return (GSS_S_FAILURE);
+ if (*ctx == NULL)
+ return (GSS_S_COMPLETE);
+
/*
* If this is still an SPNEGO mech, release it locally.
*/
- if (*ctx != NULL &&
- (*ctx)->magic_num == SPNEGO_MAGIC_ID) {
+ if ((*ctx)->magic_num == SPNEGO_MAGIC_ID) {
(void) gss_delete_sec_context(minor_status,
&(*ctx)->ctx_handle,
output_token);
More information about the cvs-krb5
mailing list