Memory leak in gss_init_sec_context when using spnego mechanism

Tom Yu tlyu at MIT.EDU
Mon Aug 6 17:46:50 EDT 2007

>>>>> "Markus" == Markus Moeller <huaraz at> writes:

Markus> Did anybody have a chance to confirm my finding ?

Sorry, I've been rather busy recently.  I did look and discover there
are possibly multiple issues involved.  Your test program calls
gss_delete_sec_context() on a context that is probably partially
established.  This is probably a code path that is not well-exercised.
Thank you for bringing it to our attention.

1. It does appear that when the SPNEGO mechanism calls
   gss_init_sec_context(), it does not release the output token

2. It also appears that in spnego_gss_delete_sec_context(), if a
   partially established context is deleted, the inner mechanism's
   context (actually a mechglue-wrapped context) does not get deleted.

I'm not sure if there are other bugs revealed by your test case.  For
now, would you please open bugs for the above two issues?  Or if you
prefer, I can open the bugs.  Thanks.


More information about the krbdev mailing list