rewrite gss_krb5_ccache_name
Stephen Ince
since at opendemand.com
Sat Nov 22 10:33:34 EST 2008
Is there a work around for this? Can I write my own xgss_krb5_ccache_name?
Or can I force a free?
----- Original Message -----
From: "Jeffrey Hutzelman" <jhutz at cmu.edu>
To: <jaltman at secure-endpoints.com>
Cc: "Stephen Ince" <since at opendemand.com>; "krbdev" <krbdev at mit.edu>;
<jhutz at cmu.edu>
Sent: Saturday, November 22, 2008 12:13 AM
Subject: Re: rewrite gss_krb5_ccache_name
> --On Friday, November 21, 2008 11:57:54 PM -0500 Jeffrey Altman
> <jaltman at secure-endpoints.com> wrote:
>
>> Note that there is a second problem with this api. When a non-NULL
>> 'old_name' parameter is provided, it must be freed using the same
>> free() as is linked to the gssapi32.dll library. Unfortunately,
>> there is no gss_krb5_free_ccname() function in the API available
>> to make sure that this is possible. As a result, passing anything
>> other than NULL as the 'old_name' parameter is dangerous on Windows.
>
> This is indeed a bug in the API. The old_name parameter should never have
> been a char **; it should have been a gss_buffer_t, which would have
> allowed it to be released using gss_release_buffer().
>
> -- Jeff
>
More information about the krbdev
mailing list