Request for error handling advice….?

Matthew M. DeLoera mdeloera at
Mon Aug 29 19:16:21 EDT 2011


I have a (hopefully) very simple question. This is really more a GSS issue, but I'm not sure if there's a better forum, so my apologies in advance!

Basically, using gssglue/gssapi with gssapi_krb5. In my app:

OM_uint32 major = gss_import_name();
if (major == GSS_S_COMPLETE)
    major = gas_acquire_cred();

Oversimplified but probably enough. I'm testing error handling on missing (missing provider underneath GSS, so dynamic load fails). I find that gas_import_name() does not fail, and in Ubuntu 10.04, the gas_release_name segfaults.

Any advice on when to NOT call gas_release_name? Obviously, I'm trying to avoid a leak. Observations:

- I have noticed that gas_acquire_cred happens to return GSS_S_BAD_MECH, which kind of makes sense, but I can't find enough docs to figure out whether to use the return value to either call gas_release_name or skip it.

- Was looking at docs for gss_inquire_names_for_mech, to see whether I could call it before gss_import_name to validate the environment.

- Was also looking at docs for gas_inquire_mechs_for_name, similarly……

Unless there's some other way to validate a gss_name_t before calling gas_release_name()?

Any advice would be most welcome!

Best Regards,
- Matthew

More information about the krbdev mailing list