]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: af6f716) | patch
Fix GSSRPC server credential memory leak
authorGreg Hudson <ghudson@mit.edu>
Tue, 23 Aug 2016 16:35:50 +0000 (12:35 -0400)
committerTom Yu <tlyu@mit.edu>
Fri, 2 Sep 2016 22:30:32 +0000 (18:30 -0400)
commit95bd79c14715d69399338dfff8acedd6bdf6e93e
tree56f41064c3ced8324164e30acbcbbfd1322563bdtree
parentaf6f7168b1a13edfc8824e0d26741fec010e0657commit | diff
Fix GSSRPC server credential memory leak

In svc_auth_gss.c, stop using the global svcauth_gss_creds, and
instead keep a credential in struct svc_rpc_gss_data.  This change
ensures that the same credential is used for each accept_sec_context
call for a particular context, and ensures that the credential is
freed when the authentication data is destroyed.  Also, do not acquire
a credential when the default name is used (as it is in kadmind) as it
is not needed.

Leave the svcauth_gss_creds around for the backportable fix as it is
in the library export list.  It will be removed in a subsequent
commit.

(cherry picked from commit 670d9828086e979d5cdfd26f00ca88958a03754e)

ticket: 8480
version_fixed: 1.13.7
src/lib/rpc/svc_auth_gss.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git