goto cleanup;
pa_data->contents = scratch->data;
pa_data->length = scratch->length;
+ free(scratch);
retval = 0;
break;
}
}
+
+ krb5_princ_component(kdc_context,newp,probeslot)->data = 0;
+ krb5_princ_component(kdc_context,newp,probeslot)->length = 0;
+ krb5_princ_size(context, newp)--;
+
+ krb5_free_principal(kdc_context, newp);
+
/* if sc.sam_type is set, it worked */
if (sc.sam_type) {
/* so use assoc to get the key out! */
&assoc_key);
if (retval) {
char *sname;
- krb5_unparse_name(kdc_context, newp, &sname);
+ krb5_unparse_name(kdc_context, request->client, &sname);
com_err("krb5kdc", retval,
"snk4 finding the enctype and key <%s>", sname);
+ free(sname);
return retval;
}
/* convert server.key into a real key */
}
/* now we can use encrypting_key... */
}
- } else
+ } else {
/* SAM is not an option - so don't return as hint */
return KRB5_PREAUTH_BAD_TYPE;
-
- krb5_princ_component(kdc_context,newp,probeslot)->data = 0;
- krb5_princ_component(kdc_context,newp,probeslot)->length = 0;
- krb5_princ_size(context, newp)--;
- krb5_free_principal(kdc_context, newp);
+ }
}
sc.magic = KV5M_SAM_CHALLENGE;
sc.sam_flags = KRB5_SAM_USE_SAD_AS_KEY;
mic.data = 0;
ap_req.data = 0;
ap_rep.data = 0;
+ cksumdata.data = 0;
if (mech_type)
*mech_type = GSS_C_NULL_OID;
goto fail;
}
+ free(cksumdata.data);
+ cksumdata.data = 0;
+
if (!valid) {
code = 0;
major_status = GSS_S_BAD_SIG;
ptr += (2+mic.length);
+ free(cksumdata.data);
+ cksumdata.data = 0;
+
/* gss krb5 v2 */
} else {
/* gss krb5 v1 */
/* finally! */
- if (authdat)
- krb5_free_authenticator(context, authdat);
*minor_status = 0;
- return(GSS_S_COMPLETE);
+ major_status = GSS_S_COMPLETE;
fail:
+ if (ctypes)
+ free(ctypes);
if (authdat)
krb5_free_authenticator(context, authdat);
+ if (reqcksum.contents)
+ xfree(reqcksum.contents);
+ if (ap_rep.data)
+ xfree(ap_rep.data);
+ if (mic.data)
+ xfree(mic.data);
+ if (cksumdata.data)
+ xfree(cksumdata.data);
+
+ if (!GSS_ERROR(major_status))
+ return(major_status);
+
+ /* from here on is the real "fail" code */
+
if (ctx)
(void) krb5_gss_delete_sec_context(minor_status,
(gss_ctx_id_t *) &ctx, NULL);
- if (token.value)
- xfree(token.value);
- if (name) {
- (void) kg_delete_name((gss_name_t) name);
- krb5_free_principal(context, name);
- }
- if (reqcksum.contents)
- xfree(reqcksum.contents);
if (deleg_cred) { /* free memory associated with the deleg credential */
if (deleg_cred->ccache)
(void)krb5_cc_close(context, deleg_cred->ccache);
krb5_free_principal(context, deleg_cred->princ);
xfree(deleg_cred);
}
- if (ap_req.data && gsskrb5_vers == 2000)
- xfree(ap_req.data);
- if (ap_rep.data)
- xfree(ap_rep.data);
- if (mic.data)
- xfree(mic.data);
+ if (token.value)
+ xfree(token.value);
+ if (name) {
+ (void) kg_delete_name((gss_name_t) name);
+ krb5_free_principal(context, name);
+ }
*minor_status = code;
kg2_parse_token(minor_status, ptr, token_length,
&resp_flags, &nctypes, &ctypes,
0, NULL, &ap_rep, &mic))) {
+ free(ctypes);
(void)krb5_gss_delete_sec_context(&dummy, context_handle, NULL);
return(major_status);
}
kg2_intersect_ctypes(&ctx->nctypes, ctx->ctypes, nctypes, ctypes);
+ free(ctypes);
+
if (ctx->nctypes == 0) {
code = KG_NO_CTYPES;
goto fail;
projects / thirdparty / krb5.git / commitdiff
