aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJulien Chaffraix <julien.chaffraix@gmail.com>2010-10-02 00:33:24 -0700
committerJulien Chaffraix <julien.chaffraix@gmail.com>2010-10-02 10:00:42 -0700
commit4b69f641a6aea8027e948d3e08ccffda307059b5 (patch)
tree82b2613b3d3600d231d621a7cc5f4027cd6f11fe /lib
parent2ae6c47d5dfdff2d6d884284beb6b0322e8ac671 (diff)
krb5-gssapi: Delete the GSS-API context.
This fixes a memory leak related to the GSS-API code. Added a krb5_init and krb5_end functions. Also removed a work-around the lack of proper initialization of the GSS-API context.
Diffstat (limited to 'lib')
-rw-r--r--lib/ftp.c4
-rw-r--r--lib/krb5.c25
2 files changed, 26 insertions, 3 deletions
diff --git a/lib/ftp.c b/lib/ftp.c
index f1376d730..60d951722 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3860,6 +3860,10 @@ static CURLcode ftp_disconnect(struct connectdata *conn)
Curl_pp_disconnect(pp);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+ Curl_sec_end(conn);
+#endif
+
return CURLE_OK;
}
diff --git a/lib/krb5.c b/lib/krb5.c
index 28c6a2528..5658bf428 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -76,9 +76,18 @@
#define REMOTE_ADDR conn->ip_addr->ai_addr
static int
+krb5_init(void *app_data)
+{
+ gss_ctx_id_t *context = app_data;
+ /* Make sure our context is initialized for krb5_end. */
+ *context = GSS_C_NO_CONTEXT;
+ return 0;
+}
+
+static int
krb5_check_prot(void *app_data, int level)
{
- app_data = NULL; /* prevent compiler warning */
+ (void)app_data; /* unused */
if(level == prot_confidential)
return -1;
return 0;
@@ -309,12 +318,22 @@ krb5_auth(void *app_data, struct connectdata *conn)
}
}
+static void krb5_end(void *app_data)
+{
+ OM_uint32 maj, min;
+ gss_ctx_id_t *context = app_data;
+ if (*context != GSS_C_NO_CONTEXT) {
+ maj = gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER);
+ DEBUGASSERT(maj == GSS_S_COMPLETE);
+ }
+}
+
struct Curl_sec_client_mech Curl_krb5_client_mech = {
"GSSAPI",
sizeof(gss_ctx_id_t),
- NULL, /* init */
+ krb5_init,
krb5_auth,
- NULL, /* end */
+ krb5_end,
krb5_check_prot,
krb5_overhead,
krb5_encode,