diff options
author | Julien Chaffraix <julien.chaffraix@gmail.com> | 2010-10-02 00:33:24 -0700 |
---|---|---|
committer | Julien Chaffraix <julien.chaffraix@gmail.com> | 2010-10-02 10:00:42 -0700 |
commit | 4b69f641a6aea8027e948d3e08ccffda307059b5 (patch) | |
tree | 82b2613b3d3600d231d621a7cc5f4027cd6f11fe /lib | |
parent | 2ae6c47d5dfdff2d6d884284beb6b0322e8ac671 (diff) |
krb5-gssapi: Delete the GSS-API context.
This fixes a memory leak related to the GSS-API code.
Added a krb5_init and krb5_end functions. Also removed a work-around
the lack of proper initialization of the GSS-API context.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ftp.c | 4 | ||||
-rw-r--r-- | lib/krb5.c | 25 |
2 files changed, 26 insertions, 3 deletions
@@ -3860,6 +3860,10 @@ static CURLcode ftp_disconnect(struct connectdata *conn) Curl_pp_disconnect(pp); +#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI) + Curl_sec_end(conn); +#endif + return CURLE_OK; } diff --git a/lib/krb5.c b/lib/krb5.c index 28c6a2528..5658bf428 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -76,9 +76,18 @@ #define REMOTE_ADDR conn->ip_addr->ai_addr static int +krb5_init(void *app_data) +{ + gss_ctx_id_t *context = app_data; + /* Make sure our context is initialized for krb5_end. */ + *context = GSS_C_NO_CONTEXT; + return 0; +} + +static int krb5_check_prot(void *app_data, int level) { - app_data = NULL; /* prevent compiler warning */ + (void)app_data; /* unused */ if(level == prot_confidential) return -1; return 0; @@ -309,12 +318,22 @@ krb5_auth(void *app_data, struct connectdata *conn) } } +static void krb5_end(void *app_data) +{ + OM_uint32 maj, min; + gss_ctx_id_t *context = app_data; + if (*context != GSS_C_NO_CONTEXT) { + maj = gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER); + DEBUGASSERT(maj == GSS_S_COMPLETE); + } +} + struct Curl_sec_client_mech Curl_krb5_client_mech = { "GSSAPI", sizeof(gss_ctx_id_t), - NULL, /* init */ + krb5_init, krb5_auth, - NULL, /* end */ + krb5_end, krb5_check_prot, krb5_overhead, krb5_encode, |