+2000-02-16 Tom Yu <tlyu@mit.edu>
+
+ * auth_gssapi.c (auth_gssapi_create): Free call_res because
+ xdr_authgssapi_init_res can potentially allocate memory. Perhaps
+ clnt_call should really deal with this, though. It is not at all
+ clear whether clnt_call or svc_getargs should actually end up
+ freeing allocated memory themselves.
+
+2000-02-15 Tom Yu <tlyu@mit.edu>
+
+ * svc_auth_gssapi.c (_svcauth_gssapi): Call gssrpc_xdr_free() if
+ xdr_authgssapi_creds() or xdr_authgssapi_init_arg() fails.
+
+ * auth_gssapi_misc.c (xdr_authgssapi_creds):
+ (xdr_authgssapi_init_arg):
+ (xdr_authgssapi_init_res): Revert prior change. The caller should
+ be the one dealing. Additionally, it was probably wrong to
+ unconditionally free the object regardless of whether the mode is
+ XDR_DECODE.
+ (auth_gssapi_unwrap_data): Use temp_xdrs rather than in_xdrs to
+ force XDR_FREE operation.
+
2000-02-14 Tom Yu <tlyu@mit.edu>
* svc.c (xprt_register): Zero out xports after allocating.
auth_gssapi_creds *creds;
{
if (! xdr_u_int32(xdrs, &creds->version) ||
- ! xdr_bool(xdrs, &creds->auth_msg))
- return FALSE;
- if (! xdr_gss_buf(xdrs, &creds->client_handle)) {
- xdrs->x_op = XDR_FREE;
- (void)xdr_gss_buf(xdrs, &creds->client_handle);
- return FALSE;
- }
+ ! xdr_bool(xdrs, &creds->auth_msg) ||
+ ! xdr_gss_buf(xdrs, &creds->client_handle))
+ return FALSE;
return TRUE;
}
XDR *xdrs;
auth_gssapi_init_arg *init_arg;
{
- if (! xdr_u_int32(xdrs, &init_arg->version))
- return FALSE;
- if (! xdr_gss_buf(xdrs, &init_arg->token)) {
- xdrs->x_op = XDR_FREE;
- (void)xdr_gss_buf(xdrs, &init_arg->token);
- return FALSE;
- }
+ if (! xdr_u_int32(xdrs, &init_arg->version) ||
+ ! xdr_gss_buf(xdrs, &init_arg->token))
+ return FALSE;
return TRUE;
}
XDR *xdrs;
auth_gssapi_init_res *init_res;
{
- if (! xdr_u_int32(xdrs, &init_res->version))
- return FALSE;
- if (! xdr_gss_buf(xdrs, &init_res->client_handle)) {
- xdrs->x_op = XDR_FREE;
- (void)xdr_gss_buf(xdrs, &init_res->client_handle);
- return FALSE;
- }
- if (! xdr_u_int32(xdrs, &init_res->gss_major) ||
- ! xdr_u_int32(xdrs, &init_res->gss_minor))
- return FALSE;
- if (! xdr_gss_buf(xdrs, &init_res->token)) {
- xdrs->x_op = XDR_FREE;
- (void)xdr_gss_buf(xdrs, &init_res->token);
- return FALSE;
- }
- if (! xdr_gss_buf(xdrs, &init_res->signed_isn)) {
- xdrs->x_op = XDR_FREE;
- (void)xdr_gss_buf(xdrs, &init_res->signed_isn);
- return FALSE;
- }
+ if (! xdr_u_int32(xdrs, &init_res->version) ||
+ ! xdr_gss_buf(xdrs, &init_res->client_handle) ||
+ ! xdr_u_int32(xdrs, &init_res->gss_major) ||
+ ! xdr_u_int32(xdrs, &init_res->gss_minor) ||
+ ! xdr_gss_buf(xdrs, &init_res->token) ||
+ ! xdr_gss_buf(xdrs, &init_res->signed_isn))
+ return FALSE;
return TRUE;
}
if (! xdr_bytes(in_xdrs, (char **) &in_buf.value,
(unsigned int *) &in_buf.length, (unsigned int) -1)) {
PRINTF(("gssapi_unwrap_data: deserializing encrypted data failed\n"));
- in_xdrs->x_op = XDR_FREE;
- (void)xdr_bytes(in_xdrs, (char **) &in_buf.value,
+ temp_xdrs.x_op = XDR_FREE;
+ (void)xdr_bytes(&temp_xdrs, (char **) &in_buf.value,
(unsigned int *) &in_buf.length,
(unsigned int) -1);
return FALSE;
if (! (*xdr_func)(&temp_xdrs, xdr_ptr)) {
PRINTF(("gssapi_unwrap_data: deserializing arguments failed\n"));
gss_release_buffer(minor, &out_buf);
+ gssrpc_xdr_free(xdr_func, xdr_ptr);
XDR_DESTROY(&temp_xdrs);
return FALSE;
}
if (! xdr_authgssapi_creds(&xdrs, &creds)) {
PRINTF(("svcauth_gssapi: failed decoding creds\n"));
LOG_MISCERR("protocol error in client credentials");
+ gssrpc_xdr_free(xdr_authgssapi_creds, &creds);
XDR_DESTROY(&xdrs);
ret = AUTH_BADCRED;
goto error;
&call_arg)) {
PRINTF(("svcauth_gssapi: cannot decode args\n"));
LOG_MISCERR("protocol error in procedure arguments");
+ xdr_free(xdr_authgssapi_init_arg, &call_arg);
ret = AUTH_BADCRED;
goto error;
}
&call_arg)) {
PRINTF(("svcauth_gssapi: cannot decode args\n"));
LOG_MISCERR("protocol error in call arguments");
+ xdr_free(xdr_authgssapi_init_arg, &call_arg);
ret = AUTH_BADCRED;
goto error;
}
projects / krb5.git / commitdiff