correction to previous commit. do not call krb5_gss_release_cred()
authorJeffrey Altman <jaltman@secure-endpoints.com>
Thu, 13 Jan 2005 11:51:30 +0000 (11:51 +0000)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Thu, 13 Jan 2005 11:51:30 +0000 (11:51 +0000)
 if the cred was not acquired.  destroy each field of the cred one
 piece at a time based upon what was allocated.

ticket: 2875

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17025 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/acquire_cred.c

index b0f8ecc540e4b79c7fa8d12ef253beccca688705..56d6a473c88a74baebed557a5c5161e981224718 100644 (file)
@@ -444,7 +444,8 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
    if ((cred_usage != GSS_C_INITIATE) &&
        (cred_usage != GSS_C_ACCEPT) &&
        (cred_usage != GSS_C_BOTH)) {
-       krb5_gss_release_cred(minor_status, &cred);
+      k5_mutex_destroy(&cred->lock);
+      xfree(cred);
       *minor_status = (OM_uint32) G_BAD_USAGE;
       krb5_free_context(context);
       return(GSS_S_FAILURE);
@@ -458,8 +459,11 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
       if ((ret = acquire_accept_cred(context, minor_status, desired_name,
                                     &(cred->princ), cred))
          != GSS_S_COMPLETE) {
-          krb5_gss_release_cred(minor_status, &cred);
-          /* minor_status set by acquire_accept_cred() */
+        if (cred->princ)
+           krb5_free_principal(context, cred->princ);
+         k5_mutex_destroy(&cred->lock);
+         xfree(cred);
+        /* minor_status set by acquire_accept_cred() */
         krb5_free_context(context);
         return(ret);
       }
@@ -475,8 +479,13 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
                             cred->princ?(gss_name_t)cred->princ:desired_name,
                             &(cred->princ), cred))
          != GSS_S_COMPLETE) {
-          krb5_gss_release_cred(minor_status, &cred);
-          /* minor_status set by acquire_init_cred() */
+        if (cred->keytab)
+           krb5_kt_close(context, cred->keytab);
+        if (cred->princ)
+           krb5_free_principal(context, cred->princ);
+         k5_mutex_destroy(&cred->lock);
+         xfree(cred);
+        /* minor_status set by acquire_init_cred() */
         krb5_free_context(context);
         return(ret);
       }
@@ -486,8 +495,13 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
    if (!cred->princ && (desired_name != GSS_C_NO_CREDENTIAL))
       if ((code = krb5_copy_principal(context, (krb5_principal) desired_name,
                                      &(cred->princ)))) {
-          krb5_gss_release_cred(minor_status, &cred);
-          *minor_status = code;
+        if (cred->ccache)
+           (void)krb5_cc_close(context, cred->ccache);
+        if (cred->keytab)
+           (void)krb5_kt_close(context, cred->keytab);
+         k5_mutex_destroy(&cred->lock);
+         xfree(cred);
+        *minor_status = code;
         krb5_free_context(context);
         return(GSS_S_FAILURE);
       }
@@ -503,8 +517,15 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
       krb5_timestamp now;
 
       if ((code = krb5_timeofday(context, &now))) {
-          krb5_gss_release_cred(minor_status, &cred);
-          *minor_status = code;
+        if (cred->ccache)
+           (void)krb5_cc_close(context, cred->ccache);
+        if (cred->keytab)
+           (void)krb5_kt_close(context, cred->keytab);
+        if (cred->princ)
+           krb5_free_principal(context, cred->princ);
+         k5_mutex_destroy(&cred->lock);
+         xfree(cred);
+        *minor_status = code;
         krb5_free_context(context);
         return(GSS_S_FAILURE);
       }
@@ -526,7 +547,14 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
            GSS_ERROR(ret = generic_gss_add_oid_set_member(minor_status,
                                                           (gss_OID) gss_mech_krb5,
                                                           &ret_mechs)))) {
-           krb5_gss_release_cred(minor_status, &cred);
+          if (cred->ccache)
+              (void)krb5_cc_close(context, cred->ccache);
+          if (cred->keytab)
+              (void)krb5_kt_close(context, cred->keytab);
+          if (cred->princ)
+              krb5_free_principal(context, cred->princ);
+           k5_mutex_destroy(&cred->lock);
+          xfree(cred);
           /* *minor_status set above */
           krb5_free_context(context);
           return(ret);
@@ -538,7 +566,14 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
    if (! kg_save_cred_id((gss_cred_id_t) cred)) {
       free(ret_mechs->elements);
       free(ret_mechs);
-       krb5_gss_release_cred(minor_status, &cred);
+      if (cred->ccache)
+        (void)krb5_cc_close(context, cred->ccache);
+      if (cred->keytab)
+        (void)krb5_kt_close(context, cred->keytab);
+      if (cred->princ)
+        krb5_free_principal(context, cred->princ);
+      k5_mutex_destroy(&cred->lock);
+      xfree(cred);
       *minor_status = (OM_uint32) G_VALIDATE_FAILED;
       krb5_free_context(context);
       return(GSS_S_FAILURE);