pull up r18935 from trunk
authorTom Yu <tlyu@mit.edu>
Tue, 12 Dec 2006 23:37:48 +0000 (23:37 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 12 Dec 2006 23:37:48 +0000 (23:37 +0000)
 r18935@cathode-dark-space:  coffman | 2006-12-08 16:02:02 -0500
 ticket: new
 subject: Don't leak padata when looping for krb5_do_preauth_tryagain()
 component: krb5-libs
 Target_Version: 1.6
 Tags: pullup

     * src/lib/krb5/krb/get_in_tkt.c: krb5_get_init_creds()

  Free any existing request.padata at the top of the loop
  calling krb5_do_preauth() and krb5_do_preauth_tryagain().

ticket: 5032
version_fixed: 1.6

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18944 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/get_in_tkt.c

index 9cf022fe82f4edcf466076c4d1b5f7bb8b881036..80baf41ce8c38d30c88579c282a2caaf545f5800 100644 (file)
@@ -1097,12 +1097,12 @@ krb5_get_init_creds(krb5_context context,
 
     /* now, loop processing preauth data and talking to the kdc */
     for (loopcount = 0; loopcount < MAX_IN_TKT_LOOPS; loopcount++) {
+       if (request.padata) {
+           krb5_free_pa_data(context, request.padata);
+           request.padata = NULL;
+       }
        if (!err_reply) {
             /* either our first attempt, or retrying after PREAUTH_NEEDED */
-           if (request.padata) {
-               krb5_free_pa_data(context, request.padata);
-               request.padata = NULL;
-           }
            if ((ret = krb5_do_preauth(context,
                                       &request,
                                       encoded_request_body,