From 41103fb180d78f349a5c3fe45f96008b50a11587 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 19 Aug 2010 16:38:30 +0000 Subject: [PATCH] Allow krb5_gss_register_acceptor_identity to unset keytab name krb5_gss_register_acceptor_identity sets a mutex-locked global (not thread-specific) variable containing a keytab name. This change allows the variable to be unset by passing a null value. A more elegant long-term solution to the problem is Heimdal's gss_krb5_import_cred function. ticket: 6758 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24242 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/acquire_cred.c | 16 +++++++--------- src/lib/gssapi/krb5/krb5_gss_glue.c | 2 +- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 28e25052a..bceab6173 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -103,19 +103,18 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status, const gss_OID desired_object, gss_buffer_t value) { - char *new, *old; + char *new = NULL, *old; int err; err = gss_krb5int_initialize_library(); if (err != 0) return GSS_S_FAILURE; - if (value->value == NULL) - return GSS_S_FAILURE; - - new = strdup((char *)value->value); - if (new == NULL) - return GSS_S_FAILURE; + if (value->value != NULL) { + new = strdup((char *)value->value); + if (new == NULL) + return GSS_S_FAILURE; + } err = k5_mutex_lock(&gssint_krb5_keytab_lock); if (err) { @@ -125,8 +124,7 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status, old = krb5_gss_keytab; krb5_gss_keytab = new; k5_mutex_unlock(&gssint_krb5_keytab_lock); - if (old != NULL) - free(old); + free(old); return GSS_S_COMPLETE; } diff --git a/src/lib/gssapi/krb5/krb5_gss_glue.c b/src/lib/gssapi/krb5/krb5_gss_glue.c index 0d87f90c9..d2a47acb8 100644 --- a/src/lib/gssapi/krb5/krb5_gss_glue.c +++ b/src/lib/gssapi/krb5/krb5_gss_glue.c @@ -253,7 +253,7 @@ krb5_gss_register_acceptor_identity(const char *keytab) OM_uint32 minor_status; gss_buffer_desc req_buffer; - req_buffer.length = strlen(keytab); + req_buffer.length = (keytab == NULL) ? 0 : strlen(keytab); req_buffer.value = (char *)keytab; major_status = gssspi_mech_invoke(&minor_status, -- 2.26.2