From b614addc1100e015807ab1dd60abfdeeba98e9e6 Mon Sep 17 00:00:00 2001 From: Scott McGuire Date: Wed, 10 Mar 1999 20:14:14 +0000 Subject: [PATCH] Added function krb5_free_cc_cred_union(), a local version of cc_free_creds() to free cred_unions allocated by Kerb5 library. Removed mac-only sys_alloc() stuff and go back to malloc() git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11256 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ccache/ccapi/stdcc.c | 14 ++- src/lib/krb5/ccache/ccapi/stdcc_util.c | 129 ++++++++++++++++--------- src/lib/krb5/ccache/ccapi/stdcc_util.h | 2 + 3 files changed, 97 insertions(+), 48 deletions(-) diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index 638f6fb92..4f364e74d 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -365,8 +365,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_store if (err != CC_NOERROR) return cc_err_xlate(err); - /* free the cred union */ - err = cc_free_creds(gCntrlBlock, &cu); + /* free the cred union using our local version of cc_free_creds() + since we allocated it locally */ + err = krb5_free_cc_cred_union(&cu); cache_changed(); return err; @@ -441,7 +442,8 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred /* copy data (with translation) */ dupCCtoK5(context, credU->cred.pV5Cred, creds); - /* free our version of the cred */ + /* free our version of the cred - okay to use cc_free_creds() here + because we got it from the CCache library */ cc_free_creds(gCntrlBlock, &credU); return 0; @@ -534,6 +536,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_end_seq_get if (err) break; + /* okay to call cc_free_creds() here because we got credU from CCache lib */ cc_free_creds(gCntrlBlock, &credU); } #endif @@ -688,8 +691,9 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_remove if (err != CC_NOERROR) return cc_err_xlate(err); - /* free the temp cred union */ - err = cc_free_creds(gCntrlBlock, &cu); + /* free the cred union using our local version of cc_free_creds() + since we allocated it locally */ + err = krb5_free_cc_cred_union(&cu); cache_changed(); if (err != CC_NOERROR) return cc_err_xlate(err); diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.c b/src/lib/krb5/ccache/ccapi/stdcc_util.c index 3c6917ad9..549ad6a54 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc_util.c +++ b/src/lib/krb5/ccache/ccapi/stdcc_util.c @@ -18,39 +18,6 @@ #define fieldSize 255 -/* on the Mac, we need the calls which allocate memory for the Credentials Cache to use - Ptr's in the system help, so that they stay global and so that bad things don't happen - when we call DisposePtr() on them. However, on other systems, malloc is probably the - right thing to use. - So for any place where we allocate memory for the Credentials Cache, use sys_alloc() and - define it accordingly. -*/ - -#if defined(macintosh) -#define sys_alloc(size) NewSafePtrSys(size) -#else -#define sys_alloc(size) malloc(size) -#endif - -#if defined(macintosh) -/* - * stolen from CCacheUtils.c - * -- NewSafePtrSys ----------------- - * - analagous to NewSafePtr but memory is allocated in the system heap - */ -static Ptr NewSafePtrSys(long size) { - - Ptr retPtr; - - retPtr = NewPtrSys(size); - - if (retPtr != NULL) - HoldMemory(retPtr, size); - - return retPtr; -} -#endif - /* * CopyCCDataArrayToK5 * - copy and translate the null terminated arrays of data records @@ -138,19 +105,19 @@ int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) { //calc number of records while (*kbase++ != NULL) numRecords++; //allocate new array - constCBase = cbase = (cc_data **)sys_alloc((numRecords+1)*sizeof(char *)); + constCBase = cbase = (cc_data **)malloc((numRecords+1)*sizeof(char *)); //reset base kbase = (whichArray == kAddressArray) ? kc->addresses : (krb5_address **)kc->authdata; //copy records while (*kbase != NULL) { - *cbase = (cc_data *)sys_alloc(sizeof(krb5_address)); + *cbase = (cc_data *)malloc(sizeof(krb5_address)); kAdr = *kbase; ccAdr = *cbase; ccAdr->type = kAdr->addrtype; ccAdr->length = kAdr->length; - ccAdr->data = (unsigned char *)sys_alloc(ccAdr->length); + ccAdr->data = (unsigned char *)malloc(ccAdr->length); memcpy(ccAdr->data, kAdr->contents, kAdr->length); //next element please kbase++; cbase++; @@ -232,14 +199,14 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) if (cu == NULL) return; /* allocate the cred_union */ - *cu = (cred_union *)sys_alloc(sizeof(cred_union)); + *cu = (cred_union *)malloc(sizeof(cred_union)); if ((*cu) == NULL) return; (*cu)->cred_type = CC_CRED_V5; /* allocate creds structure (and install) */ - c = (cc_creds *)sys_alloc(sizeof(cc_creds)); + c = (cc_creds *)malloc(sizeof(cc_creds)); if (c == NULL) return; (*cu)->cred.pV5Cred = c; @@ -251,14 +218,14 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) * puts it in appl heap with malloc) */ err = krb5_unparse_name(context, creds->client, &tempname); - c->client = sys_alloc(strlen(tempname)); + c->client = malloc(strlen(tempname)); if (c->client != NULL) strcpy(c->client,tempname); free(tempname); tempname = NULL; err = krb5_unparse_name(context, creds->server, &tempname); - c->server = sys_alloc(strlen(tempname)); + c->server = malloc(strlen(tempname)); if (c->server != NULL) strcpy(c->server,tempname); free(tempname); @@ -273,7 +240,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) c->keyblock.length = creds->keyblock.length; if (creds->keyblock.contents != NULL) { - c->keyblock.data = (unsigned char *)sys_alloc(creds->keyblock.length); + c->keyblock.data = (unsigned char *)malloc(creds->keyblock.length); memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length); } else { c->keyblock.data = NULL; @@ -290,7 +257,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) c->ticket.length = creds->ticket.length; if (creds->ticket.data != NULL) { - c->ticket.data = (unsigned char *)sys_alloc(creds->ticket.length); + c->ticket.data = (unsigned char *)malloc(creds->ticket.length); memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length); } else { c->ticket.data = NULL; @@ -298,7 +265,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) c->second_ticket.length = creds->second_ticket.length; if (creds->second_ticket.data != NULL) { - c->second_ticket.data = (unsigned char *)sys_alloc(creds->second_ticket.length); + c->second_ticket.data = (unsigned char *)malloc(creds->second_ticket.length); memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length); } else { c->second_ticket.data = NULL; @@ -465,3 +432,79 @@ int stdccCredsMatch(krb5_context context, krb5_creds *base, return FALSE; } + +// ----- free_cc_cred_union, etc -------------- +/* + Since the Kerberos5 library allocates a credentials cache structure + (in dupK5toCC() above) with its own memory allocation routines - which + may be different than how the CCache allocates memory - the Kerb5 library + must have its own version of cc_free_creds() to deallocate it. These + functions do that. The top-level function to substitue for cc_free_creds() + is krb5_free_cc_cred_union(). + + If the CCache library wants to use a cred_union structure created by + the Kerb5 library, it should make a deep copy of it to "translate" to its + own memory allocation space. +*/ +static void deep_free_cc_data (cc_data data) { + + if (data.data != NULL) + free (data.data); +} + +static void deep_free_cc_data_array (cc_data** data) { + + cc_uint32 index; + + if (data == NULL) + return; + + for (index = 0; data [index] != NULL; index++) { + deep_free_cc_data (*(data [index])); + free (data [index]); + } + + free (data); +} + +static void deep_free_cc_v5_creds (cc_creds* creds) { + + if (creds == NULL) + return; + + if (creds -> client != NULL) + free (creds -> client); + if (creds -> server != NULL) + free (creds -> server); + + deep_free_cc_data (creds -> keyblock); + deep_free_cc_data (creds -> ticket); + deep_free_cc_data (creds -> second_ticket); + + deep_free_cc_data_array (creds -> addresses); + deep_free_cc_data_array (creds -> authdata); +} + +static void deep_free_cc_creds (cred_union creds) { + + if (creds.cred_type == CC_CRED_V4) { // we shouldn't get this, of course + free (creds.cred.pV4Cred); + } else if (creds.cred_type == CC_CRED_V5) { + deep_free_cc_v5_creds (creds.cred.pV5Cred); + } +} + +// top-level exported function +cc_int32 krb5_free_cc_cred_union (cred_union** creds) { + + if (creds == NULL) + return CC_BAD_PARM; + + if (*creds != NULL) { + deep_free_cc_creds (**creds); + free (*creds); + *creds = NULL; + } + + return CC_NOERROR; +} \ No newline at end of file diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.h b/src/lib/krb5/ccache/ccapi/stdcc_util.h index db00ed635..9dd93c1ca 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc_util.h +++ b/src/lib/krb5/ccache/ccapi/stdcc_util.h @@ -19,6 +19,8 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest); void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu); int stdccCredsMatch(krb5_context context, krb5_creds *base, krb5_creds *match, int whichfields); int bitTst(int var, int mask); +cc_int32 krb5_free_cc_cred_union (cred_union** creds); + #define kAddressArray 4 #define kAuthDataArray 5 -- 2.26.2