Index: gc_frm_kdc.c =================================================================== --- gc_frm_kdc.c (revision 17555) +++ gc_frm_kdc.c (working copy) @@ -160,9 +160,13 @@ if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) goto cleanup; + if (free_tgt) + krb5_free_cred_contents(context, &tgt); + if ((retval = krb5_cc_retrieve_cred(context, ccache, retr_flags, &tgtq, &tgt))) { + free_tgt = 0; goto cleanup; } free_tgt = 1; @@ -230,15 +234,15 @@ &tgtq.server))) goto cleanup; + if (free_otgt) + krb5_free_cred_contents(context, &otgt); otgt = tgt; - free_otgt = 1; + free_otgt = free_tgt; free_tgt = 0; retval = krb5_cc_retrieve_cred(context, ccache, retr_flags, &tgtq, &tgt); if (retval == 0) { - krb5_free_cred_contents(context, &otgt); - free_otgt = 0; free_tgt = 1; /* We are now done - proceed to got/finally have tgt */ } else { @@ -250,8 +254,8 @@ /* with current tgt. */ /* Copy back in case invalided */ tgt = otgt; + free_tgt = free_otgt; free_otgt = 0; - free_tgt = 1; if (!krb5_c_valid_enctype(tgt.keyblock.enctype)) { retval = KRB5_PROG_ETYPE_NOSUPP; goto cleanup; @@ -304,16 +308,15 @@ &tgtq.server))) goto cleanup; + if (free_otgt) + krb5_free_cred_contents(context, &otgt); otgt = tgt; - free_otgt = 1; + free_otgt = free_tgt; free_tgt = 0; retval = krb5_cc_retrieve_cred(context, ccache, retr_flags, &tgtq, &tgt); if (retval == 0) { - if (free_otgt) - krb5_free_cred_contents(context, &otgt); - free_otgt = 0; free_tgt = 1; /* Continues with 'got one as close as possible' */ } else { @@ -324,8 +327,8 @@ /* not in the cache so try and get one with our current tgt. */ tgt = otgt; + free_tgt = free_otgt; free_otgt = 0; - free_tgt = 1; if (!krb5_c_valid_enctype(tgt.keyblock.enctype)) { retval = KRB5_PROG_ETYPE_NOSUPP; goto cleanup; @@ -359,9 +362,9 @@ krb5_free_creds(context, tgtr); tgtr = NULL; - if (free_otgt) { - krb5_free_cred_contents(context, &otgt); - free_otgt = 0; + if (free_tgt) { + krb5_free_cred_contents(context, &tgt); + free_tgt = 0; } tgt = *ret_tgts[ntgts++]; @@ -422,7 +425,8 @@ /* we're done if it is the target */ - if (!*next_server++) break; + if (!*next_server++) + break; } } }