Skip Menu |

Subject: krb5_cc_gen_new memory implementation doesn't create a new ccache
krb5_cc_gen_new memory implementation doesn't actually create a new ccache. Because of this
there are race conditions in a variety of places in the library which expect this function to create
a new temporary ccache. These include krb5_verify_init_creds(), gss_accept_sec_context() and
the KLL API.

Note that since the function was broken before the callers must be modified so that they
actually destroy the newly created ccache. They couldn't do this before since that would have
made the race conditions worse.
Subject: CVS Commit
Fixed the krb5_cc_gen_new memory ccache implementation and updated
krb5_verify_init_creds() and rd_and_store_for_creds() to use the
API properly (possible now that it's been fixed).

Commit By: lxs

Revision: 17997
Changed Files:
U trunk/src/lib/gssapi/krb5/accept_sec_context.c
U trunk/src/lib/krb5/ccache/cc_memory.c
U trunk/src/lib/krb5/krb/vfy_increds.c
Subject: CVS Commit
Updated KLL's krb524 support to use a memory ccache correctly now that
krb5_cc_gen_new has been fixed.

Commit By: lxs

Revision: 6001
Changed Files:
U trunk/KerberosFramework/KerberosLogin/Sources/KerberosLogin/KLTicketManagement.c
Subject: Fix bug in r17997
[forgot to put ticket number in commit]

Commit By: tlyu
Log Message:
Use unsigned char rather than u_int8_t in random_string().

Changed Files:
U trunk/src/lib/krb5/ccache/cc_memory.c
Subject: memory leak when credential delegation
Memory leaks when credential delegation is used.

Function krb5_mcc_generate_new in ./ccache/cc_memory.c leaks memory.
The local id variable "krb5_ccache lid" is neither freed nor assigned
back to calling function. It is reported as leak in valgrind in version
Fixed by lxs in rev 17997, for the 1.5 releases.