Skip Menu |
 

Subject: gss-api - mutex_lock problem
CC: lha@apple.com
Fix the problem in gss_init_sec_context when mutex_lock fails

Vendor's patch - LHA-6419724-no-leak-on-lock-failure.patch
diff -Nur -x '*~' -x '*.orig' -x '*.rej' -x '*.pbxbtree' -x '*.pbxindex' -x lha.mode1v3 -x lha.mode2v3 -x lha.pbxuser -x windows -x .DS_Store Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/gssapi/krb5/init_sec_context.c Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/gssapi/krb5/init_sec_context.c
--- Kerberos.AEP-6.5fc1.orig/KerberosFramework/Kerberos5/Sources/lib/gssapi/krb5/init_sec_context.c 2008-12-04 14:14:02.000000000 -0800
+++ Kerberos.AEP-6.5fc1/KerberosFramework/Kerberos5/Sources/lib/gssapi/krb5/init_sec_context.c 2008-12-04 14:25:28.000000000 -0800
@@ -905,6 +905,8 @@
}
kerr = k5_mutex_lock(&cred->lock);
if (kerr) {
+ if (claimant_cred_handle == GSS_C_NO_CREDENTIAL)
+ krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred);
krb5_free_context(context);
*minor_status = kerr;
return GSS_S_FAILURE;
From: tsitkova@mit.edu
Subject: SVN Commit

Release default credentials before exiting krb5_gss_init_sec_context routine.

https://github.com/krb5/krb5/commit/b9d1bc83c53454f71990e8550b691f32e352aab0
Commit By: tsitkova



Revision: 21298
Changed Files:
U trunk/src/lib/gssapi/krb5/init_sec_context.c