3583. [bug] Address memory leak in GSS-API processing [RT #33574]
(cherry picked from commit 2347c72129)
This commit is contained in:
Mark Andrews
2
CHANGES
2
CHANGES
@@ -1,3 +1,5 @@
|
||||
3583. [bug] Address memory leak in GSS-API processing [RT #33574]
|
||||
|
||||
3582. [bug] Silence false positive warning regarding missing file
|
||||
directive for inline slave zones. [RT #33662]
|
||||
|
||||
|
||||
@@ -252,12 +252,12 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate,
|
||||
gss_cred_id_t *cred)
|
||||
{
|
||||
#ifdef GSSAPI
|
||||
isc_result_t result;
|
||||
isc_buffer_t namebuf;
|
||||
gss_name_t gname;
|
||||
gss_buffer_desc gnamebuf;
|
||||
unsigned char array[DNS_NAME_MAXTEXT + 1];
|
||||
OM_uint32 gret, minor;
|
||||
gss_OID_set mechs;
|
||||
OM_uint32 lifetime;
|
||||
gss_cred_usage_t usage;
|
||||
char buf[1024];
|
||||
@@ -304,16 +304,17 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate,
|
||||
usage = GSS_C_ACCEPT;
|
||||
|
||||
gret = gss_acquire_cred(&minor, gname, GSS_C_INDEFINITE,
|
||||
&mech_oid_set,
|
||||
usage, cred, &mechs, &lifetime);
|
||||
&mech_oid_set, usage, cred, NULL, &lifetime);
|
||||
|
||||
if (gret != GSS_S_COMPLETE) {
|
||||
gss_log(3, "failed to acquire %s credentials for %s: %s",
|
||||
initiate ? "initiate" : "accept",
|
||||
(gname != NULL) ? (char *)gnamebuf.value : "?",
|
||||
gss_error_tostring(gret, minor, buf, sizeof(buf)));
|
||||
check_config((char *)array);
|
||||
return (ISC_R_FAILURE);
|
||||
if (gname != NULL)
|
||||
check_config((char *)array);
|
||||
result = ISC_R_FAILURE;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
gss_log(4, "acquired %s credentials for %s",
|
||||
@@ -321,8 +322,18 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate,
|
||||
(gname != NULL) ? (char *)gnamebuf.value : "?");
|
||||
|
||||
log_cred(*cred);
|
||||
result = ISC_R_SUCCESS;
|
||||
|
||||
return (ISC_R_SUCCESS);
|
||||
cleanup:
|
||||
if (gname != NULL) {
|
||||
gret = gss_release_name(&minor, &gname);
|
||||
if (gret != GSS_S_COMPLETE)
|
||||
gss_log(3, "failed gss_release_name: %s",
|
||||
gss_error_tostring(gret, minor, buf,
|
||||
sizeof(buf)));
|
||||
}
|
||||
|
||||
return (result);
|
||||
#else
|
||||
REQUIRE(cred != NULL && *cred == NULL);
|
||||
|
||||
@@ -620,7 +631,6 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken,
|
||||
RETERR(isc_buffer_copyregion(outtoken, &r));
|
||||
(void)gss_release_buffer(&minor, &gouttoken);
|
||||
}
|
||||
(void)gss_release_name(&minor, &gname);
|
||||
|
||||
if (gret == GSS_S_COMPLETE)
|
||||
result = ISC_R_SUCCESS;
|
||||
@@ -628,6 +638,7 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken,
|
||||
result = DNS_R_CONTINUE;
|
||||
|
||||
out:
|
||||
(void)gss_release_name(&minor, &gname);
|
||||
return (result);
|
||||
#else
|
||||
UNUSED(name);
|
||||
|
||||
Reference in New Issue
Block a user