From: NeilBrown Date: Tue, 12 Feb 2013 14:43:45 +0000 (-0500) Subject: Add authgss_free_private_data interface. X-Git-Tag: libtirpc-0-2-3~7 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ab1c0df00b5634b50c786460169d1b8c824106f7;p=libtirpc Add authgss_free_private_data interface. This is a necessary partner to authgss_get_private_data, so that the caller can free the data when needed (and not before). The previous practice of leaving the private data where it was resulted in authgss_destroy_context() attempting to destroy the context on the server which was incorrect, and fortunately fails for other reasons. An application which uses authgss_get_private_data() but does not call authgss_free_private_data() will be as correct as, or slightly more correct than, it was, but will suffer a slight memory leak. This patch is based on commit 07fce317cac267509b944a8191cafa8e49b5e328 from librpcsecgss that was committed by Kevin Coffman. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson --- diff --git a/src/auth_gss.c b/src/auth_gss.c index 539101e..81ae8ae 100644 --- a/src/auth_gss.c +++ b/src/auth_gss.c @@ -262,6 +262,32 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd) pd->pd_ctx = gd->ctx; pd->pd_ctx_hndl = gd->gc.gc_ctx; pd->pd_seq_win = gd->win; + /* + * We've given this away -- don't try to use it ourself any more + * Caller should call authgss_free_private_data to free data. + * This also ensures that authgss_destroy_context() won't try to + * send an RPCSEC_GSS_DESTROY request which might inappropriately + * destroy the context. + */ + gd->gc.gc_ctx.length = 0; + gd->gc.gc_ctx.value = NULL; + + return (TRUE); +} + +bool_t +authgss_free_private_data(struct authgss_private_data *pd) +{ + OM_uint32 min_stat; + gss_log_debug("in authgss_free_private_data()"); + + if (!pd) + return (FALSE); + + pd->pd_ctx = NULL; + gss_release_buffer(&min_stat, &pd->pd_ctx_hndl); + memset(&pd->pd_ctx_hndl, 0, sizeof(pd->pd_ctx_hndl)); + pd->pd_seq_win = 0; return (TRUE); } diff --git a/tirpc/rpc/auth_gss.h b/tirpc/rpc/auth_gss.h index fc3ffbd..d6f2bbd 100644 --- a/tirpc/rpc/auth_gss.h +++ b/tirpc/rpc/auth_gss.h @@ -119,6 +119,7 @@ AUTH *authgss_create_default __P((CLIENT *, char *, struct rpc_gss_sec *)); bool_t authgss_service __P((AUTH *auth, int svc)); bool_t authgss_get_private_data __P((AUTH *auth, struct authgss_private_data *)); +bool_t authgss_free_private_data __P((struct authgss_private_data *)); void gss_log_debug __P((const char *fmt, ...)); void gss_log_status __P((char *m, OM_uint32 major,