diff options
author | Russ Allbery <eagle@eyrie.org> | 2014-01-28 14:55:15 -0800 |
---|---|---|
committer | Russ Allbery <rra@stanford.edu> | 2014-01-28 14:59:52 -0800 |
commit | a45ce05051cff4a4e50661dad8e1303b036fa6e9 (patch) | |
tree | f1f718ede468fb1ccb767bbff543fcf38518c10c /client | |
parent | 97f5ca2924ca47d7f1f8a2d6aabfdc03773bed44 (diff) |
Fix a GSS-API context leak on protocol version one error
Fix a GSS-API context leak in the remctl client when failing to send a
protocol version one token.
Change-Id: I38f48b86479d0567015b7910e0348da5ed451e5b
Reviewed-on: https://gerrit.stanford.edu/1420
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
Diffstat (limited to 'client')
-rw-r--r-- | client/client-v1.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/client/client-v1.c b/client/client-v1.c index 030ad88..ec710fb 100644 --- a/client/client-v1.c +++ b/client/client-v1.c @@ -9,7 +9,7 @@ * * Written by Russ Allbery <eagle@eyrie.org> * Based on work by Anton Ushakov - * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2010, 2012 + * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2010, 2012, 2014 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -117,8 +117,11 @@ internal_v1_output(struct remctl *r) if (status != TOKEN_OK) { internal_token_error(r, "receiving token", status, major, minor); if (status == TOKEN_FAIL_EOF || status == TOKEN_FAIL_TIMEOUT) { + gss_delete_sec_context(&minor, &r->context, GSS_C_NO_BUFFER); + r->context = GSS_C_NO_CONTEXT; socket_close(r->fd); r->fd = INVALID_SOCKET; + r->ready = false; } return NULL; } @@ -180,6 +183,7 @@ internal_v1_output(struct remctl *r) * connection now. */ gss_delete_sec_context(&minor, &r->context, GSS_C_NO_BUFFER); + r->context = GSS_C_NO_CONTEXT; socket_close(r->fd); r->fd = INVALID_SOCKET; r->ready = false; |