diff options
author | Simo Sorce <simo@redhat.com> | 2013-04-10 11:38:14 -0400 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2013-04-10 11:38:14 -0400 |
commit | 4072a0bb8b619cab027bb3833785768681da4ed5 (patch) | |
tree | c0cc36f11c44ed1cc1c24cdb5b5ba6bb3cfa8b34 /src/auth_gss.c | |
parent | 9151a39539145e1f62f8b30168d1cdeb19299dac (diff) | |
download | ti-rpc-4072a0bb8b619cab027bb3833785768681da4ed5.tar.gz |
gss: Fix private data giveaway
When the private data is given away the gss context also needs to go,
because the caller may destroy it, such as when the context is exported
into a lucid context to hand it to the kernel.
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'src/auth_gss.c')
-rw-r--r-- | src/auth_gss.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/auth_gss.c b/src/auth_gss.c index 81ae8ae..703bc3f 100644 --- a/src/auth_gss.c +++ b/src/auth_gss.c @@ -269,6 +269,7 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd) * send an RPCSEC_GSS_DESTROY request which might inappropriately * destroy the context. */ + gd->ctx = GSS_C_NO_CONTEXT; gd->gc.gc_ctx.length = 0; gd->gc.gc_ctx.value = NULL; @@ -284,7 +285,8 @@ authgss_free_private_data(struct authgss_private_data *pd) if (!pd) return (FALSE); - pd->pd_ctx = NULL; + if (pd->pd_ctx != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, &pd->pd_ctx, NULL); gss_release_buffer(&min_stat, &pd->pd_ctx_hndl); memset(&pd->pd_ctx_hndl, 0, sizeof(pd->pd_ctx_hndl)); pd->pd_seq_win = 0; |