Add authgss_free_private_data interface.

This is a necessary partner to authgss_get_private_data, so that
the caller can free the data when needed (and not before).

The previous practice of leaving the private data where it was resulted
in authgss_destroy_context() attempting to destroy the context on the
server which was incorrect, and fortunately fails for other reasons.

An application which uses authgss_get_private_data() but does not call
authgss_free_private_data() will be as correct as, or slightly more
correct than, it was, but will suffer a slight memory leak.

This patch is based on commit 07fce317cac267509b944a8191cafa8e49b5e328
from librpcsecgss that was committed by Kevin Coffman.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>

1 files changed, 26 insertions, 0 deletions

diff --git a/src/auth_gss.c b/src/auth_gss.c
index 539101e..81ae8ae 100644
--- a/src/auth_gss.c
+++ b/src/auth_gss.c
@@ -262,6 +262,32 @@ authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd)
 	pd->pd_ctx = gd->ctx;
 	pd->pd_ctx_hndl = gd->gc.gc_ctx;
 	pd->pd_seq_win = gd->win;
+	/*
+	 * We've given this away -- don't try to use it ourself any more
+	 * Caller should call authgss_free_private_data to free data.
+	 * This also ensures that authgss_destroy_context() won't try to
+	 * send an RPCSEC_GSS_DESTROY request which might inappropriately
+	 * destroy the context.
+	 */
+	gd->gc.gc_ctx.length = 0;
+	gd->gc.gc_ctx.value = NULL;
+
+	return (TRUE);
+}
+
+bool_t
+authgss_free_private_data(struct authgss_private_data *pd)
+{
+	OM_uint32	min_stat;
+	gss_log_debug("in authgss_free_private_data()");
+
+	if (!pd)
+		return (FALSE);
+
+	pd->pd_ctx = NULL;
+	gss_release_buffer(&min_stat, &pd->pd_ctx_hndl);
+	memset(&pd->pd_ctx_hndl, 0, sizeof(pd->pd_ctx_hndl));
+	pd->pd_seq_win = 0;
 
 	return (TRUE);
 }