diff options
author | Damien Miller <djm@mindrot.org> | 2003-05-14 19:23:56 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-05-14 19:23:56 +1000 |
commit | 4d995195354696ae0ab6dea7dfa3367fc144ce89 (patch) | |
tree | 40f9d059cad3709c748f2923b62c2f08f1574fe9 /sshconnect2.c | |
parent | 9d507dac1f78d87f2808ab247a44cd3860146375 (diff) |
- (djm) Avoid KrbV leak for MIT Kerberos
Diffstat (limited to 'sshconnect2.c')
-rw-r--r-- | sshconnect2.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/sshconnect2.c b/sshconnect2.c index f91f5b274..36d592b42 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -1130,12 +1130,10 @@ userauth_hostbased(Authctxt *authctxt) | |||
1130 | 1130 | ||
1131 | #if KRB5 | 1131 | #if KRB5 |
1132 | static int | 1132 | static int |
1133 | ssh_krb5_helper(krb5_data *ap) | 1133 | ssh_krb5_helper(krb5_data *ap, krb5_context *context) |
1134 | { | 1134 | { |
1135 | krb5_context xcontext = NULL; /* XXX share with ssh1 */ | 1135 | krb5_context xcontext = NULL; /* XXX share with ssh1 */ |
1136 | krb5_auth_context xauth_context = NULL; | 1136 | krb5_auth_context xauth_context = NULL; |
1137 | |||
1138 | krb5_context *context; | ||
1139 | krb5_auth_context *auth_context; | 1137 | krb5_auth_context *auth_context; |
1140 | krb5_error_code problem; | 1138 | krb5_error_code problem; |
1141 | const char *tkfile; | 1139 | const char *tkfile; |
@@ -1191,8 +1189,6 @@ ssh_krb5_helper(krb5_data *ap) | |||
1191 | krb5_cc_close(*context, ccache); | 1189 | krb5_cc_close(*context, ccache); |
1192 | if (*auth_context) | 1190 | if (*auth_context) |
1193 | krb5_auth_con_free(*context, *auth_context); | 1191 | krb5_auth_con_free(*context, *auth_context); |
1194 | if (*context) | ||
1195 | krb5_free_context(*context); | ||
1196 | return (ret); | 1192 | return (ret); |
1197 | } | 1193 | } |
1198 | 1194 | ||
@@ -1200,9 +1196,11 @@ int | |||
1200 | userauth_kerberos(Authctxt *authctxt) | 1196 | userauth_kerberos(Authctxt *authctxt) |
1201 | { | 1197 | { |
1202 | krb5_data ap; | 1198 | krb5_data ap; |
1199 | krb5_context *context; | ||
1200 | int ret = 0; | ||
1203 | 1201 | ||
1204 | if (ssh_krb5_helper(&ap) == 0) | 1202 | if (ssh_krb5_helper(&ap, context) == 0) |
1205 | return (0); | 1203 | goto out; |
1206 | 1204 | ||
1207 | packet_start(SSH2_MSG_USERAUTH_REQUEST); | 1205 | packet_start(SSH2_MSG_USERAUTH_REQUEST); |
1208 | packet_put_cstring(authctxt->server_user); | 1206 | packet_put_cstring(authctxt->server_user); |
@@ -1214,10 +1212,14 @@ userauth_kerberos(Authctxt *authctxt) | |||
1214 | #ifdef HEIMDAL | 1212 | #ifdef HEIMDAL |
1215 | krb5_data_free(&ap); | 1213 | krb5_data_free(&ap); |
1216 | #else | 1214 | #else |
1217 | # warning "XXX - leaks ap data on MIT kerberos" | 1215 | krb5_free_data_contents(*context, &ap); |
1218 | #endif | 1216 | #endif |
1217 | ret = 1; | ||
1219 | 1218 | ||
1220 | return (1); | 1219 | out: |
1220 | if (*context) | ||
1221 | krb5_free_context(*context); | ||
1222 | return ret; | ||
1221 | } | 1223 | } |
1222 | #endif | 1224 | #endif |
1223 | 1225 | ||