Markus Schmidt
2019-Mar-15 09:37 UTC
[PATCH] userauth_gssapi_cleanup: supported mechs should be freed via gss_release_oid_set
https://bugzilla.mindrot.org/show_bug.cgi?id=2982
Attached is a small patch that should be applied before the 8.0 release.
It fixes a problem with a recent patch (authored by me), where
gssapi_cleanup was introduced and gssapi resources are freed.
It turns out that the supported_mechs should not be just freed but
instead freed through gss_release_oid_set.
The error is probably irrelevant in the *ix/bsd environments, but turned
out to be an error under Windows if a dynamic lib (gssapi.dll) from MIT
Kerbereros is used.
Thanks
Markus Schmidt
-------------- next part --------------
diff --git a/sshconnect2.c b/sshconnect2.c
index dffee90..e4f345e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -749,14 +749,15 @@ userauth_gssapi(struct ssh *ssh)
static void
userauth_gssapi_cleanup(struct ssh *ssh)
{
+ OM_uint32 ms;
+
Authctxt *authctxt = (Authctxt *)ssh->authctxt;
Gssctxt *gssctxt = (Gssctxt *)authctxt->methoddata;
ssh_gssapi_delete_ctx(&gssctxt);
authctxt->methoddata = NULL;
- free(authctxt->gss_supported_mechs);
- authctxt->gss_supported_mechs = NULL;
+ gss_release_oid_set(&ms, &authctxt->gss_supported_mechs);
}
static OM_uint32