[Bug 2982] gssapi_cleanup: supported mechs should be freed via gss_release_oid_set
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Fri Jul 12 17:30:48 AEST 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=2982
--- Comment #3 from Markus <markus at blueflash.cc> ---
> I think we should reuse the existing cleanup mechanism here. I don't
> have a working krb/gssapi installation ATM so I can't really test
> this though.
I have debugged this and found that in some circumstances,
gssapi_cleanup() is called multiple times (see comment1).
If the gssapi system reports multiple mechs it goes through the cycle
init/cleanup for each mech.
So the supported-mechs-list is on sort of a higher level than a single
gssapi auth attempt.
Hence, releasing the mechs-list itself should not be done in the
gssapi_cleanup function but at the very end of authentication.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list