summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source4/auth/credentials/credentials_krb5.c10
-rw-r--r--source4/auth/gensec/gensec_gssapi.c5
2 files changed, 10 insertions, 5 deletions
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c
index ab850c1307..2b5a5fe7f1 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -259,7 +259,8 @@ int cli_credentials_get_ccache(struct cli_credentials *cred,
cli_credentials_set_machine_account(cred);
}
- if (cred->ccache_obtained >= cred->ccache_threshold) {
+ if (cred->ccache_obtained >= cred->ccache_threshold &&
+ cred->ccache_obtained > CRED_UNINITIALISED) {
*ccc = cred->ccache;
return 0;
}
@@ -298,7 +299,7 @@ void cli_credentials_invalidate_client_gss_creds(struct cli_credentials *cred,
* any cached credentials are now invalid */
if (obtained >= cred->client_gss_creds_obtained) {
if (cred->client_gss_creds_obtained > CRED_UNINITIALISED) {
- talloc_free(cred->client_gss_creds);
+ talloc_unlink(cred, cred->client_gss_creds);
cred->client_gss_creds = NULL;
}
cred->client_gss_creds_obtained = CRED_UNINITIALISED;
@@ -319,7 +320,7 @@ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
* any cached credentials are now invalid */
if (obtained >= cred->ccache_obtained) {
if (cred->ccache_obtained > CRED_UNINITIALISED) {
- talloc_free(cred->ccache);
+ talloc_unlink(cred, cred->ccache);
cred->ccache = NULL;
}
cred->ccache_obtained = CRED_UNINITIALISED;
@@ -350,7 +351,8 @@ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
OM_uint32 maj_stat, min_stat;
struct gssapi_creds_container *gcc;
struct ccache_container *ccache;
- if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold) {
+ if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold &&
+ cred->client_gss_creds_obtained > CRED_UNINITIALISED) {
*_gcc = cred->client_gss_creds;
return 0;
}
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index a9076845ba..3c66a032d5 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -370,7 +370,10 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
}
gensec_gssapi_state->client_cred = gcc;
-
+ if (!talloc_reference(gensec_gssapi_state, gcc)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
return NT_STATUS_OK;
}
generated by cgit (git 2.34.1) at 2024-07-30 09:28:23 +0000