More careful matching of alloc/free functions

[mech_eap.git] / mech_eap / util_krb.c

diff --git a/mech_eap/util_krb.c b/mech_eap/util_krb.c
index 779c812..ce3d0f6 100644 (file)
--- a/mech_eap/util_krb.c
+++ b/mech_eap/util_krb.c
@@ -68,12 +68,11 @@ initKrbContext(krb5_context *pKrbContext)
     *pKrbContext = krbContext;
 
 cleanup:
+    krb5_free_default_realm(krbContext, defaultRealm);
+
     if (code != 0 && krbContext != NULL)
         krb5_free_context(krbContext);
 
-    if (defaultRealm != NULL)
-        GSSEAP_FREE(defaultRealm);
-
     return code;
 }
 
@@ -93,7 +92,6 @@ gssEapKerberosInit(OM_uint32 *minor, krb5_context *context)
                 tld->krbContext = *context;
         }
     }
-
     return *minor == 0 ? GSS_S_COMPLETE : GSS_S_FAILURE;
 }
 
@@ -124,7 +122,7 @@ gssEapDeriveRfc3961Key(OM_uint32 *minor,
     unsigned char constant[4 + sizeof("rfc4121-gss-eap") - 1], *p;
     ssize_t i, remain;
 
-    assert(encryptionType != ENCTYPE_NULL);
+    GSSEAP_ASSERT(encryptionType != ENCTYPE_NULL);
 
     memset(pKey, 0, sizeof(*pKey));
 
@@ -280,7 +278,7 @@ rfc3961ChecksumTypeForKey(OM_uint32 *minor,
 #endif /* HAVE_KRB5INT_C_MANDATORY_CKSUMTYPE */
 
     if (!krb5_c_is_keyed_cksum(*cksumtype)) {
-        *minor = KRB5KRB_AP_ERR_INAPP_CKSUM;
+        *minor = (OM_uint32)KRB5KRB_AP_ERR_INAPP_CKSUM;
         return GSS_S_FAILURE;
     }
 
@@ -463,7 +461,7 @@ krbMakeAuthDataKdcIssued(krb5_context context,
     if (code != 0)
         goto cleanup;
 
-    GSSEAP_FREE(buf);
+    free(buf); /* match ASN1_MALLOC_ENCODE */
     buf = NULL;
 
     ASN1_MALLOC_ENCODE(AD_KDCIssued, buf, buf_size, &kdcIssued, &len, code);
@@ -480,7 +478,7 @@ krbMakeAuthDataKdcIssued(krb5_context context,
 
 cleanup:
     if (buf != NULL)
-        GSSEAP_FREE(buf);
+        free(buf); /* match ASN1_MALLOC_ENCODE */
     if (crypto != NULL)
         krb5_crypto_destroy(context, crypto);
     free_Checksum(&kdcIssued.ad_checksum);