some work on fast reauth

[mech_eap.git] / util_cred.c

diff --git a/util_cred.c b/util_cred.c
index d1f31ee..d6d8f51 100644 (file)
--- a/util_cred.c
+++ b/util_cred.c
@@ -63,11 +63,14 @@ gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred)
 {
     OM_uint32 tmpMinor;
     gss_cred_id_t cred = *pCred;
+    krb5_context krbContext = NULL;
 
     if (cred == GSS_C_NO_CREDENTIAL) {
         return GSS_S_COMPLETE;
     }
 
+    GSSEAP_KRB_INIT(&krbContext);
+
     gssEapReleaseName(&tmpMinor, &cred->name);
 
     if (cred->password.value != NULL) {
@@ -75,6 +78,12 @@ gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred)
         GSSEAP_FREE(cred->password.value);
     }
 
+    if (cred->radiusConfigFile != NULL)
+        GSSEAP_FREE(cred->radiusConfigFile);
+
+    if (cred->krbCredCache != NULL)
+        krb5_cc_destroy(krbContext, cred->krbCredCache);
+
     GSSEAP_MUTEX_DESTROY(&cred->mutex);
     memset(cred, 0, sizeof(*cred));
     GSSEAP_FREE(cred);
@@ -98,6 +107,7 @@ gssEapAcquireCred(OM_uint32 *minor,
     OM_uint32 major, tmpMinor;
     gss_cred_id_t cred;
 
+    /* XXX TODO validate with changed set_cred_option API */
     *pCred = GSS_C_NO_CREDENTIAL;
 
     major = gssEapAllocCred(minor, &cred);
@@ -121,7 +131,7 @@ gssEapAcquireCred(OM_uint32 *minor,
     }
 
     if (desiredName != GSS_C_NO_NAME) {
-        major = gss_duplicate_name(minor, desiredName, &cred->name);
+        major = gssEapDuplicateName(minor, desiredName, &cred->name);
         if (GSS_ERROR(major))
             goto cleanup;
     } else {
@@ -131,8 +141,8 @@ gssEapAcquireCred(OM_uint32 *minor,
             buf.value = getlogin(); /* XXX */
             buf.length = strlen((char *)buf.value);
 
-            major = gss_import_name(minor, &buf,
-                                    GSS_C_NT_USER_NAME, &cred->name);
+            major = gssEapImportName(minor, &buf,
+                                     GSS_C_NT_USER_NAME, &cred->name);
             if (GSS_ERROR(major))
                 goto cleanup;
         }