More careful matching of alloc/free functions

[mech_eap.orig] / mech_eap / util_krb.c

diff --git a/mech_eap/util_krb.c b/mech_eap/util_krb.c
index 88ad6dd..ce3d0f6 100644 (file)
--- a/mech_eap/util_krb.c
+++ b/mech_eap/util_krb.c
@@ -36,24 +36,13 @@
 
 #include "gssapiP_eap.h"
 
-static GSSEAP_THREAD_ONCE krbContextKeyOnce = GSSEAP_ONCE_INITIALIZER;
-static GSSEAP_THREAD_KEY krbContextKey;
-
-static void
-destroyKrbContext(void *arg)
+void
+gssEapDestroyKrbContext(krb5_context context)
 {
-    krb5_context context = (krb5_context)arg;
-
     if (context != NULL)
         krb5_free_context(context);
 }
 
-static void
-createKrbContextKey(void)
-{
-    GSSEAP_KEY_CREATE(&krbContextKey, destroyKrbContext);
-}
-
 static krb5_error_code
 initKrbContext(krb5_context *pKrbContext)
 {
@@ -79,34 +68,30 @@ initKrbContext(krb5_context *pKrbContext)
     *pKrbContext = krbContext;
 
 cleanup:
+    krb5_free_default_realm(krbContext, defaultRealm);
+
     if (code != 0 && krbContext != NULL)
         krb5_free_context(krbContext);
 
-    if (defaultRealm != NULL)
-        GSSEAP_FREE(defaultRealm);
-
     return code;
 }
 
 OM_uint32
 gssEapKerberosInit(OM_uint32 *minor, krb5_context *context)
 {
+    struct gss_eap_thread_local_data *tld;
+
     *minor = 0;
 
-    GSSEAP_ONCE(&krbContextKeyOnce, createKrbContextKey);
-
-    *context = GSSEAP_GETSPECIFIC(krbContextKey);
-    if (*context == NULL) {
-        *minor = initKrbContext(context);
-        if (*minor == 0) {
-            if (GSSEAP_SETSPECIFIC(krbContextKey, *context) != 0) {
-                *minor = errno;
-                krb5_free_context(*context);
-                *context = NULL;
-            }
+    tld = gssEapGetThreadLocalData();
+    if (tld != NULL) {
+        *context = tld->krbContext;
+        if (*context == NULL) {
+            *minor = initKrbContext(context);
+            if (*minor == 0)
+                tld->krbContext = *context;
         }
     }
-
     return *minor == 0 ? GSS_S_COMPLETE : GSS_S_FAILURE;
 }
 
@@ -137,7 +122,7 @@ gssEapDeriveRfc3961Key(OM_uint32 *minor,
     unsigned char constant[4 + sizeof("rfc4121-gss-eap") - 1], *p;
     ssize_t i, remain;
 
-    assert(encryptionType != ENCTYPE_NULL);
+    GSSEAP_ASSERT(encryptionType != ENCTYPE_NULL);
 
     memset(pKey, 0, sizeof(*pKey));
 
@@ -293,7 +278,7 @@ rfc3961ChecksumTypeForKey(OM_uint32 *minor,
 #endif /* HAVE_KRB5INT_C_MANDATORY_CKSUMTYPE */
 
     if (!krb5_c_is_keyed_cksum(*cksumtype)) {
-        *minor = KRB5KRB_AP_ERR_INAPP_CKSUM;
+        *minor = (OM_uint32)KRB5KRB_AP_ERR_INAPP_CKSUM;
         return GSS_S_FAILURE;
     }
 
@@ -476,7 +461,7 @@ krbMakeAuthDataKdcIssued(krb5_context context,
     if (code != 0)
         goto cleanup;
 
-    GSSEAP_FREE(buf);
+    free(buf); /* match ASN1_MALLOC_ENCODE */
     buf = NULL;
 
     ASN1_MALLOC_ENCODE(AD_KDCIssued, buf, buf_size, &kdcIssued, &len, code);
@@ -493,7 +478,7 @@ krbMakeAuthDataKdcIssued(krb5_context context,
 
 cleanup:
     if (buf != NULL)
-        GSSEAP_FREE(buf);
+        free(buf); /* match ASN1_MALLOC_ENCODE */
     if (crypto != NULL)
         krb5_crypto_destroy(context, crypto);
     free_Checksum(&kdcIssued.ad_checksum);