From e546b48dcb426323ef1e398d7ce1f614e4128a11 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zden=C4=9Bk=20Salvet?= Date: Wed, 28 May 2008 13:23:18 +0000 Subject: [PATCH] Reopen GSS connection when previous credentials are not valid anymore. Fix memory leak in credential reload code. (Fixes remaining part of bug #37069.) --- org.glite.lb.client/src/connection.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/org.glite.lb.client/src/connection.c b/org.glite.lb.client/src/connection.c index 9d68ad4..d9a8b42 100644 --- a/org.glite.lb.client/src/connection.c +++ b/org.glite.lb.client/src/connection.c @@ -261,14 +261,19 @@ int edg_wll_open(edg_wll_Context ctx, int* connToUse) if (acquire_cred) { + gss_cred_id_t newcred = GSS_C_NO_CREDENTIAL; if (edg_wll_gss_acquire_cred_gsi( ctx->p_proxy_filename ? ctx->p_proxy_filename : ctx->p_cert_filename, ctx->p_proxy_filename ? ctx->p_proxy_filename : ctx->p_key_filename, - &ctx->connections->connPool[index].gsiCred, NULL, &gss_stat)) { + &newcred, NULL, &gss_stat)) { edg_wll_SetErrorGss(ctx, "failed to load GSI credentials", &gss_stat); goto err; - } - else { + } else { + if (ctx->connections->connPool[index].gsiCred != GSS_C_NO_CREDENTIAL) + gss_release_cred(&min_stat, &ctx->connections->connPool[index].gsiCred); + ctx->connections->connPool[index].gsiCred = newcred; + newcred = GSS_C_NO_CREDENTIAL; + // Credentials Acquired successfully. Storing file identification. #ifdef EDG_WLL_CONNPOOL_DEBUG printf("Cert file: %s\n", ctx->p_proxy_filename ? ctx->p_proxy_filename : ctx->p_cert_filename); @@ -283,6 +288,9 @@ int edg_wll_open(edg_wll_Context ctx, int* connToUse) } } + if (acquire_cred && ctx->connections->connPool[index].gss.context != GSS_C_NO_CONTEXT) { + edg_wll_gss_close(&ctx->connections->connPool[index].gss, &ctx->p_tmp_timeout); + } if (ctx->connections->connPool[index].gss.context == GSS_C_NO_CONTEXT) { switch (edg_wll_gss_connect(ctx->connections->connPool[index].gsiCred, ctx->connections->connPool[index].peerName, ctx->connections->connPool[index].peerPort, -- 1.8.2.3