[1437] in Kerberos-V5-bugs
krb5_recvauth()
daemon@ATHENA.MIT.EDU (Ed Phillips)
Wed May 31 17:39:01 1995
Date: Wed, 31 May 1995 17:24:38 -0400 (EDT)
From: Ed Phillips <flaregun@udel.edu>
To: kerberos@MIT.EDU, krb5-bugs@MIT.EDU
krb5_recvauth() initializes/recovers a replay cache. It also
calls krb5_auth_con_setrcache(). However, this rcache is never freed up
in krb5_auth_con_free(). This is a major leak, considering every call to
krb5_recvauth() will leak the entire data structure and contents of the
replay cache. It seems that there is a problem here that needs
rethinking. If I understand it correctly, the auth context is
per-authentication or connection. It wouldn't be desirable IMHO to have
the rcache be loaded on a per-connection basis. It seems that the rcache
should be part of the krb5_context, where each process has it's own
rcache, but threads/connections share it. I can't imagine that we'd want
to load in the entire rcache, add entries to it, and save it back,
possible overwriting one that was updated and closed by another thread in
the same process.
Anyway, this is a major problem that needs to be addressed... I
just don't know what would be the accepted way to do this, so that I
don't have to retool again when the next version/beta/fixes come out.
Speaking of fixes,... are there any plans to release beta5, soon,
with the patches and fixes submitted so far?
Thanks,
Ed
+-------------------------------------------------------------------------+
| Ed Phillips <flaregun@udel.edu> University of Delaware (302) 831-6082 |
| Jr Systems Programmer, Network and Systems Services, Info. Technologies |
| Public key footprint: 1C D4 AC C2 A3 D5 97 AA DB 3B D8 85 88 E7 40 B8 |
| Finger flaregun@udel.edu for PGP public key |
+-------------------------------------------------------------------------+
