Fix freenig of names in Kerberos when using MIT - need to use the
free function provided in the Kerberos library. This fixes a very hard to track down heap corruption on windows when using debug runtimes.
This commit is contained in:
Magnus Hagander
parent
05c4d8f783
commit
6771994058
5 changed files with 87 additions and 4 deletions
58
configure
vendored
58
configure
vendored
|
|
@ -14398,6 +14398,64 @@ fi
|
|||
|
||||
fi
|
||||
|
||||
|
||||
# Win32 requires headers to be loaded for __stdcall, so can't use
|
||||
# AC_CHECK_FUNCS here.
|
||||
echo "$as_me:$LINENO: checking for krb5_free_unparsed_name" >&5
|
||||
echo $ECHO_N "checking for krb5_free_unparsed_name... $ECHO_C" >&6
|
||||
cat >conftest.$ac_ext <<_ACEOF
|
||||
/* confdefs.h. */
|
||||
_ACEOF
|
||||
cat confdefs.h >>conftest.$ac_ext
|
||||
cat >>conftest.$ac_ext <<_ACEOF
|
||||
/* end confdefs.h. */
|
||||
#include <krb5.h>
|
||||
int
|
||||
main ()
|
||||
{
|
||||
krb5_free_unparsed_name(NULL,NULL);
|
||||
;
|
||||
return 0;
|
||||
}
|
||||
_ACEOF
|
||||
rm -f conftest.$ac_objext conftest$ac_exeext
|
||||
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
|
||||
(eval $ac_link) 2>conftest.er1
|
||||
ac_status=$?
|
||||
grep -v '^ *+' conftest.er1 >conftest.err
|
||||
rm -f conftest.er1
|
||||
cat conftest.err >&5
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); } &&
|
||||
{ ac_try='test -z "$ac_c_werror_flag"
|
||||
|| test ! -s conftest.err'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; } &&
|
||||
{ ac_try='test -s conftest$ac_exeext'
|
||||
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
|
||||
(eval $ac_try) 2>&5
|
||||
ac_status=$?
|
||||
echo "$as_me:$LINENO: \$? = $ac_status" >&5
|
||||
(exit $ac_status); }; }; then
|
||||
|
||||
cat >>confdefs.h <<\_ACEOF
|
||||
#define HAVE_KRB5_FREE_UNPARSED_NAME 1
|
||||
_ACEOF
|
||||
|
||||
echo "$as_me:$LINENO: result: yes" >&5
|
||||
echo "${ECHO_T}yes" >&6
|
||||
else
|
||||
echo "$as_me: failed program was:" >&5
|
||||
sed 's/^/| /' conftest.$ac_ext >&5
|
||||
|
||||
echo "$as_me:$LINENO: result: no" >&5
|
||||
echo "${ECHO_T}no" >&6
|
||||
fi
|
||||
rm -f conftest.err conftest.$ac_objext \
|
||||
conftest$ac_exeext conftest.$ac_ext
|
||||
fi
|
||||
|
||||
|
||||
|
|
|
|||
11
configure.in
11
configure.in
|
|
@ -1,5 +1,5 @@
|
|||
dnl Process this file with autoconf to produce a configure script.
|
||||
dnl $PostgreSQL: pgsql/configure.in,v 1.518 2007/07/10 16:41:01 tgl Exp $
|
||||
dnl $PostgreSQL: pgsql/configure.in,v 1.519 2007/07/12 14:10:39 mha Exp $
|
||||
dnl
|
||||
dnl Developers, please strive to achieve this order:
|
||||
dnl
|
||||
|
|
@ -965,6 +965,15 @@ if test "$with_krb5" = yes; then
|
|||
[AC_MSG_ERROR([could not determine how to extract Kerberos 5 error messages])],
|
||||
[#include <krb5.h>])],
|
||||
[#include <krb5.h>])
|
||||
|
||||
# Win32 requires headers to be loaded for __stdcall, so can't use
|
||||
# AC_CHECK_FUNCS here.
|
||||
AC_MSG_CHECKING(for krb5_free_unparsed_name)
|
||||
AC_TRY_LINK([#include <krb5.h>],
|
||||
[krb5_free_unparsed_name(NULL,NULL);],
|
||||
[AC_DEFINE(HAVE_KRB5_FREE_UNPARSED_NAME, 1, [Define to 1 if you have krb5_free_unparsed_name])
|
||||
AC_MSG_RESULT(yes)],
|
||||
[AC_MSG_RESULT(no)])
|
||||
fi
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -214,6 +214,9 @@
|
|||
/* Define to 1 if `text.data' is member of `krb5_error'. */
|
||||
#undef HAVE_KRB5_ERROR_TEXT_DATA
|
||||
|
||||
/* Define to 1 if you have krb5_free_unparsed_name */
|
||||
#undef HAVE_KRB5_FREE_UNPARSED_NAME
|
||||
|
||||
/* Define to 1 if `client' is member of `krb5_ticket'. */
|
||||
#undef HAVE_KRB5_TICKET_CLIENT
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
* exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.124 2007/07/10 13:14:21 mha Exp $
|
||||
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.125 2007/07/12 14:10:39 mha Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
|
@ -63,6 +63,18 @@
|
|||
#include <com_err.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Heimdal doesn't have a free function for unparsed names. Just pass it to
|
||||
* standard free() which should work in these cases.
|
||||
*/
|
||||
#ifndef HAVE_KRB5_FREE_UNPARSED_NAME
|
||||
static void
|
||||
krb5_free_unparsed_name(krb5_context context, char *val)
|
||||
{
|
||||
free(val);
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* pg_an_to_ln -- return the local name corresponding to an authentication
|
||||
* name
|
||||
|
|
@ -180,8 +192,8 @@ pg_krb5_destroy(struct krb5_info * info)
|
|||
{
|
||||
krb5_free_principal(info->pg_krb5_context, info->pg_krb5_client);
|
||||
krb5_cc_close(info->pg_krb5_context, info->pg_krb5_ccache);
|
||||
krb5_free_unparsed_name(info->pg_krb5_context, info->pg_krb5_name);
|
||||
krb5_free_context(info->pg_krb5_context);
|
||||
free(info->pg_krb5_name);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ package Solution;
|
|||
#
|
||||
# Package that encapsulates a Visual C++ solution file generation
|
||||
#
|
||||
# $PostgreSQL: pgsql/src/tools/msvc/Solution.pm,v 1.27 2007/06/20 17:19:00 adunstan Exp $
|
||||
# $PostgreSQL: pgsql/src/tools/msvc/Solution.pm,v 1.28 2007/07/12 14:10:39 mha Exp $
|
||||
#
|
||||
use Carp;
|
||||
use strict;
|
||||
|
|
@ -123,6 +123,7 @@ s{PG_VERSION_STR "[^"]+"}{__STRINGIFY(x) #x\n#define __STRINGIFY2(z) __STRINGIFY
|
|||
print O "#define KRB5 1\n";
|
||||
print O "#define HAVE_KRB5_ERROR_TEXT_DATA 1\n";
|
||||
print O "#define HAVE_KRB5_TICKET_ENC_PART2 1\n";
|
||||
print O "#define HAVE_KRB5_FREE_UNPARSED_NAME 1\n";
|
||||
print O "#define PG_KRB_SRVNAM \"postgres\"\n";
|
||||
}
|
||||
if (my $port = $self->{options}->{"--with-pgport"})
|
||||
|
|
|
|||
Loading…
Reference in a new issue