diff --git a/krb5-master-keytab_close.patch b/krb5-master-keytab_close.patch deleted file mode 100644 index d020ae6..0000000 --- a/krb5-master-keytab_close.patch +++ /dev/null @@ -1,39 +0,0 @@ -commit decccbcb5075f8fbc28a535a9b337afc84a15dee -Author: Greg Hudson -Date: Mon Dec 16 15:37:56 2013 -0500 - - Fix GSS krb5 acceptor acquire_cred error handling - - When acquiring acceptor creds with a specified name, if we fail to - open a replay cache, we leak the keytab handle. If there is no - specified name and we discover that there is no content in the keytab, - we leak the keytab handle and return the wrong major code. Memory - leak reported by Andrea Campi. - - ticket: 7805 - target_version: 1.12.1 - tags: pullup - -diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c -index 0efcad4..9547207 100644 ---- a/src/lib/gssapi/krb5/acquire_cred.c -+++ b/src/lib/gssapi/krb5/acquire_cred.c -@@ -225,6 +225,7 @@ acquire_accept_cred(krb5_context context, - code = krb5_get_server_rcache(context, &cred->name->princ->data[0], - &cred->rcache); - if (code) { -+ krb5_kt_close(context, kt); - *minor_status = code; - return GSS_S_FAILURE; - } -@@ -232,8 +233,9 @@ acquire_accept_cred(krb5_context context, - /* Make sure we have a keytab with keys in it. */ - code = krb5_kt_have_content(context, kt); - if (code) { -+ krb5_kt_close(context, kt); - *minor_status = code; -- return GSS_S_FAILURE; -+ return GSS_S_CRED_UNAVAIL; - } - } - diff --git a/krb5.spec b/krb5.spec index 20e9d43..1e09f0e 100644 --- a/krb5.spec +++ b/krb5.spec @@ -90,7 +90,6 @@ Patch86: krb5-1.9-debuginfo.patch Patch105: krb5-kvno-230379.patch Patch129: krb5-1.11-run_user_0.patch Patch134: krb5-1.11-kpasswdtest.patch -Patch138: krb5-master-keytab_close.patch Patch139: krb5-1.12-copy_context.patch Patch140: krb5-master-spnego_error_messages.patch Patch141: krb5-1.12-enable-NX.patch @@ -313,7 +312,6 @@ ln -s NOTICE LICENSE %patch71 -p1 -b .dirsrv-accountlock %{?_rawbuild} %patch86 -p0 -b .debuginfo %patch105 -p1 -b .kvno -%patch138 -p1 -b .keytab_close %patch139 -p1 -b .copy_context %patch140 -p1 -b .spnego_error_messages %patch141 -p1 -b .enable-NX @@ -977,6 +975,7 @@ exit 0 - drop patch for RT#7794, included now - drop patch for RT#7797, included now - drop patch for RT#7803, included now + - drop patch for RT#7805, included now * Mon Jan 13 2014 Nalin Dahyabhai - 1.12-11 - update the PIC patch for iaesx86.s to not use ELF relocations to the version