romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-22 04:26:20 +03:00
Code Issues Projects Releases Packages Wiki Activity

sspi: clear SSPI credentials on AcquireCredentialsHandle failure

Browse source 
- Clear credentials on AcquireCredentialsHandle failure so it is not
  used on a subsequent call.

SSPI initialization may evaluate the credentials pointer to determine
whether or not a prior call to AcquireCredentialsHandle was successful,
therefore we must clear it on a failed call.

Closes https://github.com/curl/curl/pull/21642
This commit is contained in:
penpal 2026-05-15 23:38:29 +05:45 committed by Jay Satiro
parent c30db7b6be
commit ba7b65f957
3 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/vauth/krb5_sspi.c
View file

@ -154,8 +154,11 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
SECPKG_CRED_OUTBOUND, NULL,
krb5->p_identity, NULL, NULL,
krb5->credentials, NULL);
if(status != SEC_E_OK)
if(status != SEC_E_OK) {
curlx_free(krb5->credentials);
krb5->credentials = NULL;
return CURLE_LOGIN_DENIED;
}
/* Allocate our new context handle */
krb5->context = curlx_calloc(1, sizeof(CtxtHandle));

5
lib/vauth/ntlm_sspi.c
View file

@ -139,8 +139,11 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
SECPKG_CRED_OUTBOUND, NULL,
ntlm->p_identity, NULL, NULL,
ntlm->credentials, NULL);
if(status != SEC_E_OK)
if(status != SEC_E_OK) {
curlx_free(ntlm->credentials);
ntlm->credentials = NULL;
return CURLE_LOGIN_DENIED;
}
/* Allocate our new context handle */
ntlm->context = curlx_calloc(1, sizeof(CtxtHandle));

5
lib/vauth/spnego_sspi.c
View file

@ -159,8 +159,11 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
SECPKG_CRED_OUTBOUND, NULL,
nego->p_identity, NULL, NULL,
nego->credentials, NULL);
if(nego->status != SEC_E_OK)
if(nego->status != SEC_E_OK) {
curlx_free(nego->credentials);
nego->credentials = NULL;
return CURLE_AUTH_ERROR;
}
/* Allocate our new context handle */
nego->context = curlx_calloc(1, sizeof(CtxtHandle));