Fixed file gss context leak

microsoft · Jul 11, 2017 · 9ed6742 · 9ed6742
1 parent 1224245
commit 9ed6742
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 0 deletions.
diff --git a/Unix/http/http.c b/Unix/http/http.c
@@ -1215,6 +1215,7 @@ static MI_Boolean _RequestCallback(
 
         trace_SocketClose_REMOVEDESTROY();
 
+        HttpAuth_Close(handlerIn);
         Sock_Close(handler->handler.sock);
 
         // Free the savedSendMsg and ACK it to prevent leaks when a non-io thread
@@ -1461,6 +1462,7 @@ static MI_Boolean _ListenerCallback(
         if (r != MI_RESULT_OK)
         {
             trace_SockSetBlocking_Failed();
+            HttpAuth_Close(handler_);
             Sock_Close(s);
             return MI_TRUE;
         }
@@ -1471,6 +1473,7 @@ static MI_Boolean _ListenerCallback(
         if (!h)
         {
             trace_SocketClose_Http_SR_SocketDataAllocFailed();
+            HttpAuth_Close(handler_);
             Sock_Close(s);
             return MI_TRUE;
         }
@@ -1492,6 +1495,7 @@ static MI_Boolean _ListenerCallback(
         {
             Strand_Delete(&h->strand);
             trace_SocketClose_recvBuffer_AllocFailed();
+            HttpAuth_Close(handler_);
             Sock_Close(s);
             return MI_TRUE;
         }
@@ -1512,6 +1516,7 @@ static MI_Boolean _ListenerCallback(
             {
                 trace_SSLNew_Failed();
                 Strand_Delete(&h->strand);
+                HttpAuth_Close(handler_);
                 Sock_Close(s);
                 return MI_TRUE;
             }
@@ -1521,6 +1526,7 @@ static MI_Boolean _ListenerCallback(
                 trace_SSL_setfd_Failed();
                 SSL_free(h->ssl);
                 Strand_Delete(&h->strand);
+                HttpAuth_Close(handler_);
                 Sock_Close(s);
                 return MI_TRUE;
             }
@@ -1535,6 +1541,7 @@ static MI_Boolean _ListenerCallback(
             if (handler->secure)
                 SSL_free(h->ssl);
             Strand_Delete(&h->strand);
+            HttpAuth_Close(handler_);
             Sock_Close(s);
             return MI_TRUE;
         }
@@ -1553,6 +1560,7 @@ static MI_Boolean _ListenerCallback(
         (mask & SELECTOR_DESTROY) != 0)
     {
         trace_SocketClose_REMOVEDESTROY();
+        HttpAuth_Close(handler_);
         Sock_Close(handler->base.sock);
         PAL_Free(handler);
     }

diff --git a/Unix/http/http_private.h b/Unix/http/http_private.h
@@ -165,6 +165,8 @@ MI_Boolean Http_DecryptData(_In_ Http_SR_SocketData * handler, _Out_ HttpHeaders
 MI_Boolean 
 Http_EncryptData(_In_ Http_SR_SocketData *handler, int contentLen, int contentTypeLen, char *contentType, _Out_ Page ** pData);
 
+void HttpAuth_Close(_In_ Handler *handlerIn);
+
 //struct gss_buffer_desc_struct;
 //char *DecodeToken(struct gss_buffer_desc_struct *token);
 #endif
diff --git a/Unix/http/httpauth.c b/Unix/http/httpauth.c
@@ -2035,3 +2035,17 @@ MI_Boolean IsClientAuthorized(_In_ Http_SR_SocketData * handler)
   Done:
     return authorised;
 }
+
+
+void HttpAuth_Close(_In_ Handler *handlerIn)
+{
+   Http_SR_SocketData* handler = FromOffset( Http_SR_SocketData, handler, handlerIn );
+   gss_ctx_id_t context_hdl = handler->pAuthContext;
+   OM_uint32 min_stat = 0;
+
+   if (_g_gssState.Gss_Delete_Sec_Context && handlerIn && context_hdl) 
+   {
+       (*_g_gssState.Gss_Delete_Sec_Context)(&min_stat, &context_hdl, NULL);
+   }
+}
+