Add free_principal_e_data KDB method

Add an optional method to kdb_vftabl to free e_data pointer in a principal entry, in case it was populated by a module using a more complex structure than a single memory region. [ghudson@mit.edu: handled minor version bump; simplified code; rewrote commit message] ticket: 8538 target_version: 1.15-next tags: pullup
krb5 · Jan 19, 2017 · 87d8d1c · 87d8d1c
1 parent 50605ef
commit 87d8d1c
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 1 deletion.
diff --git a/src/include/kdb.h b/src/include/kdb.h
@@ -1382,6 +1382,17 @@ typedef struct _kdb_vftabl {
                                                  krb5_const_principal client,
                                                  const krb5_db_entry *server,
                                                  krb5_const_principal proxy);
+
+    /* End of minor version 0. */
+
+    /*
+     * Optional: Free the e_data pointer of a database entry.  If this method
+     * is not implemented, the e_data pointer in principal entries will be
+     * freed with free() as seen by libkdb5.
+     */
+    void (*free_principal_e_data)(krb5_context kcontext, krb5_octet *e_data);
+
+    /* End of minor version 1 for major version 6. */
 } kdb_vftabl;
 
 #endif /* !defined(_WIN32) */

diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c
@@ -323,6 +323,12 @@ copy_vtable(const kdb_vftabl *in, kdb_vftabl *out)
     out->refresh_config = in->refresh_config;
     out->check_allowed_to_delegate = in->check_allowed_to_delegate;
 
+    /* Copy fields for minor version 1 (major version 6). */
+    assert(KRB5_KDB_DAL_MAJOR_VERSION == 6);
+    out->free_principal_e_data = NULL;
+    if (in->min_ver >= 1)
+        out->free_principal_e_data = in->free_principal_e_data;
+
     /* Set defaults for optional fields. */
     if (out->fetch_master_key == NULL)
         out->fetch_master_key = krb5_db_def_fetch_mkey;
@@ -820,11 +826,17 @@ free_tl_data(krb5_tl_data *list)
 void
 krb5_db_free_principal(krb5_context kcontext, krb5_db_entry *entry)
 {
+    kdb_vftabl *v;
     int i;
 
     if (entry == NULL)
         return;
-    free(entry->e_data);
+    if (entry->e_data != NULL) {
+        if (get_vftabl(kcontext, &v) == 0 && v->free_principal_e_data != NULL)
+            v->free_principal_e_data(kcontext, entry->e_data);
+        else
+            free(entry->e_data);
+    }
     krb5_free_principal(kcontext, entry->princ);
     free_tl_data(entry->tl_data);
     for (i = 0; i < entry->n_key_data; i++)