diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index cf1fcf0d6..fd9a0ef7a 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -87,8 +87,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, return CURLE_LOGIN_DENIED; } - /* Generate our SPN */ if(!nego->spn) { + /* Generate our SPN */ char *spn = Curl_auth_build_gssapi_spn(service, host); if(!spn) return CURLE_OUT_OF_MEMORY; @@ -113,7 +113,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, free(spn); } - if(chlg64 && strlen(chlg64)) { + if(chlg64 && *chlg64) { /* Decode the base-64 encoded challenge message */ if(*chlg64 != '=') { result = Curl_base64_decode(chlg64, &chlg, &chlglen); @@ -144,6 +144,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, &output_token, TRUE, NULL); + + /* Free the decoded challenge as it is not required anymore */ Curl_safefree(input_token.value); nego->status = major_status; diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index acab2bc9d..3dc5ccaeb 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -88,8 +88,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, return CURLE_LOGIN_DENIED; } - /* Generate our SPN */ if(!nego->spn) { + /* Generate our SPN */ nego->spn = Curl_auth_build_spn(service, host); if(!nego->spn) return CURLE_OUT_OF_MEMORY; @@ -115,6 +115,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, } if(!nego->credentials) { + /* Do we have credientials to use or are we using single sign-on? */ if(user && *user) { /* Populate our identity structure */ result = Curl_create_sspi_identity(user, password, &nego->identity); @@ -153,7 +154,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, memset(nego->context, 0, sizeof(CtxtHandle)); } - if(chlg64 && strlen(chlg64)) { + if(chlg64 && *chlg64) { /* Decode the base-64 encoded challenge message */ if(*chlg64 != '=') { result = Curl_base64_decode(chlg64, &chlg, &chlglen); @@ -197,8 +198,10 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, &resp_desc, &attrs, &expiry); + /* Free the decoded challenge as it is not required anymore */ + free(chlg); + if(GSS_ERROR(nego->status)) { - free(chlg); return CURLE_OUT_OF_MEMORY; } @@ -206,16 +209,12 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data, nego->status == SEC_I_COMPLETE_AND_CONTINUE) { nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc); if(GSS_ERROR(nego->status)) { - free(chlg); return CURLE_RECV_ERROR; } } nego->output_token_length = resp_buf.cbBuffer; - /* Free the decoded challenge */ - free(chlg); - return result; }