aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch')
-rw-r--r--debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch36
1 files changed, 36 insertions, 0 deletions
diff --git a/debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch b/debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch
new file mode 100644
index 0000000..d4d1ab1
--- /dev/null
+++ b/debian/patches/credentials_expiring_real-check-if-kcontext-is-valid.patch
@@ -0,0 +1,36 @@
+From: =?utf-8?q?Guido_G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Fri, 7 Jul 2017 09:10:37 +0200
+Subject: credentials_expiring_real: check if kcontext is valid
+
+othewise we might crash when the credentials_expiring_once fires but
+we're already shutting down.
+
+LP: #1700468
+---
+ src/ka-kerberos.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/ka-kerberos.c b/src/ka-kerberos.c
+index 14fb03e..59f6b8b 100644
+--- a/src/ka-kerberos.c
++++ b/src/ka-kerberos.c
+@@ -222,6 +222,9 @@ credentials_expiring_real (KaApplet *applet)
+ krb5_timestamp now;
+ gboolean retval = FALSE;
+
++ if (!kcontext_valid)
++ return retval;
++
+ memset (&my_creds, 0, sizeof (my_creds));
+ ka_applet_set_tgt_renewable (applet, FALSE);
+ if (!ka_get_tgt_from_ccache (kcontext, &my_creds)) {
+@@ -947,8 +950,8 @@ static gboolean
+ ka_krb5_context_free ()
+ {
+ if (kcontext_valid) {
+- krb5_free_context (kcontext);
+ kcontext_valid = FALSE;
++ krb5_free_context (kcontext);
+ }
+ return TRUE;
+ }
bgstack15