released in case of recovery, request be saved and delayed handed.
int rawobj_dup(rawobj_t *dest, rawobj_t *src);
int rawobj_serialize(rawobj_t *obj, __u32 **buf, __u32 *buflen);
int rawobj_extract(rawobj_t *obj, __u32 **buf, __u32 *buflen);
+int rawobj_extract_alloc(rawobj_t *obj, __u32 **buf, __u32 *buflen);
int rawobj_extract_local(rawobj_t *obj, __u32 **buf, __u32 *buflen);
/*
return __rawobj_extract(obj, buf, buflen, 0, 0);
}
+int rawobj_extract_alloc(rawobj_t *obj, __u32 **buf, __u32 *buflen)
+{
+ return __rawobj_extract(obj, buf, buflen, 1, 0);
+}
+
int rawobj_extract_local(rawobj_t *obj, __u32 **buf, __u32 *buflen)
{
return __rawobj_extract(obj, buf, buflen, 0, 1);
GOTO(err_free, rc = SVC_DROP);
}
- if (rawobj_extract(&gc->gc_ctx, &secdata, &seclen)) {
+ /* We _must_ alloc new storage for gc_ctx. In case of recovery
+ * request will be saved to delayed handling, at that time the
+ * incoming buffer might have already been released.
+ */
+ if (rawobj_extract_alloc(&gc->gc_ctx, &secdata, &seclen)) {
CERROR("fail to obtain gss context handle\n");
GOTO(err_free, rc = SVC_DROP);
}
return;
}
- /* gsd->clclred.gc_ctx is NOT allocated, just set pointer
- * to the incoming packet buffer, so don't need free it
- */
+ /* gc_ctx is allocated, see gss_svcsec_accept() */
+ rawobj_free(&gsd->clcred.gc_ctx);
+
OBD_FREE(gsd, sizeof(*gsd));
req->rq_svcsec_data = NULL;
return;