RFR: 8303809: Dispose context in SPNEGO NegotiatorImpl
Alexey Bakhtin
abakhtin at openjdk.org
Thu Mar 9 16:06:03 UTC 2023
On Wed, 8 Mar 2023 09:05:19 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> This patch fixes a possible native memory leak in case of a custom native GSS provider.
> The actual leak was reported in production.
>
> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests are passed
Unfortunately, there is no guarantee `NegotiatorImpl::nextToken` will be called.
At least in both `sun/security/krb5/auto/HttpNegotiateServer.java` and `sun/security/krb5/auto/HttpsCB.java` tests context is not established after the first `initSecContext` and `NegotiatorImpl::nextToken` is not called at all.
-------------
PR: https://git.openjdk.org/jdk/pull/12920
More information about the security-dev
mailing list