RFR: 8303809: Dispose context in SPNEGO NegotiatorImpl
Daniel Fuchs
dfuchs at openjdk.org
Tue Mar 14 13:59:10 UTC 2023
On Thu, 9 Mar 2023 16:02:33 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> This patch fixes a possible native memory leak in case of a custom native GSS provider.
>> The actual leak was reported in production.
>>
>> sun/security/jgss, sun/security/krb5, sun/net/www/protocol/http jtreg tests are passed
>
> Unfortunately, there is no guarantee `NegotiatorImpl::nextToken` will be called.
> At least in both `sun/security/krb5/auto/HttpNegotiateServer.java` and `sun/security/krb5/auto/HttpsCB.java` tests context is not established after the first `initSecContext` and `NegotiatorImpl::nextToken` is not called at all.
Hi @alexeybakhtin, I will do some tests and come back to you here.
-------------
PR: https://git.openjdk.org/jdk/pull/12920
More information about the security-dev
mailing list