53 lines
1.8 KiB
Diff
53 lines
1.8 KiB
Diff
From eca00ef4719c44c4e68ead3346a16229b6471d13 Mon Sep 17 00:00:00 2001
|
|
From: Alexey Tikhonov <atikhono@redhat.com>
|
|
Date: Tue, 20 Jun 2023 17:41:36 +0200
|
|
Subject: [PATCH] LDAP: fixed leak of `kprinc`
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Reviewed-by: Alejandro López <allopez@redhat.com>
|
|
Reviewed-by: Tomáš Halman <thalman@redhat.com>
|
|
|
|
Reference: https://github.com/SSSD/sssd/commit/eca00ef4719c44c4e68ead3346a16229b6471d13
|
|
Conflict: NA
|
|
---
|
|
src/providers/ldap/ldap_child.c | 12 ++++++------
|
|
1 file changed, 6 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
|
|
index 6ad2fb63a..6c167d239 100644
|
|
--- a/src/providers/ldap/ldap_child.c
|
|
+++ b/src/providers/ldap/ldap_child.c
|
|
@@ -367,12 +367,6 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
|
|
}
|
|
DEBUG(SSSDBG_CONF_SETTINGS, "Principal name is: [%s]\n", full_princ);
|
|
|
|
- krberr = krb5_parse_name(context, full_princ, &kprinc);
|
|
- if (krberr != 0) {
|
|
- DEBUG(SSSDBG_OP_FAILURE, "krb5_parse_name() failed: %d\n", krberr);
|
|
- goto done;
|
|
- }
|
|
-
|
|
if (keytab_name) {
|
|
krberr = krb5_kt_resolve(context, keytab_name, &keytab);
|
|
} else {
|
|
@@ -447,8 +441,14 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
|
|
goto done;
|
|
}
|
|
|
|
+ krberr = krb5_parse_name(context, full_princ, &kprinc);
|
|
+ if (krberr != 0) {
|
|
+ DEBUG(SSSDBG_OP_FAILURE, "krb5_parse_name() failed: %d\n", krberr);
|
|
+ goto done;
|
|
+ }
|
|
krberr = krb5_get_init_creds_keytab(context, &my_creds, kprinc,
|
|
keytab, 0, NULL, options);
|
|
+ krb5_free_principal(context, kprinc);
|
|
if (krberr != 0) {
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"krb5_get_init_creds_keytab() failed: %d\n", krberr);
|
|
--
|
|
2.27.0
|
|
|