From 69905bf968003216d444fc68d8597e139362f2e6 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 27 Jun 2012 09:59:57 -0400 Subject: KRB5: Drop memctx parameter of krb5_try_kdcip This function is not supposed to return any newly-allocated memory directly. It was actually leaking the memory for krb5_servers if krb5_kdcip was being used, though it was undetectable because it was allocated on the provided memctx. This patch removes the memctx parameter and allocates krb5_servers temporarily on NULL and ensures that it is freed on all exit conditions. It is not necessary to retain this memory, as dp_opt_set_string() performs a talloc_strdup onto the appropriate context internally. It also updates the DEBUG messages for this function to the appropriate new macro levels. --- src/providers/ldap/ldap_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/providers/ldap/ldap_common.c') diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 64c06cd5..84857549 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -289,7 +289,7 @@ int ldap_get_options(TALLOC_CTX *memctx, /* If there is no KDC, try the deprecated krb5_kdcip option, too */ /* FIXME - this can be removed in a future version */ - ret = krb5_try_kdcip(memctx, cdb, conf_path, opts->basic, SDAP_KRB5_KDC); + ret = krb5_try_kdcip(cdb, conf_path, opts->basic, SDAP_KRB5_KDC); if (ret != EOK) { DEBUG(1, ("sss_krb5_try_kdcip failed.\n")); goto done; -- cgit