packages/krb5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
krb5/backport-Fix-LDAP-module-leak-on-authentication-error.patch

31 lines
1002 B
Diff
Raw Normal View History

backport patches to fix bugs (cherry picked from commit a232588500d7aa39f884aad25a6a939a6373231d)
2025-03-25 09:09:15 +08:00
From 85c93922232300b0316546a2fc6dd93c7e2906cd Mon Sep 17 00:00:00 2001
From: Feng Guo <gardonkoo@163.com>
Date: Thu, 28 Nov 2024 21:32:37 +0800
Subject: [PATCH] Fix LDAP module leak on authentication error
In initialize_server(), unbind the server handle if authenticate()
fails.
[ghudson@mit.edu: rewrote commit message]
ticket: 9153 (new)
---
src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
index 5e77d5e49..d19e2b761 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
@@ -189,6 +189,7 @@ initialize_server(krb5_ldap_context *ldap_context, krb5_ldap_server_info *info)
if (ret) {
info->server_status = OFF;
time(&info->downtime);
+ ldap_unbind_ext_s(server->ldap_handle, NULL, NULL);
free(server);
return ret;
}
--
2.33.0
Reference in New Issue Copy Permalink