|
 |
bf9677 |
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
|
|
|
bf9677 |
index c1e4d2b..3fb11e1 100644
|
|
|
bf9677 |
--- a/utils/gssd/krb5_util.c
|
|
|
bf9677 |
+++ b/utils/gssd/krb5_util.c
|
|
|
bf9677 |
@@ -702,6 +702,8 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
|
|
|
bf9677 |
"we failed to unparse principal name: %s\n",
|
|
|
bf9677 |
k5err);
|
|
|
bf9677 |
k5_free_kt_entry(context, kte);
|
|
|
bf9677 |
+ free(k5err);
|
|
|
bf9677 |
+ k5err = NULL;
|
|
|
bf9677 |
continue;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
printerr(4, "Processing keytab entry for principal '%s'\n",
|
|
|
bf9677 |
@@ -775,7 +777,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
|
|
|
bf9677 |
int tried_all = 0, tried_default = 0, tried_upper = 0;
|
|
|
bf9677 |
krb5_principal princ;
|
|
|
bf9677 |
const char *notsetstr = "not set";
|
|
|
bf9677 |
- char *adhostoverride;
|
|
|
bf9677 |
+ char *adhostoverride = NULL;
|
|
|
bf9677 |
|
|
|
bf9677 |
|
|
|
bf9677 |
/* Get full target hostname */
|
|
|
bf9677 |
@@ -801,7 +803,6 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
|
|
|
bf9677 |
adhostoverride);
|
|
|
bf9677 |
/* No overflow: Windows cannot handle strings longer than 19 chars */
|
|
|
bf9677 |
strcpy(myhostad, adhostoverride);
|
|
|
bf9677 |
- free(adhostoverride);
|
|
|
bf9677 |
} else {
|
|
|
bf9677 |
strcpy(myhostad, myhostname);
|
|
|
bf9677 |
for (i = 0; myhostad[i] != 0; ++i) {
|
|
|
bf9677 |
@@ -810,7 +811,9 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
|
|
|
bf9677 |
myhostad[i] = '$';
|
|
|
bf9677 |
myhostad[i+1] = 0;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
-
|
|
|
bf9677 |
+ if (adhostoverride)
|
|
|
bf9677 |
+ free(adhostoverride);
|
|
|
bf9677 |
+
|
|
|
bf9677 |
retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
|
|
|
bf9677 |
if (retval) {
|
|
|
bf9677 |
/* Don't use myhostname */
|
|
|
bf9677 |
@@ -898,6 +901,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
|
|
|
bf9677 |
k5err = gssd_k5_err_msg(context, code);
|
|
|
bf9677 |
printerr(1, "%s while building principal for '%s'\n",
|
|
|
bf9677 |
k5err, spn);
|
|
|
bf9677 |
+ free(k5err);
|
|
|
bf9677 |
+ k5err = NULL;
|
|
|
bf9677 |
continue;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
code = krb5_kt_get_entry(context, kt, princ, 0, 0, kte);
|
|
|
bf9677 |
@@ -906,6 +911,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
|
|
|
bf9677 |
k5err = gssd_k5_err_msg(context, code);
|
|
|
bf9677 |
printerr(3, "%s while getting keytab entry for '%s'\n",
|
|
|
bf9677 |
k5err, spn);
|
|
|
bf9677 |
+ free(k5err);
|
|
|
bf9677 |
+ k5err = NULL;
|
|
|
bf9677 |
/*
|
|
|
bf9677 |
* We tried the active directory machine account
|
|
|
bf9677 |
* with the hostname part as-is and failed...
|
|
|
bf9677 |
@@ -1167,7 +1174,8 @@ gssd_get_krb5_machine_cred_list(char ***list)
|
|
|
bf9677 |
*list = l;
|
|
|
bf9677 |
retval = 0;
|
|
|
bf9677 |
goto out;
|
|
|
bf9677 |
- }
|
|
|
bf9677 |
+ } else
|
|
|
bf9677 |
+ free((void *)l);
|
|
|
bf9677 |
out:
|
|
|
bf9677 |
return retval;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
@@ -1215,6 +1223,8 @@ gssd_destroy_krb5_machine_creds(void)
|
|
|
bf9677 |
printerr(0, "WARNING: %s while resolving credential "
|
|
|
bf9677 |
"cache '%s' for destruction\n", k5err,
|
|
|
bf9677 |
ple->ccname);
|
|
|
bf9677 |
+ free(k5err);
|
|
|
bf9677 |
+ k5err = NULL;
|
|
|
bf9677 |
continue;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
|
|
|
bf9677 |
@@ -1222,6 +1232,8 @@ gssd_destroy_krb5_machine_creds(void)
|
|
|
bf9677 |
k5err = gssd_k5_err_msg(context, code);
|
|
|
bf9677 |
printerr(0, "WARNING: %s while destroying credential "
|
|
|
bf9677 |
"cache '%s'\n", k5err, ple->ccname);
|
|
|
bf9677 |
+ free(k5err);
|
|
|
bf9677 |
+ k5err = NULL;
|
|
|
bf9677 |
}
|
|
|
bf9677 |
}
|
|
|
bf9677 |
krb5_free_context(context);
|