Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16359/adminutil/lib/libadmsslutil
Modified Files:
srvutilssl.c uginfossl.c
Log Message:
Bug: 213788
Description: Admin Server cannot talk to SSL Config DS - additional mem leaks
Reviewed by: nkinder (Thanks!)
Fix Description: Fix additional memory leaks caused by not freeing the return
values of the admldapGet*() functions, and fixed more places where we were
not calling ldap_unbind(ld) to free and clean up the LDAP handle.
Platform: FC5
Index: srvutilssl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/srvutilssl.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- srvutilssl.c 16 Nov 2005 18:50:15 -0000 1.2
+++ srvutilssl.c 3 Nov 2006 21:26:35 -0000 1.3
@@ -28,6 +28,8 @@
{
char *domainDN = NULL, *isie = NULL, *sie = NULL;
char *ptr = NULL, *adminName = NULL;
+ char *host = NULL;
+ char *siepwd = NULL;
PsetHndl domainPset;
int errorCode;
AttrNameList nl;
@@ -59,20 +61,27 @@
adminName++;
/* Use domainDN to create a pset */
- domainPset = psetRealCreateSSL(admldapGetHost(info),
+ host = admldapGetHost(info);
+ siepwd = admldapGetSIEPWD(info);
+ domainPset = psetRealCreateSSL(host,
admldapGetPort(info),
admldapGetSecurity(info),
domainDN,
sie,
- admldapGetSIEPWD(info),
+ siepwd,
NULL,
&errorCode);
+ PR_Free(host);
+ host = NULL;
+ PR_Free(siepwd);
+ siepwd = NULL;
if (!domainPset) goto err;
nl = retrieveSIEs(domainPset, domainDN, adminName);
psetDelete(domainPset); /* free sie, domainDN, internally */
+ if (sie) PR_Free(sie);
if (isie) PR_Free(isie);
return nl;
@@ -86,7 +95,10 @@
PR_IMPLEMENT(AttributeList)
getInstalledServerDNListSSL(AdmldapInfo info)
{
- char *domainDN, *isie;
+ char *domainDN, *isie = NULL;
+ char *host = NULL;
+ char *siedn = NULL;
+ char *siepwd = NULL;
PsetHndl domainPset;
int errorCode;
AttributeList resultList;
@@ -94,29 +106,40 @@
isie = admldapGetISIEDN(info);
domainDN=strchr(isie, ',');
- if (!domainDN) return NULL;
+ if (!domainDN) goto err;
domainDN++;
while (*domainDN == ' ' && *domainDN != '\0') domainDN++;
- if (*domainDN == '\0') return NULL;
+ if (*domainDN == '\0') goto err;
/* Use domainDN to create a pset */
- domainPset = psetRealCreateSSL(admldapGetHost(info),
+ host = admldapGetHost(info);
+ siedn = admldapGetSIEDN(info);
+ siepwd = admldapGetSIEPWD(info);
+ domainPset = psetRealCreateSSL(host,
admldapGetPort(info),
admldapGetSecurity(info),
domainDN,
- admldapGetSIEDN(info),
- admldapGetSIEPWD(info),
+ siedn,
+ siepwd,
NULL,
&errorCode);
-
- if (!domainPset) return NULL;
+ PR_Free(host);
+ host = NULL;
+ PR_Free(siedn);
+ siedn = NULL;
+ PR_Free(siepwd);
+ siepwd = NULL;
+ if (!domainPset) goto err;
resultList = retrieveISIEs(domainPset, domainDN);
psetDelete(domainPset);
return resultList;
+err:
+ if (isie) PR_Free(isie);
+ return NULL;
}
Index: uginfossl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/uginfossl.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- uginfossl.c 20 Jul 2005 22:51:33 -0000 1.1.1.1
+++ uginfossl.c 3 Nov 2006 21:26:35 -0000 1.2
@@ -41,6 +41,7 @@
char *username = 0;
char *binddn = 0;
char *bindpw = 0;
+ char *host = 0;
LDAP *ld;
int rv, err;
int ldapError;
@@ -72,12 +73,15 @@
if (strcmp(username, localAdmin)) {
*error_code = ADMUTIL_ENV_ERR;
destroyAdmldap(ldapInfo);
+ PL_strfree(localAdmin);
return NULL;
}
else {
binddn = admldapGetSIEDN(ldapInfo);
bindpw = admldapGetSIEPWD(ldapInfo);
}
+ PL_strfree(localAdmin);
+ localAdmin = NULL;
}
else {
*error_code = ADMUTIL_ENV_ERR;
@@ -94,22 +98,30 @@
*error_code = ADMUTIL_OP_OK;
+ host = admldapGetHost(ldapInfo);
if (admldapGetSecurity(ldapInfo))
- ld = ldapssl_init(admldapGetHost(ldapInfo), admldapGetPort(ldapInfo), 1);
+ ld = ldapssl_init(host, admldapGetPort(ldapInfo), 1);
else
- ld = ldap_init(admldapGetHost(ldapInfo), admldapGetPort(ldapInfo));
+ ld = ldap_init(host, admldapGetPort(ldapInfo));
+ PL_strfree(host);
+ host = NULL;
if (!ld) {
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
+ PL_strfree(binddn);
+ PL_strfree(bindpw);
return NULL;
}
+ ldapError = ldap_simple_bind_s(ld,
+ binddn,
+ bindpw);
+ PL_strfree(binddn);
+ PL_strfree(bindpw);
+
/* authenticate to LDAP server*/
- if ((ldapError = ldap_simple_bind_s(ld,
- binddn,
- bindpw))
- != LDAP_SUCCESS ) {
+ if (ldapError != LDAP_SUCCESS) {
#ifdef LDAP_DEBUG
ldap_perror(ld, "ldap_simple_bind_s");
#endif
@@ -118,6 +130,7 @@
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
+ ldap_unbind(ld);
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
return NULL;
@@ -125,6 +138,7 @@
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
+ ldap_unbind(ld);
*error_code = ADMUTIL_LDAP_ERR;
destroyAdmldap(ldapInfo);
return NULL;