kadmin: Fix leak of dup context

This commit is contained in:
Nicolas Williams
2022-03-23 23:39:21 -05:00
parent 990250e462
commit 6b64ae2cde
5 changed files with 13 additions and 1 deletions

View File

@@ -158,6 +158,7 @@ cpw_entry(struct passwd_options *opt, int argc, char **argv)
int num;
krb5_key_data key_data[3];
data.kadm_handle = NULL;
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
if (ret)
krb5_err(context, 1, ret, "Could not duplicate kadmin connection");

View File

@@ -47,7 +47,7 @@ del_entry(void *opt, int argc, char **argv)
krb5_error_code ret = 0;
void *dup_kadm_handle = NULL;
ret = kadm5_dup_context(kadm_handle, &kadm_handle);
ret = kadm5_dup_context(kadm_handle, &dup_kadm_handle);
for (i = 0; ret == 0 && i < argc; i++)
ret = foreach_principal(argv[i], do_del_entry, "del", NULL);

View File

@@ -160,6 +160,7 @@ ext_keytab(struct ext_keytab_options *opt, int argc, char **argv)
const char *enctypes;
size_t i;
data.kadm_handle = NULL;
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
if (ret)
krb5_err(context, 1, ret, "Could not duplicate kadmin connection");

View File

@@ -592,6 +592,7 @@ getit(struct get_options *opt, const char *name, int argc, char **argv)
if (opt->terse_flag)
return listit(name, opt->upto_integer, argc, argv);
data.kadm_handle = NULL;
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
if (ret)
krb5_err(context, 1, ret, "Could not duplicate kadmin connection");

View File

@@ -406,6 +406,7 @@ mod_entry(struct modify_options *opt, int argc, char **argv)
struct mod_data data;
int i;
data.kadm_handle = NULL;
data.opt_ns_kr = NULL;
data.opt_ns = NULL;
data.opt = opt;
@@ -413,6 +414,8 @@ mod_entry(struct modify_options *opt, int argc, char **argv)
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
for (i = 0; ret == 0 && i < argc; i++)
ret = foreach_principal(argv[i], do_mod_entry, "mod", &data);
if (data.kadm_handle)
kadm5_destroy(data.kadm_handle);
return ret != 0;
}
@@ -469,6 +472,7 @@ modify_namespace(struct modify_namespace_options *opt, int argc, char **argv)
struct mod_data data;
int i;
data.kadm_handle = NULL;
data.opt_ns_kr = NULL;
data.opt_ns = opt;
data.opt = NULL;
@@ -476,6 +480,8 @@ modify_namespace(struct modify_namespace_options *opt, int argc, char **argv)
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
for (i = 0; ret == 0 && i < argc; i++)
ret = foreach_principal(argv[i], do_mod_ns_entry, "mod_ns", &data);
if (data.kadm_handle)
kadm5_destroy(data.kadm_handle);
return ret != 0;
}
@@ -690,6 +696,7 @@ modify_ns_kr(struct modify_namespace_key_rotation_options *opt,
struct mod_data data;
int i;
data.kadm_handle = NULL;
data.opt_ns_kr = opt;
data.opt_ns = NULL;
data.opt = NULL;
@@ -697,6 +704,8 @@ modify_ns_kr(struct modify_namespace_key_rotation_options *opt,
ret = kadm5_dup_context(kadm_handle, &data.kadm_handle);
for (i = 0; ret == 0 && i < argc; i++)
ret = foreach_principal(argv[i], do_mod_ns_kr, "mod_ns", opt);
if (data.kadm_handle)
kadm5_destroy(data.kadm_handle);
return ret != 0;
}