LDAP: unlink ccname_file_dummy if there is an error

https://fedorahosted.org/sssd/ticket/2592

If there is an error after ccname_file_dummy is created but before it is
renamed then the file isn't removed.  This can cause a lot of files to be
created and take up inodes in a filesystem.

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 2b20ff2e33ad3993a9cad910c4b4b828513613df)
(cherry picked from commit 0b5036e4c652e6983a3352c045c8701d6573587b)

1 files changed, 11 insertions, 1 deletions

diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
index e9aebf5a6..774cff9c2 100644
--- a/src/providers/ldap/ldap_child.c
+++ b/src/providers/ldap/ldap_child.c
@@ -489,16 +489,26 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx,
               "rename failed [%d][%s].\n", ret, strerror(ret));
         goto done;
     }
+    ccname_file_dummy = NULL;
 
     krberr = 0;
     *ccname_out = talloc_steal(memctx, ccname);
     *expire_time_out = my_creds.times.endtime - kdc_time_offset;
 
 done:
-    talloc_free(tmp_ctx);
     if (krberr != 0) KRB5_SYSLOG(krberr);
     if (keytab) krb5_kt_close(context, keytab);
     if (context) krb5_free_context(context);
+    if (ccname_file_dummy) {
+        DEBUG(SSSDBG_TRACE_INTERNAL, "Unlinking [%s]\n", ccname_file_dummy);
+        ret = unlink(ccname_file_dummy);
+        if (ret == -1) {
+            ret = errno;
+            DEBUG(SSSDBG_MINOR_FAILURE,
+                  "Unlink failed [%d][%s].\n", ret, strerror(ret));
+        }
+    }
+    talloc_free(tmp_ctx);
     return krberr;
 }