CRYPTO: Do not call NSS_Shutdown after every operation

Calling setup and teardown on every encryption cases issues like the one
described in https://bugzilla.redhat.com/show_bug.cgi?id=1456151
eventually.

Similarly to other crypto functions, don't tear down NSS by calling
NSS_Shutdown. Let the OS reclaim the resources.

Resolves:
https://pagure.io/SSSD/sssd/issue/3424

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>

2 files changed, 0 insertions, 4 deletions

diff --git a/src/util/crypto/nss/nss_nite.c b/src/util/crypto/nss/nss_nite.c
index 3641e0512..db3cefa95 100644
--- a/src/util/crypto/nss/nss_nite.c
+++ b/src/util/crypto/nss/nss_nite.c
@@ -167,7 +167,6 @@ int sss_encrypt(TALLOC_CTX *mem_ctx, enum encmethod enctype,
 
 done:
     talloc_free(tmp_ctx);
-    nspr_nss_cleanup();
     return ret;
 }
 
@@ -300,6 +299,5 @@ int sss_decrypt(TALLOC_CTX *mem_ctx, enum encmethod enctype,
 
 done:
     talloc_free(tmp_ctx);
-    nspr_nss_cleanup();
     return ret;
 }
diff --git a/src/util/crypto/nss/nss_obfuscate.c b/src/util/crypto/nss/nss_obfuscate.c
index a55f22b6d..df9c41b3a 100644
--- a/src/util/crypto/nss/nss_obfuscate.c
+++ b/src/util/crypto/nss/nss_obfuscate.c
@@ -189,7 +189,6 @@ int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
     ret = EOK;
 done:
     talloc_free(tmp_ctx);
-    nspr_nss_cleanup();
     return ret;
 }
 
@@ -325,6 +324,5 @@ int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded,
     ret = EOK;
 done:
     talloc_free(tmp_ctx);
-    nspr_nss_cleanup();
     return ret;
 }