summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRich Megginson <rmeggins@redhat.com>2008-08-27 21:56:07 +0000
committerRich Megginson <rmeggins@redhat.com>2008-08-27 21:56:07 +0000
commit921dcc35ed8f37b5c8d9c899db603af1adff8758 (patch)
tree0d6231236b08e8062a32b51047b6048572d801c4
parent446134bf3bd4d85433738bb257dba18269c32980 (diff)
downloadds-921dcc35ed8f37b5c8d9c899db603af1adff8758.tar.gz
ds-921dcc35ed8f37b5c8d9c899db603af1adff8758.tar.xz
ds-921dcc35ed8f37b5c8d9c899db603af1adff8758.zip
Resolves: bug 460381FedoraDirSvr_1_1_2_RC_20080828FedoraDirSvr_1_1_2_RC
Bug Description: various valgrind reported startup memory leaks Reviewed by: nhosoi (Thanks!) Files: see diff Branch: HEAD Fix Description: These memory leaks are not serious, but they do create a lot of noise in valgrind. Platforms tested: RHEL5, Fedora 8 Flag Day: no Doc impact: no
Diffstat
-rw-r--r--ldap/servers/slapd/auth.c2
-rw-r--r--ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c7
-rw-r--r--ldap/servers/slapd/dynalib.c2
-rw-r--r--ldap/servers/slapd/proto-slap.h2
-rw-r--r--ldap/servers/slapd/security_wrappers.c9
-rw-r--r--ldap/servers/slapd/ssl.c7
6 files changed, 27 insertions, 2 deletions
diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c
index 023c5f85..6e6ffe14 100644
--- a/ldap/servers/slapd/auth.c
+++ b/ldap/servers/slapd/auth.c
@@ -290,8 +290,10 @@ client_auth_init ()
LDAPDebug (LDAP_DEBUG_ANY,
"client_auth_init: failed to duplicate \"%s/certmap\"\n",
confdir, 0, 0);
+ slapi_ch_free_string(&confdir);
return;
}
+ slapi_ch_free_string(&confdir);
}
err = ldaputil_init (client_auth_config_file, "", NULL, "slapd", NULL);
if (err != LDAPU_SUCCESS) {
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
index ef031eeb..bf8d8439 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
@@ -468,6 +468,7 @@ attrcrypt_init(ldbm_instance *li)
ret = attrcrypt_cipher_init(li, ace, private_key, public_key, acs);
if (ret) {
LDAPDebug(LDAP_DEBUG_ANY,"Failed to initialize cipher %s in attrcrypt_init\n", ace->cipher_display_name, 0, 0);
+ slapi_ch_free((void **)&acs);
} else {
/* Since we succeeded, add the acs to the backend instance list */
attrcrypt_acs_list_add(li,acs);
@@ -476,7 +477,11 @@ attrcrypt_init(ldbm_instance *li)
}
}
- }
+ slapd_pk11_DestroyPublicKey(public_key);
+ public_key = NULL;
+ }
+ slapd_pk11_DestroyPrivateKey(private_key);
+ private_key = NULL;
} else {
if (li->attrcrypt_configured) {
LDAPDebug(LDAP_DEBUG_ANY,"Warning: encryption is configured in backend %s, but because SSL is not enabled, database encryption is not available and the configuration will be overridden.\n", li->inst_name, 0, 0);
diff --git a/ldap/servers/slapd/dynalib.c b/ldap/servers/slapd/dynalib.c
index 41dfaf91..4acae45b 100644
--- a/ldap/servers/slapd/dynalib.c
+++ b/ldap/servers/slapd/dynalib.c
@@ -154,7 +154,7 @@ symload_report_error( const char *libpath, char *symbol, char *plugin, int libop
errlen = PR_GetErrorTextLength();
if ( errlen > 0 ) {
- errtext = slapi_ch_malloc( errlen );
+ errtext = slapi_ch_malloc( errlen+1 );
if ( PR_GetErrorText( errtext ) > 0 ) {
LDAPDebug( LDAP_DEBUG_ANY, SLAPI_COMPONENT_NAME_NSPR " error %d: %s\n",
PR_GetError(), errtext, 0 );
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 1ef45039..eb0d0380 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -946,6 +946,8 @@ unsigned slapd_SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk);
SECStatus slapd_pk11_Finalize(PK11Context *context);
SECStatus slapd_pk11_DigestFinal(PK11Context *context, unsigned char *data,unsigned int *outLen, unsigned int length);
void slapd_SECITEM_FreeItem (SECItem *zap, PRBool freeit);
+void slapd_pk11_DestroyPrivateKey(SECKEYPrivateKey *key);
+void slapd_pk11_DestroyPublicKey(SECKEYPublicKey *key);
/*
* start_tls_extop.c
diff --git a/ldap/servers/slapd/security_wrappers.c b/ldap/servers/slapd/security_wrappers.c
index 628ad4d2..6cca6cea 100644
--- a/ldap/servers/slapd/security_wrappers.c
+++ b/ldap/servers/slapd/security_wrappers.c
@@ -374,3 +374,12 @@ slapd_SECITEM_FreeItem (SECItem *zap, PRBool freeit)
SECITEM_FreeItem(zap,freeit);
}
+void slapd_pk11_DestroyPrivateKey(SECKEYPrivateKey *key)
+{
+ SECKEY_DestroyPrivateKey(key);
+}
+
+void slapd_pk11_DestroyPublicKey(SECKEYPublicKey *key)
+{
+ SECKEY_DestroyPublicKey(key);
+}
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index 416dda70..b33b0ce8 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -593,6 +593,7 @@ slapd_ssl_init() {
slapd_SSL_warn("Security Initialization: Unable to get token ("
SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
errorCode, slapd_pr_strerror(errorCode));
+ freeChildren(family_list);
return -1;
}
@@ -603,6 +604,7 @@ slapd_ssl_init() {
slapd_SSL_warn("Security Initialization: Unable to find slot ("
SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
errorCode, slapd_pr_strerror(errorCode));
+ freeChildren(family_list);
return -1;
}
/* authenticate */
@@ -612,6 +614,7 @@ slapd_ssl_init() {
slapd_SSL_warn("Security Initialization: Unable to authenticate ("
SLAPI_COMPONENT_NAME_NSPR " error %d - %s)",
errorCode, slapd_pr_strerror(errorCode));
+ freeChildren(family_list);
return -1;
}
}
@@ -863,6 +866,10 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS)
CERT_DestroyCertificate(cert);
cert = NULL;
}
+ if (key) {
+ slapd_pk11_DestroyPrivateKey(key);
+ key = NULL;
+ }
slapi_ch_free((void **) &personality);
if (SECSuccess != rv) {
freeConfigEntry( &e );
generated by cgit (git 2.34.1) at 2024-10-06 06:52:09 +0000