Skip to content

Commit

Permalink
ldap_child: make sure invalid krb5 context is not used - 2.9.4
Browse files Browse the repository at this point in the history 
Resolves: #7715
  • Loading branch information
@sumit-bose
sumit-bose committed Nov 21, 2024
1 parent e63784b commit bdfb920
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/util/sss_krb5.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,7 @@ errno_t select_principal_from_keytab(TALLOC_CTX *mem_ctx,

kerr = sss_krb5_init_context(&krb_ctx);
if (kerr) {
krb_ctx = NULL;
error_message = "Failed to init Kerberos context";
ret = EFAULT;
goto done;
Expand Down Expand Up @@ -269,7 +270,7 @@ errno_t select_principal_from_keytab(TALLOC_CTX *mem_ctx,
}

done:
if (ret != EOK) {
if (ret != EOK && krb_ctx != NULL) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to read keytab [%s]: %s\n",
sss_printable_keytab_name(krb_ctx, keytab_name),
(error_message ? error_message : sss_strerror(ret)));
Expand Down

0 comments on commit bdfb920

Please sign in to comment.