plug rootDSE info one-time leak

servers/slapd/bconfig.c

@@ -1509,7 +1509,7 @@ config_generic(ConfigArgs *c) {
 			break;
 
 		case CFG_ROOTDSE:
-			if(read_root_dse_file(c->argv[1])) {
+			if(root_dse_read_file(c->argv[1])) {
 				snprintf( c->msg, sizeof( c->msg ), "<%s> could not read file", c->argv[0] );
 				Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
 					c->log, c->msg, c->argv[1] );

servers/slapd/init.c

@@ -124,6 +124,7 @@ slap_init( int mode, const char *name )
 
 	switch ( slapMode & SLAP_MODE ) {
 	case SLAP_SERVER_MODE:
+		root_dse_init();
 
 		/* FALLTHRU */
 	case SLAP_TOOL_MODE:
@@ -274,10 +275,14 @@ int slap_destroy(void)
 
 	slap_sasl_destroy();
 
+	/* rootdse destroy goes before entry_destroy()
+	 * because it may use entry_free() */
+	root_dse_destroy();
 	entry_destroy();
 
 	switch ( slapMode & SLAP_MODE ) {
 	case SLAP_SERVER_MODE:
+
 	case SLAP_TOOL_MODE:
 
 		ldap_pvt_thread_mutex_destroy( &slap_counters.sc_sent_mutex );

servers/slapd/proto-slap.h

@@ -1412,12 +1412,15 @@ LDAP_SLAPD_V( const struct berval ) slap_dummy_bv;
 /*
  * root_dse.c
  */
+LDAP_SLAPD_F (int) root_dse_init LDAP_P(( void ));
+LDAP_SLAPD_F (int) root_dse_destroy LDAP_P(( void ));
+
 LDAP_SLAPD_F (int) root_dse_info LDAP_P((
 	Connection *conn,
 	Entry **e,
 	const char **text ));
 
-LDAP_SLAPD_F (int) read_root_dse_file LDAP_P((
+LDAP_SLAPD_F (int) root_dse_read_file LDAP_P((
 	const char *file));
 
 LDAP_SLAPD_F (int) slap_discover_feature LDAP_P((

servers/slapd/root_dse.c

@@ -375,13 +375,31 @@ fail:
 	return LDAP_SUCCESS;
 }
 
+int
+root_dse_init( void )
+{
+	return 0;
+}
+
+int
+root_dse_destroy( void )
+{
+	if ( usr_attr ) {
+		entry_free( usr_attr );
+		usr_attr = NULL;
+	}
+
+	return 0;
+}
+
 /*
  * Read the entries specified in fname and merge the attributes
  * to the user defined rootDSE. Note thaat if we find any errors
  * what so ever, we will discard the entire entries, print an
  * error message and return.
  */
-int read_root_dse_file( const char *fname )
+int
+root_dse_read_file( const char *fname )
 {
 	struct LDIFFP	*fp;
 	int rc = 0, lineno = 0, lmax = 0;
@@ -389,7 +407,7 @@ int read_root_dse_file( const char *fname )
 
 	if ( (fp = ldif_open( fname, "r" )) == NULL ) {
 		Debug( LDAP_DEBUG_ANY,
-			"could not open rootdse attr file \"%s\" - absolute path?\n",
+			"root_dse_read_file: could not open rootdse attr file \"%s\" - absolute path?\n",
 			fname, 0, 0 );
 		perror( fname );
 		return EXIT_FAILURE;
@@ -398,7 +416,7 @@ int read_root_dse_file( const char *fname )
 	usr_attr = entry_alloc();
 	if( usr_attr == NULL ) {
 		Debug( LDAP_DEBUG_ANY,
-			"read_root_dse_file: entry_alloc failed", 0, 0, 0 );
+			"root_dse_read_file: entry_alloc failed", 0, 0, 0 );
 		ldif_close( fp );
 		return LDAP_OTHER;
 	}
@@ -409,17 +427,19 @@ int read_root_dse_file( const char *fname )
 		Attribute *a;
 
 		if( e == NULL ) {
-			fprintf( stderr, "root_dse: could not parse entry (line=%d)\n",
-				lineno );
+			Debug( LDAP_DEBUG_ANY, "root_dse_read_file: "
+				"could not parse entry (file=\"%s\" line=%d)\n",
+				fname, lineno, 0 );
 			rc = EXIT_FAILURE;
 			break;
 		}
 
 		/* make sure the DN is the empty DN */
 		if( e->e_nname.bv_len ) {
-			fprintf( stderr,
-				"root_dse: invalid rootDSE - dn=\"%s\" (line=%d)\n",
-				e->e_dn, lineno );
+			Debug( LDAP_DEBUG_ANY,
+				"root_dse_read_file: invalid rootDSE "
+				"- dn=\"%s\" (file=\"%s\" line=%d)\n",
+				e->e_dn, fname, lineno );
 			entry_free( e );
 			rc = EXIT_FAILURE;
 			break;
@@ -453,7 +473,7 @@ int read_root_dse_file( const char *fname )
 
 	ldif_close( fp );
 
-	Debug(LDAP_DEBUG_CONFIG, "rootDSE file %s read.\n", fname, 0, 0);
+	Debug(LDAP_DEBUG_CONFIG, "rootDSE file=\"%s\" read.\n", fname, 0, 0);
 	return rc;
 }