From 1936aeb2993b52e216bc6281efa5e8b509dffbd1 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Fri, 3 Dec 2004 18:57:48 +0000
Subject: [PATCH] add sudo_ldap_close

---
 ldap.c         | 11 +++++++++++
 mon_systrace.c |  1 +
 sudo.c         |  4 +++-
 sudo.h         |  1 +
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/ldap.c b/ldap.c
index 1ec93456a..bee256291 100644
--- a/ldap.c
+++ b/ldap.c
@@ -979,3 +979,14 @@ int pwflag;
 
   return ret ;
 }
+
+/*
+ * shut down LDAP connection
+ */
+void
+sudo_ldap_close(v)
+VOID *v;
+{
+  if (v)
+    ldap_unbind_s((LDAP *)v);
+}
diff --git a/mon_systrace.c b/mon_systrace.c
index 21dce6b4f..ddb45b2c0 100644
--- a/mon_systrace.c
+++ b/mon_systrace.c
@@ -879,6 +879,7 @@ check_execv(fd, pid, seqnr, askp, cookie, policyp, errorp)
     if ((ld = sudo_ldap_open()) != NULL) {
 	sudo_ldap_update_defaults(ld);
 	validated = sudo_ldap_check(ld, 0);
+	sudo_ldap_close(ld);
     }
     if (!def_ignore_local_sudoers && !ISSET(validated, VALIDATE_OK))
 #endif
diff --git a/sudo.c b/sudo.c
index 126c1e62b..8bebd53ff 100644
--- a/sudo.c
+++ b/sudo.c
@@ -283,8 +283,10 @@ main(argc, argv, envp)
     cmnd_status = set_cmnd(sudo_mode);
 
 #ifdef HAVE_LDAP
-    if (ld != NULL)
+    if (ld != NULL) {
 	validated = sudo_ldap_check(ld, pwflag);
+	sudo_ldap_close(ld);
+    }
     /* Fallback to sudoers if we are allowed to and we aren't validated. */
     if (!def_ignore_local_sudoers && !ISSET(validated, VALIDATE_OK))
 #endif
diff --git a/sudo.h b/sudo.h
index ab1577cc9..f04a2a027 100644
--- a/sudo.h
+++ b/sudo.h
@@ -215,6 +215,7 @@ int sudo_ldap_check	__P((VOID *, int));
 void sudo_ldap_display_privs __P((void));
 void sudo_ldap_update_defaults __P((VOID *));
 VOID *sudo_ldap_open	__P((void));
+void sudo_ldap_close	__P((VOID *));
 #endif
 void set_perms		__P((int));
 void remove_timestamp	__P((int));
-- 
2.40.0