Don't leak the reply key's memory during PKINIT

diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index ff564ff86bb0516ccced6abd521ae2a3fc8dd908..5db24dad37e516c472d32c0ad6503917b6f6d146 100644 (file)
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -1130,8 +1130,10 @@ pkinit_client_process(krb5_context context, krb5_clpreauth_moddata moddata,
         retval = pa_pkinit_parse_rep(context, plgctx, reqctx, request,
                                      in_padata, enctype, &as_key,
                                      encoded_previous_request);
-        if (retval == 0)
+        if (retval == 0) {
             retval = cb->set_as_key(context, rock, &as_key);
+            krb5_free_keyblock_contents(context, &as_key);
+        }
     }
 
     pkiDebug("pkinit_client_process: returning %d (%s)\n",