s4:auth/kerberos/kerberos_pac.c - fix another memory leak regarding the KRB principal

In addition fix a counter type

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Dec  4 15:14:46 CET 2010 on sn-devel-104

diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 5e31c4596d3cf6cf6d76b48b4be31f007fa74592..23b875056b87c6d89737165623baf54cd451afb1 100644 (file)
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -93,7 +93,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
        DATA_BLOB modified_pac_blob;
        NTTIME tgs_authtime_nttime;
        krb5_principal client_principal_pac;
-       int i;
+       uint32_t i;
 
        krb5_clear_error_message(context);
 
@@ -316,9 +316,12 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
        if (!krb5_principal_compare_any_realm(context, client_principal, client_principal_pac)) {
                DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n",
                          logon_name->account_name));
+               krb5_free_principal(context, client_principal_pac);
                return NT_STATUS_ACCESS_DENIED;
        }
 
+       krb5_free_principal(context, client_principal_pac);
+
 #if 0
        if (strcasecmp(logon_info->info3.base.account_name.string,
                       "Administrator")== 0) {