From c7cdc9b01c8913e9639d7031dc87bbe651d559c2 Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Fri, 22 Nov 2013 17:24:32 +0100
Subject: [PATCH] remote: Don't leak priv->tls object on connection failure

When testing SASL authentication over TLS with
virsh -c qemu+tls:///system list --all
I got this valgrind trace after entering wrong credentials:

==30540== 26,903 (88 direct, 26,815 indirect) bytes in 1 blocks are definitely lost in loss record 289 of 293
==30540==    at 0x4A081D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==30540==    by 0x4C7379A: virAllocVar (viralloc.c:558)
==30540==    by 0x4CBC178: virObjectNew (virobject.c:190)
==30540==    by 0x4CBC329: virObjectLockableNew (virobject.c:216)
==30540==    by 0x4E2D003: virNetTLSContextNew (virnettlscontext.c:719)
==30540==    by 0x4E2DC3F: virNetTLSContextNewPath (virnettlscontext.c:930)
==30540==    by 0x4E2DD5B: virNetTLSContextNewClientPath (virnettlscontext.c:957)
==30540==    by 0x4DDB618: doRemoteOpen (remote_driver.c:627)
==30540==    by 0x4DDC8BA: remoteConnectOpen (remote_driver.c:1031)
==30540==    by 0x4D8595F: do_open (libvirt.c:1239)
==30540==    by 0x4D863F3: virConnectOpenAuth (libvirt.c:1481)
==30540==    by 0x12762B: vshReconnect (virsh.c:337)
==30540==    by 0x12C9B0: vshInit (virsh.c:2470)
==30540==    by 0x12E9A5: main (virsh.c:3338)
---
 src/remote/remote_driver.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index df7558b9c0..6ad86c56fd 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -910,6 +910,10 @@ doRemoteOpen(virConnectPtr conn,
     virNetClientClose(priv->client);
     virObjectUnref(priv->client);
     priv->client = NULL;
+#ifdef WITH_GNUTLS
+    virObjectUnref(priv->tls);
+    priv->tls = NULL;
+#endif
 
     VIR_FREE(priv->hostname);
     goto cleanup;